SCOM 2016: Import management packs install button grayed out

March 20, 2017 at 5:04 pm in SCOM 2016 by Dieter Wijckmans

 

During one of my installations of SCOM 2016 I came across “a first” for me which I would love to share.

Apparently the default behavior has changed when importing Management packs in SCOM 2016 which are already in the management group. In SCOM 2012R2 it was possible to just import the management pack over the existing management pack which makes sense as these are sealed management packs. As long as the version is equal or higher there’s not an issue.

In SCOM 2016 however this behavior somewhat changed causing the install button when you import MP’s from disk staying grey not able to continue.

In my case I was importing the SQL management packs. Apart from the error that the catalog was not up to date I came across the situation below:

Capture01 

After trying to delete the already installed mp’s the other mp’s were actually complaining that they are missing their dependent mp’s as shown below:

Capture02

The solution I found to continue was in fact removing ONLY the “Microsoft SQL Server Visualization Library”. After that the install button magically became active and I could continue the install.

Capture03 

So in general if you can’t continue with the install make sure you try to remove the mp’s already in place. Start with the general ones and work your way down.

OMS: Getting the most out of OMS security features

February 24, 2017 at 12:55 pm in OMS by Dieter Wijckmans

 

Yesterday I hosted a workshop at Microsoft Belux about OMS security and compliancy features built-in in the OMS suite. It’s always nice to talk people through the different things which are included + give tips and tricks based on their questions.

As a lot of questions are returning I decided to bundle them in an overview blog post how you could effectively tune your environment. This is not a “how to” to setup OMS but just a summary of the small tips and tricks.

tips_tricks

If you need a full “how to” setup OMS security check here: https://docs.microsoft.com/en-us/azure/operations-management-suite/oms-security-getting-started

1. Add your IIS logs to the mix

A significant portion of the insights on how you are doing regarding security comes from you IIS logs. Assuming that you have an OMS agent installed and added to your workspace it is invaluable to send these logs to your workspace as well for indexing and feeding the different users which are taking benefit from this knowledge.

  • Install an agent on the web server and connect it to your workspace. (I’m assuming you know how to do this)
    • Open your workspace and open settings by clicking the gear icon on top of your workspaceprintscreen-24-02-2017 0000
    • Go to Data => IIS Logs => tick the box “Collect W3C IIS Log files. From this moment on your IIS logs will be gathered, uploaded to OMS and indexed. They will be automatically used to feed the security solution amongst other solutions.

          printscreen-24-02-2017 0001

    To show you how important / reliant the Security solution is on IIS log data I’ve included the stats in my workspace.
    Go to Security and Audit:

printscreen-24-02-2017 0002

    Scroll to the right to Threat Intelligence and click on the Detected threat types dial:
    printscreen-24-02-2017 0003
    So check in the left corner you can see that the type of data is almost 50% based on the IIS logs. So make sure to add them
    printscreen-24-02-2017 0004

    2. Limit the amount of security events uploaded to your workspace

    Another handy tip is limiting the amount of data sent to your workspace to protect your usage. It used to be only possible to send all or nothing but just recently there’s a filter added to what events will be uploaded.

    To select this filter go to your security and audit solution:

    printscreen-24-02-2017 0002

    Click the gear icon on top left corner:

     printscreen-24-02-2017 0006

    use one of the predefined filters:

    printscreen-24-02-2017 0007

    For more info on the filters click the “For additional details” link.

    To summarize the different filters check the different scenarios.

    I’ve added to the list of events which are included in each scenario for your reference:

    2-OMS-110816

    3. Check your usage (especially in a POC scenario)

    Adding the security logs can have a significant impact on your uploaded data in your workspace and can cause overage payments or bad POC due to suspension of your workspace due to breach of max amount data uploaded a day.

    To check the usage of the security events follow the following procedure:

    Go into the main screen of your workspace and select usage:

    printscreen-24-02-2017 0008

    Scroll to the middle of the screen and look for Data Volume by solution => click on “Security”

    printscreen-24-02-2017 0009

    Check the graph to see which machines are consuming the most of the usage and try to take corrective actions.

    printscreen-24-02-2017 0010 

    In summary

    These are just some tips and tricks to get the most out of your security solution. This solution is heavily dependant on other solutions (anti malware, compliancy,…) so the more solutions you deploy and configure the more clear the picture will be on how you are doing on the security field.

    Stay tuned for more tips and tricks which will help you to get the full grasp and value out of your OMS investments.

Speaking @ ITPROCEED 14/06/2016 in Mechelen

May 25, 2016 at 10:18 am in Uncategorized by Dieter Wijckmans

 

It’s that time of the year again! Everyone is waiting for the summer to hit Belgium (I heard it will happen on a Wednesday this year!). Have some time and relax… BUT… Not before we go out with a bang at ITPROceed!

This is THE not to miss event in Belgium focusing on ITPRO’s. This event will be packed with sessions of both national and international speakers who use their expertise and gathered knowledge to prepare you for the next steps in your ITPRO career. ITPROceed is organized by the different Belgian user groups and backed up by Microsoft.

All the new technologies which will revolutionize your ITPRO world will be showcased giving you a real look and feel what the next steps will be to move your environment forward.

I myself will give you insights in the world of OMS. My session is scheduled on the “Transform the datacenter” track. During a demo loaded session I’ll showcase how you can use the latest and greatest in OMS to get the insights and reports you want.

If you are interested in OMS and what it can do for your organization this is a not to miss session.

Ow and by the way… Did I mention the entrance is completely FREE! Number of tickets is limited so sign up today!

More info here: http://www.itproceed.be

OMS Webinar: Get insights in your big data 07/03/2016

February 26, 2016 at 4:43 pm in LiveMeeting, OMS by Dieter Wijckmans

 

printscreen-26-02-2016 0000

On 07/03/2016 I’ll be hosting another webinar on the excellent Microsoft Belux platform. This webinar about OMS will focus on getting the insights you need from the big data which resides in your workspace.

It’s basically a next step in your journey into a new way of creating your insights in your environment. This session will be filled with tips and tricks to select the correct solutions and create your first search queries to create something no one else can: your insights.

This session assumes you already have a basic knowledge of OMS and have already set up a workspace with data flowing into it. If not you can always check my get started fast series here: http://scug.be/dieter/2015/05/08/microsoft-operations-management-suite-quickstart-guide/

Hurry up as seats are unlimited and selling fast!

Register here and hopefully see you 7th of march at 10AM!

https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032737604&Culture=en-BE&community=0

SCU 2016: Prepare to have your mind blown!

December 24, 2015 at 4:47 pm in OMS, operations manager, SCOM, scu, scu2016 by Dieter Wijckmans

 

I got the news that I have the privilege (that’s how I definitely see it) to speak once again at SystemCenterUniverse in Dallas on the 19th of January 2016.

theoryxi

I consider this a huge privilege as I have a special relationship with this particular event. This is in fact where my wild journey through the System Center Universe as a speaker started. 2 years ago SCU held a fierce battle to determine who would be the new SCU_Jedi winning a session at this event… I was lucky enough to pull it off and suddenly I was presenting among the (what I consider) big shots in the System Center world…

Most of them are still presenting today if you look at the list of speakers it is quite impressive:

The first but not complete list: http://www.systemcenteruniverse.com/presenters.htm

As you can see al the usual suspects are there!

For the full agenda please check here: http://www.systemcenteruniverse.com/agenda.htm

this year again there’s a 2 track approach so you have the ability to cross over and see a session out of your comfort zone to learn really new cool stuff!

My session will be about the vast power of OMS and how it can create new possible insights in your environment. A truly not to miss session if you ask meSCUheader

Can’t fly in?

Too bad… You are missing out…

Not really! Because SCU is (I think) the only event who offers free streaming of the event over the web. There are even a lot of viewing parties organized near your location where you can easily follow the event from your location!

OK but why should I fly in then?

Well that’s very simple as well! IF you have the ability to fly in you get a chance to mingle with peers and talk to the speakers. There are no designated areas for speakers or whatsoever so everyone is really accessible to have chat or answer your questions…

So this is probably expensive right?

A full day of training on different subjects for only 150$ that’s a bargain if you ask me!

Last but not least

This is one of the events who are really embracing the social media (twitter, facebook,…) to reach out to attendees onsite but also across the world to engage during and after the event.

Make sure you follow: @scu2016 and #scu2016 on twitter for the latest updates and feeds!

 

Hopefully see you all there!

Use OMS to calculate SCCM patch window

December 23, 2015 at 4:12 pm in Azure, OMS, SCCM by Dieter Wijckmans

This blog post is part of the Coretech Global Xmas blogging marathon. To find all cool content please take a look at http://blog.coretech.dk/

Recently I have been exploring OMS a lot and came across a cool user scenario which really showcases the benefits of having all data in one place. Using this big data to connect the dots between different systems and creating even more insights in your environment and the relationships between the different systems.

One demo which really had some eyes popping was in fact the calculation of the SCCM patch window with OMS. A lot of people already know that there’s a specific System Update Assessment solution which points out which machines are missing which updates. But there’s more to this solution that meets the eye on first sight.

You can use this solution, but also the data gathered by OMS for all your updates, to calculate very precisely how long it will take to patch a particular machine to create a patch window accordingly.

Let’s get started shall we!

For this demo I presume you already have an active OMS subscription + workspace. For more info please refer to my OMS quick start guide to get you going fast: http://scug.be/dieter/2015/05/08/microsoft-operations-management-suite-quickstart-guide/

Log on to your workspace and make sure you have machines connected + the solution installed:

First click on Solutions Gallery:

printscreen-23-12-2015 0000

Find System Update Assessment Solution and make sure it is added to your workspace. If it’s not yet added make sure to click the icon and add in the next screen

printscreen-23-12-2015 0001

Make sure to add the Solution to your workspace

printscreen-23-12-2015 0002

If you add the Solution for the first time it will perform an Assessment to gather the data for your environment:

printscreen-23-12-2015 0003

When the Initial Assessment has been complete you will get your info on the tile which represents the System Update Assessment:

printscreen-23-12-2015 0004

TIP: No worries my environment is not that badly patched but if you are looking into taking this solution for a test drive you can always install Azure VM’s with an earlier image (a couple of patch Tuesday’s ago) to have a machine which is in fact missing updates)

Click on the tile to open the detailed pane shown below:

 

printscreen-23-12-2015 0005

Click on the Required Missing updates pane:

printscreen-23-12-2015 0006

The next window will give you by default a graphical overview of the patches missing + the days ago the patches were released. This gives you a nice overview of how severe your machines are not patched. You also get a nice pie chart to give you an overview on how many patches are missing + the category of the patches.

printscreen-23-12-2015 0007

Note on the right there’s an indication in minutes how long it will take on Average to install these missing updates:

printscreen-23-12-2015 0011

This is not just a “Guesstimate” but OMS is actually using data out of the logs collected by all machines to give you an accurate time of install of this particular set of patches missing on this machine.

The number (in this case 81) is indicating that in fact they have data for all patches missing regarding the install time they will take to install.

At this time you can clearly state that the machine will probably be patched in approximately 14 minutes. You can build in some margin but definitely don’t need an hour to patch this machine.

Create your own insights!

printscreen-23-12-2015 0012

This is just the pretty eye candy view of the Solution!

If you want to have the data by update you can dive into the big data gathered and create your own insights in your patch strategy. This can be achieved by using the “raw data” in the Search Query view and creating your own views. Let’s see how we can find out for example which patches will take more than 60 seconds to install so we can put them in a different patch group:

Click on “results” next to updates right underneath the search query window

printscreen-23-12-2015 0007

At this point you get the 81 results with all their data but… no install time?

 

printscreen-23-12-2015 0008

Click “Show More” on the bottom of the screen to unveil the InstallTimeAvailable / InstallTimePredictionSeconds / InstallTimeDeviationRangeSeconds properies

printscreen-23-12-2015 0009

 printscreen-23-12-2015 0010       

This is the data gathered for all the updates which are identified as missing on my systems.

InstallTimeAvailable: Will give you an indication whether enough data is gathered in the OMS system to give you an actual prediction of the install time. For new updates it can take some time to find the right data to be reliable to give you an accurate prediction of course.

InstallTimePredictionSeconds: This is the prediction based on all the data gathered through the OMS system (note this is not only based on your environment but across all environments connected to OMS showing the huge advantages of the Big Data approach of Microsoft Operations Management Suite.

InstallTimeDeviationRangeSeconds: Will give you an indication how much fluctuation is possible on the prediction. In this case the value is 0,83 meaning this can either be minus or plus.

Now to find out how many of the updates (81 of them) have an install time of more than 60 seconds we need to use the Search Query power:

Click in the Search Query window on the top of the screen and start typing Install at the end of the line:

printscreen-23-12-2015 0013

OMS will give you suggestions on which parameter you want to search. In this case we are going to search on “InstallTimePredictionSeconds =”

So just click on it to get it into the Search query as shown below. At this point we can put “Greater than” 60 and run the search query by clicking the search Icon on the right or hitting Enter:

printscreen-23-12-2015 0014

There we go… We have 6 patches will take longer than 60 seconds to install so we can take appropriate action regarding these patches in SCCM:

printscreen-23-12-2015 0015

 

This is just a small example of the huge amount of insights you can create with OMS to help you further tune the management of your environment.

OMS: Manage your Linux servers with OMS (step1)

November 3, 2015 at 8:28 pm in OMS by Dieter Wijckmans

 

Today the OMS agent installation bits for Linux came online in public preview giving OMS the possibility to pull in performance and event data into the OMS workspace from Linux machines.

This is basically the next step to get OMS to monitor your entire environment. It is a clear example of the possibilities of OMS to monitor your entire datacenter not bound by OS or system.

Where do I get it?

Log on to your workspace and go to your overview => settings => connected sources and download the Agent for linux:

printscreen-3-11-2015 0000

How do I install it?

Obviously you will need the access to your Linux machines.

The install docs can be found on github on this url: https://github.com/MSFTOSSMgmt/OMS-Agent-for-Linux

In general you just need to run these commands:

$> wget https://github.com/MSFTOSSMgmt/OMS-Agent-for-Linux/releases/download/1.0.0-47/omsagent-1.0.0-47.universal.x64.sh
$> md5sum omsagent-1.0.0-47.universal.x64.sh
$> sudo sh ./omsagent-1.0.0-47 --install -w <YOUR OMS WORKSPACE ID> -s <YOUR OMS WORKSPACE PRIMARY KEY>

What distro’s are supported?

The following distro’s are supported:

  • Amazon Linux 2012.09 –> 2015.09 (x86/x64)
  • CentOS Linux 5,6, and 7 (x86/x64)
  • Oracle Enterprise Linux 5,6, and 7 (x86/x64)
  • Red Hat Enterprise Linux Server 5,6 and 7 (x86/x64)
  • Debian GNU/Linux 6, 7, and 8 (x86/x64)
  • Ubuntu 12.04 LTS, 14.04 LTS, 15.04 (x86/x64)
  • SUSE Linux Enteprise Server 11 and 12 (x86/x64)

More will come pretty soon but the mainstream distro’s are already on there

Can I give feedback?

YES and you are very entitled to do so!

These are the channels to get your feedback / suggestions to Microsoft:

  • UserVoice: Post ideas for new OMS features to work on here
  • Email: scdata@microsoft. Tell us whatever is on your mind
  • Monthly survey: if you are an OMS customer, you know we send out a survey every month asking our customers about the features we’re working on next.
  • Elite Linux customer panel: If you are a die-hard OMS Linux user and want to join our weekly calls and talk directly to the product team apply through this survey.

 

What can I see in the OMS workspace?

printscreen-3-11-2015 0001

All data will flow in and your events and performance will be uploaded to your OMS instantly.

Expect a more detailed post in a short while. In the meanwhile just try it!

OMS phone app now available on all platforms: First look

October 22, 2015 at 3:03 pm in OMS, operations manager by Dieter Wijckmans

 

This is one thing I really like about the new strategy of Microsoft: All platforms (I know it’s not the official statement but still)

The OMS app was already available on WindowsPhone platform (in preview) and quite frankly it makes sense to actually develop for your own native platform first.

But today Microsoft has announced the availability of the OMS app across all the different platforms (Ios, android and winphone).

printscreen-22-10-2015 0003

The install is crystal clear as you are used to through the store.

More info here: http://blogs.technet.com/b/momteam/archive/2015/10/21/log-analytics-on-the-move.aspx

Direct link: http://www.microsoft.com/en-us/server-cloud/operations-management-suite/mobile-apps.aspx

NOTE: Fellow MVP Cameron Fuller has a blog post about the experience on an ipad here: http://blogs.catapultsystems.com/cfuller/archive/2015/10/21/the-microsoft-oms-experience-on-an-ipad/

A first look:

A couple of screenshots of the possibilities and look and feel on iPhone:

First start of the app (really like the look and feel):

20151022_123722000_iOS

Login screen looks very familiar:

20151022_123726000_iOS

Auto switch between corporate or personal

20151022_123747000_iOS

Signed in and detected that your workspaces, it’s indeed possible to switch between the different workspaces:

20151022_123814000_iOS

You have 3 options:

  • Dashboard: Is your personal dashboard which you can change by using the familiar pen icon
  • Overview: The general overview of you environment with all the solutions installed
  • Searches: Launch different searches in your workspace

Starts into your dashboard:

20151022_123653000_iOS

Overview:

20151022_123703000_iOS

Also possible in landscape :)

20151022_123830000_iOS

Searches:

20151022_123707000_iOS

Settings tab can be reached by tapping the 3 red dots on the top of the screen.

My wishlist:

  • Push notifications on home screen for predefined scenarios
  • Add new searches in the app to answer specific questions of people calling outside office hours
  • Ability to choose where to start (dashboard or overview)
  • change order of the solutions in the overview pane

Conclusion:

The app is intended as an extension / dashboard for your OMS workspace. It’s not possible to add servers or delete servers from your workspace nor add solutions. This is not a drawback in my opinion as you only want to see things happening in your workspace on the go. This is a first version of course but I had no issues installing and connecting it. I will keep an eye on the data usage on my cell phone plan though just to see how it will affect my usage of mobile data and of course my battery life.

Technet Belux Webinar: 16/10/2015: OMS, What’s it all about…

October 15, 2015 at 12:15 am in LiveMeeting, technet, Webinar by Dieter Wijckmans

It has been a while since I actually did a webinar for Technet Belux but it’s an honor and a privlege to be back on this platform answering one of the biggest question I get almost everyday at clients and at conferences:

“OMS, What’s it all about?”

During this session I’m going over the basics of the new OMS platform so you can be armed to position it in your environment or just have a starting point to start exploring the vast possibilities of OMS.

printscreen-0348

Expect the answers to the following questions during this session:

  • What can it do for me?
  • Do I need to take a look at it?
  • What can it do to make my life as an ITPRO easier?
  • Is this yet another tool that Microsoft is pushing us to use?
  • Will it replace my good old on prem SCOM solution?
  • ….

All these questions are actual questions I got from the community and clients.

“But hey… my question isn’t on there!”

No worries use the Q&A and get a chance to get yours answered!

So what are you waiting for? Make sure to register today to reserve your virtual seat for Friday 16/10/2015 as they are unlimited!

printscreen-0349

Register here: https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032679984&Culture=en-BE&community=0

Hopefully see you there!

 

RECORDING is live and can be found here: https://channel9.msdn.com/Blogs/BeLux-IT-Pro/OMS-Whats-it-all-about

SCOM: Add community power and keep the engine running…

July 28, 2015 at 5:11 pm in operations manager, SCOM, SCOM 2012 by Dieter Wijckmans

 

Let’s face it: a good program is like a car. You need to maintain it properly to keep it in running condition. Well this is also the case with SCOM. I visit a lot of clients and one of the main questions I get is in fact how to make sure SCOM stays healthy and running.

Field_maintenance_on_a_1956_model_Cessna_172

Well there are some indicators in SCOM itself suggesting that there are issues with the install but unfortunately they are easily missed or looked over.

So this is where the awesome SCOMunity steps in!

This post should become your one stop location to find some of the leading community management packs you’ll need to keep your SCOM environment going or at least very easily pinpoint where there are (potential) issues.

These are management packs I actually install at almost every client I visit:

TAO Yang’s Self Maintenance management pack

Tao has been an active member of the Scomunity for quite some time now  and his self maintenance management pack is already in version 2.4.0. This management pack features a lot of tasks and checks that every SCOM admin should perform but it’s always cool to have a management pack doing it for you. Before I used TAO’s management pack I had a standard PowerShell toolkit to automate some of the tasks but now if the customer approves it (remember it’s still an unsealed MP so sometimes you need approval of customers) I load up the management pack and configure it. TAO really went all in and included also a PDF to assist you in installing and configuring the MP.

image_thumb7

Image (Tao Yang)

Some of the tasks I like the most (this is not a full list but just to highlight the things I personally find handy in there):

  • Automatic scheduled distribution of agents across the  management servers. Even with the possibility to limit the amount of agents distributed between the management servers
  • Auto approve agents in management pending based on a input mask to make sure they are allowed in the MG.
  • Check whether a management server is placed in maintenance mode
  • Find orphaned alerts
  • ….

This is an invaluable management pack for every scom admin out there. Whether you are visiting a lot of clients and need to get a clear view on the health of the management group or have only one client. This will free up a lot of your time and also reduce the chance of problems because there are early warning systems build-in. More info here:

http://blog.tyang.org/2014/06/30/opsmgr-2012-self-maintenance-management-pack-2-4-0-0/

SCOM Health Check Reports V3 (Oskar Landman + Pete Zerger)

One of the other hard things to do is in fact give a small report to the SCOM admin / supervisor telling how SCOM is actually doing and whether things are well in your SCOM environment.

Just recently Oskar Landman and Pete Zerger have updated their SCOM Health Check reports to give you a proper status in one glance.

This set of reports will give you an even more in depth view how you’re environment is doing and what are the key points to work on to further enhance your environment. One of the key benefits is the fact that you can check in detail that every aspect of your dbase and what is coming into them is valid and not too much. This is really helpful if you start your noise cancelling to really focus on the big consumers concerning space and cpu time of your SQL dbase.

Make sure you read the manual thoroughly before proceeding as you need to take additional steps prior to installation.

More info here:

image_thumb12

Image (SystemCenterCentral)

Check the article here: http://www.systemcentercentral.com/scom-health-check-reports-v3/

Download here: https://gallery.technet.microsoft.com/SCOM-Health-Check-Reports-c32e8f93

Let’s crank up that download count because this is definitely something you need in your SCOM environment

TAO Yang’s SCOM datawarehouse health script

This one is clean and simple. All the different things you would need to check on your datawarehouse but actually probably never did combined in a PowerShell script.

All the different aspects of what you need to know about your Datawarehouse are reported and gathered on a html page. This is one of the things you actually need to do at every customer site you come across to get an instant view on how the datawareshouse and more important the SCOM environment is setup and performing.

More info can be found here: http://blog.tyang.org/2015/06/11/opsmgr-2012-data-warehouse-health-check-script/

In conclusion

These are just 3 community provided tools which are freely available to help you get more insight in your environment or the environment you need to troubleshoot.

Special thanks goes out to TAO Yang, Oskar Landman and Pete Zerger in particular to invest their time in making these solutions possible / available and of course also thanks to all the other active community members who keep developing new things for SCOM and system center in general.

If you are just starting with SCOM: This is not an exhaustive list of all the add-ons out there. If you are looking for a 1 place stop to start your journey take a look at my: SCOM Link overview blog which is currently under revision: http://scug.be/dieter/2012/12/30/scom-2012-overview-link-blog/