Tag: VMware

NiCE VMware addendum

'NiCE VMware addendum' enhances VMware monitoring, tuning alerts to 'manual intervention' required alerting. 
‘NiCE VMware addendum’ enhances VMware monitoring, tuning alerts to ‘manual intervention’ required alerting.

‘NiCE VMware addendum’ enhances VMware monitoring, tuning alerts to ‘manual intervention’ required alerting. The NiCE folks have been around for some time as a trusted Microsoft partner, creating additional monitoring functionality across Microsoft products.  Having completed a number of projects implementing the VMware pack, it’s time to share the configuration and alert report capabilities.

 

Quick Download HTTPS://GITHUB.COM/THEKEVINJUSTIN/NICEVMWAREADDENDUM/

Changes to Nice vmware pack

Key breakdown of VMware ESX environment monitoring

NiCE VMware monitoring features for ESX, vSphere, vSAN environments
NiCE VMware monitoring features for ESX, vSphere, vSAN environments

 

Adjustments to vendor pack to further the mantra ‘alert when manual intervention required’.

Set monitor alerts to multiple samples over an hour (i.e. compute and performance of ESX environment)

Reports by team (requires regular expression updates for environment servers owned by each team)

Monitor reset logic, and service monitorType (count logic for X failures over Y time, before alert)

Overrides to change vendor pack provided discoveries, rules, monitors

Remove alert noise for unmanaged objects in ESX environment

 

Customize pack for environment

Customize the ‘NiCE VMware addendum’ pack for specific environment. This means updating group discoveries, and GUIDs for group specific overrides.  Further updates are required to update server naming conventions for team virtualization reports.

Classes/groups created for pack

VMware classes included for additional customization.

Discoveries

Breakout of Discoveries that need pattern updates to match

Find/Replace ##ESXHostDataStoreNamingConventions## with names to exclude

Example of regular expressions for multiple customers

VMware Group Seed Classes defined in the addendum.

 

Update disable guest machine alerts

Disable guest machines in ESX environment to disable alerts.

Find ##ESXGuestServersDiskUsageNamingConventions##

Replace with relevant guest naming conventions

 

Example template/guest/virtual machine names typically disabled

Update discovery to disable alerts on object names of virtual machines in ESX environment.

 

Service MonitorType

Service MonitorType adds Samples and Intervals to alert after consecutive failures (x failures in y minutes then alert )

VMware service MonitorType defined in the addendum.

Rules, Monitors, Recoveries

List of workflows used to troubleshoot/resolve problems

VMware addendum rules, VMTools monitor, and recovery components included.

 

 

Documentation

NiCE VMware management pack https://www.nice.de/nice-vmware-mp/

 

VMwareTools OpenSSL vulnerabilities

Extra Extra read all about it, VMwareTools OpenSSL vulnerabilities!

Extra Extra read all about it, VMwareTools OpenSSL vulnerabilities!

Update VMwareTools to solve OpenSSL vulnerabilities CVE-2023-3446, CVE-2023-2975.  The ‘VMwareTools OpenSSL vulnerabilities’ showed up two (2) weeks ago, but it took about a week for the update to post.  Latest Tenable scan article shows OpenSSL update to v3.0.10 required for VMware Tools.

 

 

Update VMwareTools

Start with the Security scan and the plugin ID to mitigate ‘Tenable Scan output of OpenSSL PlugIn ID documenting problems’

Tenable Scan output of OpenSSL PlugIn ID documenting problems
Tenable Scan output of OpenSSL PlugIn ID documenting problems

Talk with your security team to identify the offending path for guidance on which application might be the culprit.   The diagnostic/debug details can be a lifesaver!

Snippet of Tenable OpenSSL path from scan diagnostic of OpenSSL vulnerabilities
Snippet of Tenable OpenSSL path from scan diagnostic of OpenSSL vulnerabilities

Newer version of VMwareTools required to fix OpenSSL vulnerabilities.

Originally, no VMwareTools update posted
Originally, no VMwareTools update posted

VmWare tools v12.6 resolves CVE-2023-3446, CVE-2023-2975.  Hopefully your virtualization team uses an Endpoint Manager to manage server configurations, and they have an application/package wrapper to install VMwareTools without this being a manual process

Either way, you’ll have to download the update download link

VmWare tools v12.6 has OpenSSL update to resolve CVE-2023-3446, CVE-2023-2975

VmWare tools v12.6 has OpenSSL update to resolve CVE-2023-3446, CVE-2023-2975

Follow VMware’s knowledge base (KB) ‘how to’ article ‘how to’ install VMWare Tools

I typically link this with the monthly patches, where a single reboot puts all the patches into a fresh boot (applying the configuration).

 

 

Documentation/Links

Tenable article OpenSSL 3.0.0 < 3.0.10 Multiple Vulnerabilities | Tenable®

VMware KB article ‘how to’ install VMWare Tools

Security Content Automation Protocol (SCAP) download

How to install OpenSSL in windows 10? – Stack Overflow

Nutanix Monitoring on SCOM or OMS

Comtrade has been around quite some time now delivering custom management packs, in my experience for everything Citrix, F5 now, and Nutanix for SCOM and OMS.

Their profile is accurate in my opinion “The SCOM Extension Specialists”

Comtrade’s Channel Profile states “we natively integrate with System Center Operations Manager, providing a comprehensive monitoring of network (F5) and hyperconverged infrastructure (Nutanix) with insight into Citrix and Microsoft applications.”

Note: These MP’s are not free.  Contact for a trial key and download.

 

If you use Nutanix hosts, this will provide insights on configuration, logs, resource performance, and overloaded clusters/hosts

SCOM MP dashboards don’t look that much different, but provide easy insight into your virtual environment

 

How the solution works

OMS specifically

 

 

OMS Dashboard

 

 

Log Analytics

 

 

OMS Hardware Dashboard

 

 

Cluster Performance

 

 

Host Summary

 

 

 

Additional information

Nutanix Monitoring on OMS by Comtrade https://www.comtradesoftware.com/nutanix-monitoring/comtrade-oms-solution/

Nutanix OMS Solution https://blogs.technet.microsoft.com/msoms/2017/05/16/announcing-the-general-availability-of-oms-solutions-for-nutanix-by-comtrade-software/

Webinar https://www.brighttalk.com/webcast/14061/227057

Datasheet https://www.comtradesoftware.com/wp-content/uploads/2017/03/Comtrade-Software-OMS-Nutanix-Datasheet.pdf

SCOM MP information https://www.comtradesoftware.com/nutanix-monitoring/scom-management-pack/

 

 

Getting Started with OMS – Operations Manager Suite

How do you make sure the business you’re in is productive and making widgets?

 

What does OMS do?

Acronym:  OMS – Operations Manager Suite

IMHO

Answer:  Pretty much anything you can imagine to help provide a single pane of glass into what is happening in your IT environment.

Do you use System Center?

You can tailor OMS to any solution in the Solutions gallery, and you can even request solutions and functionality in the UserVoice website.

 

Ready to dig into OMS, even if you’re not cloud based?

 

OMS has four basic services

 

Learn more about the OMS solutions

Verify OMS managed Computers link

Capacity and Performance (HyperV) link

Service Map link

How to be heard link

 

 

Additional information

OMS Overview Azure Monitor overview

Channel 9 videos https://channel9.msdn.com/Shows/OMS-TECH-Fridays
OMS Blog https://blogs.technet.microsoft.com/msoms/