Book Image

Microsoft Operations Management Suite Cookbook

By : Chiyo Odika
Book Image

Microsoft Operations Management Suite Cookbook

By: Chiyo Odika

Overview of this book

Microsoft Operations Management Suite Cookbook begins with an overview of how to hit the ground running with OMS insights and analytics. Next, you will learn to search and analyze data to retrieve actionable insights, review alert generation from the analyzed data, and use basic and advanced Log search queries in Azure Log Analytics. Following this, you will explore some other management solutions that provide functionality related to workload assessment, application dependency mapping, automation and configuration management, and security and compliance. You will also become well versed with the data protection and recovery functionalities of OMS Protection and Recovery, and learn how to use Azure Automation components and features in OMS. Finally you will learn how to evaluate key considerations for using the Security and Audit solution, and working with Security and Compliance in OMS. By the end of the book, you will be able to configure and utilize solution offerings in OMS, understand OMS workflows, how to unlock insights, integrate capabilities into new or existing workflows, manage configurations, and automate tasks and processes.

Related Content you might be interested in

Current Title:

Small book image
Microsoft Operations Management Suite Cookbook
Chiyo Odika
Apr, 2018 | 448 pages
Small book image
Learn Microsoft Azure
Mohamed Waly
Dec, 2018 | 354 pages
Small book image
Microsoft System Center Data Protection Manager Cookbook
Charbel Nemnom | Patrick Lownds
Dec, 2018 | 424 pages
Small book image
Implementing Microsoft Azure Infrastructure Solutions: Exam Guide 70-533
Meacutelony Qin
Aug, 2018 | 516 pages
Table of Contents (11 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Getting Started with Microsoft Operations Management Suite
Getting Started with Microsoft Operations Management Suite
Introduction
Understanding OMS architecture and data flow
Connecting sources without internet access to OMS
Getting started with OMS
Reviewing the collected data
2
Searching and Analyzing OMS Data
Searching and Analyzing OMS Data
Introduction
Understanding the Azure Log Analytics query language
Working with queries in the Analytics portal
Working with visualizations
3
Managing Alerts in OMS
Managing Alerts in OMS
Working with search queries and alert rules
Configuring alert actions and notifications
Using automation with alert rules
Using ITSM Actions
Working with the Alert Management solution
4
Protecting and Recovering Data with OMS
Protecting and Recovering Data with OMS
Understanding Backup and Recovery with OMS
Working with Azure Backup
Working with ASR
Protect and Replicate Hyper-V VMs
Replicate Physical Servers and VMWare VMs
Configure Recovery plans
Configure failover and failback
5
Configuration Management and Automation with OMS
Configuration Management and Automation with OMS
Working with Process Automation
Configuration management with Azure Automation
Working with OMS Automation and Control solutions
6
Working with Security and Compliance in OMS
Working with Security and Compliance in OMS
Introduction
Using the Security and Audit solution
Understanding Security and Audit data
Using the Antimalware Assessment solution
Using baseline assessment
Using the Update Management solution
7
Using Wire Data 2.0 and Service Map
Using Wire Data 2.0 and Service Map
Introduction
Using Wire Data 2.0
Using Service Map
8
Exploring Other Management Solutions
Exploring Other Management Solutions
Introduction
Installing other management solutions
Reviewing other Management solutions
Log Analytics assessment solutions
9
Cross Platform Management with OMS
Cross Platform Management with OMS
Introduction
Connect Linux to OMS
Linux data collection and metrics
Collect Zabbix and Nagios alerts
Work with syslog data
Monitor containers with OMS Log Analytics
10
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Reviewing the collected data

After you connect sources to your workspace and define the type of data that will be collected from your connected sources through the data sources, Log Analytics will start to collect data based on these criteria and the solutions that you have installed in your workspace, and you will start to see the relevant data in your workspace.

How to do it...

You can start by reviewing the solution-specific data in your workspace:

  1. In the OMS console, review the solution tiles in your workspace that correspond to the solutions you have installed in your workspace.
  2. Click the Security And Audit solution tile to enter the Solution View page.
  3. Once on the page, Log Analytics will present you with a list of recommended alerts that relate to the solution. Click Enable alerts to enable the recommended alerts for the solution, and click Ok to close the Recommended alerts panel:
Figure 1.37 - Security & Audit solution dashboard
You can view and manage all of your alerting rules by navigating to Settings | Alerts.
Figure 1.38 - Log Analytics workspace overview page
  1. On the Security and Audit page, review the visualization elements that comprise the view of the solution. Also, note the common security queries tile that suggests queries for specific security and audit scenarios.
  2. Repeat steps 1-4 for any additional solutions in your workspace.
  3. From the OMS overview page, click Log Search.
  1. In the Log Search page, enter the search * character query into the search field and click Search:
Figure 1.39 - OMS Log Analytics log search

The query returns results that are displayed in the Query Results field. You will also see various data types and field values on the left side of the Log Search page:

  1. Click on the Perf data type on the left side of your screen to return performance data. Note that when you make this selection, the log search modifies the query search to reflect your selection.
  1. Click on the Table perspective to see a different view of the resulting dataset:
Figure 1.40 - Log Analytics performance data records

How it works...

Once data is collected in OMS, it is stored in the OMS data store as records. Records that are collected by the various data sources configured for a workspace will have unique properties, and will get tagged with a unique Type property that identifies that data record as being from a particular data source. For instance, Windows event log data, once collected in the OMS repository, will be assigned a tag of type Event. This means that in Log Analytics, you can search for non-security Windows event logs by specifying a query, such as Event, as the where condition for your filter. Similarly, performance counter data will get tagged as data of type Perf, and you can use the query Perf to filter for this sort of data.

All of the data collected in the OMS repository is tagged as such, and you can filter for any type of data once you know what the tag value, or type, of data it is. The OMS log search can enable you to further shape, filter, aggregate, and glean insights from your data. In the next chapter, you will learn how to use the OMS log search to glean insights from your data. You will also learn how to analyze and visualize your data using OMS and complementary tools.

See also

Previous Section
End of Chapter 1
Next Chapter