SCOM 2016 Server integration with Azure OMS (Operations Management Suite)

Dear friends if you already have an on premise SCOM infrastructure it’s good idea to leverage that infrastructure and connect with the Azure log analytics. Azure OMS log analytics gives extended capabilities to manage your on premise infrastructure. This allows you leverage the opportunities of OMS while continuing to use Operations Manager.

If you are an old SCOM admin you can still use your existing SCOM server to monitor the workloads and integration with OMS will really help because by using the speed and efficiency of OMS in collecting, storing, and analyzing data from Operations Manager. OMS helps correlate and work towards identifying the faults of problems and surfacing recurrences in support of your existing problem management process.

OMS has very rich dashboard and reporting capabilities which complement the SCOM Server.

A standard architecture is as follows:

Fig: OMS integration with SCOM

Now before we plan our deployment we should note the system requirement

  • OMS only supports Operations Manager 2016, Operations Manager 2012 SP1 UR6 and greater, and Operations Manager 2012 R2 UR2 and greater. Proxy support was added in Operations Manager 2012 SP1 UR7 and Operations Manager 2012 R2 UR3.
  • All Operations Manager agents must meet minimum support requirements. Ensure that agents are at the minimum update, otherwise Windows agent traffic may fail and many errors might fill the Operations Manager event log.
  • An OMS subscription.

Network requirement

Below is the network requirement for OMS connectivity with the on premise SCOM server

Resource Port number Bypass HTTP Inspection
Agent
*.ods.opinsights.azure.com 443 Yes
*.oms.opinsights.azure.com 443 Yes
*.blob.core.windows.net 443 Yes
*.azure-automation.net 443 Yes
Management server
*.service.opinsights.azure.com 443
*.blob.core.windows.net 443 Yes
*.ods.opinsights.azure.com 443 Yes
*.azure-automation.net 443 Yes
Operations Manager console to OMS
service.systemcenteradvisor.com 443
*.service.opinsights.azure.com 443
*.live.com 80 and 443
*.microsoft.com 80 and 443
*.microsoftonline.com 80 and 443
*.mms.microsoft.com 80 and 443
login.windows.net 80 and 443

Today we will see how we can create a Log Analytics Account in Azure and proceed further with this integration.

To start with please go to Azure Portal and  search for the log analytics icon as shown below

In the next step you will find the log analytics dashboard

Once you will click on the create log Analytics Button you can see the following screen.

In the next step please fill the required information.

For pricing information related to Azure OMS please click on the following article.

Once you click on the ok button you will find the following

After the successful deployment of the workspace you should be able to see the following screen.

The free tier has the following pricing information.

It has 500 MB of Daily limit and data retention of 7 days however I am not sure how much it will charge per node. We need to verify with billing team.

You can click on the OMS Portal Icon to directly go the OMS portal, as you can see below

To know more about how to configure alerts in OMS you can read my old post here

Once you click the OMS portal it will show the following screen

Since the OMS workspace is ready our next step will be to connect OMS with the SCOM server. We have the SCOM 2016 server deployed in our environment. We can work with that server and configure the connectivity with the whyazure workspace which we have just created.

Connecting Operations Manager to OMS

Perform the following series of steps to configure your Operations Manager management group to connect to one of your OMS workspaces.

  1. In the Operations Manager console, select the Administration workspace.
  2. Expand the Operations Management Suite node and click Connection.

  3. Click on Register Operations Management Suite Link as shown below

  1. In the next step login to OMS portal to register with your Azure Active Directory Credential as shown below. This is a wizard which will to take you to next steps.

Now this was a problem for me while installing since I was using MFA (Multi Factor Authentication) the authentication process required that JavaScript and Cookies are enabled in the IE. So I have to make some changes in the IE settings so that I will get the phone call in my mobile for the MFA. Once I have passed the MFA, I can go to the next step.

In the next step select the OMS Workspace as shown below

Click on Next and you will see the following screen

Now click on Create button and you will see the following screen

Now you can click on close and the OMS will be connected to SCOM.

So we are done with connection between the SCOM server and OMS and everything looks good so far.

Now to cross verify if your SCOM data source has been configured with OMS, you can log into the OMS portal and it will show the following.

If you go to the settings it will show the following screen

In the System Center tab it is showing SCOM management server name.

You can also cross verify by the following way from SCOM Monitoring console

From the Monitoring view, navigate to the Operations Management Suite\Health State view. Select a Management server under the Management Server State pane, and in the Detail View pane confirm the value for property Authentication service URI matches the OMS Workspace ID.

Now we need to add few computers however there is a strange issue, the search button is missing. After spending lots of time in debugging this problem I found an article which mentioned it’s a product bug and Microsoft is investigating the issue.

Here is the article which describes the issue.

Some customers have reported that the Search button in the Computer Search dialog box is missing. We are currently investigating this. As a temporary workaround, click in the Filter by (optional) edit box, and then press the Tab key to get to the invisible search button. Then, you can activate the button by pressing the <Spacebar> or <Enter> key.

Once I follow the above technique I can see all the computers which are currently I am monitoring with SCOM.

I have selected few of them which I need to monitor and click on the Add Button and it will show the list

In the manage computers page it’s showing all of them which I have selected

In the OMS console also I can see the on premise computers are showing. As here you can see below

If you click on the 2 ON-PREMISE computers you can see the following screen

We can also define a period for the log search as shown below

If you export the data to excel it will show a table similar to this

SourceSystem TimeGenerated MG ManagementGroupName SourceComputerId Category Computer OSType OSMajorVersion OSMinorVersion Version SCAgentChannel IsGatewayInstalled ComputerIP RemoteIPLongitude RemoteIPLatitude RemoteIPCountry ComputerEnvironment id Type
OpsManager 2017-09-02T14:39:24.56Z 605a8ae6-c9be-4d5d-b771-af61c95d61b0 SCOM_2016 4d1dd458-4c07-005d-f356-c62283291a8e SCOM Agent WAI-SQL01.whyazure.in Windows

10

0

8.0.10918.0 Direct

FALSE

106.51.58.228

77.64

12.91

India Non-Azure 109e49ce-b85a-e743-0d38-ca0feace2ebc Heartbeat
OpsManager 2017-09-02T14:39:24.007Z 605a8ae6-c9be-4d5d-b771-af61c95d61b0 SCOM_2016 f1ceb243-c787-cccc-376b-de24d62b6219 SCOM Agent WAI-SQL02.whyazure.in Windows

10

0

8.0.10918.0 Direct

FALSE

106.51.58.228

77.64

12.91

India Non-Azure abb55c62-e2d5-5576-fb3e-cc3faa34969e Heartbeat

Now all the on premise computers are present in OMS you can configure any alerts for them referring my article about them by clicking this link.

That’s all for today, I will bring more articles on hybrid infrastructure monitoring with OMS and SCOM. Stay tuned till then.

5.00 avg. rating (98% score) - 4 votes
Tags:,