When using Microsoft technologies in your enterprise IT stack, you have a few native options for systems monitoring and alerts. Two recent product developments — folding Operations Management Suite (OMS) functionality into Azure Monitor, as well as the release of the new SCOM 2019 — have reignited the debate to determine whether Azure Monitor can entirely replace the long standing, good-old SCOM (System Center Operations Manager).
In a way, I feel this comparison is a bit unfair, like comparing apples with oranges. Ultimately the two products can work together and overlap in order to eliminate monitoring gaps in your environment. So which monitoring solution would work the best for your enterprise? Let’s try to figure out!
Azure Sentinel is Microsoft's cloud-native SIEM (Security Information and Event Management) service with built-in AI analytics. It reduces the cost and complexity to provide a single pane of glass to get central and near real-time view of your whole environment.
Threats related to infrastructure, networking, users, and applications can be monitored via Azure Sentinel. As a cloud-native service, it scales as per your needs. It collates the data from your environment on-premises, in Azure, and any third party cloud providers. It uses Microsoft Threat Intelligence to analyze all the signals and filters out the noise from actual relevant alerts.
This two part blog series will introduce you to Azure Sentinel and show you how to get set up with the service and start exploring its many features.
Whatever your cloud or virtualization platform of choice, you can implement tags on your resources in order to easily apply configuration changes or search by group.
As multi-cloud environments continue to become more and more popular and your virtual servers, storage, and associated components sprawl across various providers, efficient governance becomes even more critical.
By implementing a cloud resource tagging policy, you lay the groundwork to consistently apply automated or manual actions relating to allocation, reporting, chargeback, compliance, security, patching, software installation, and even decommissioning or scaling resources when required.
Alert Rules in Azure are a tool to let you know when some condition of your choice has occurred within any given component of your Azure infrastructure. In other words, they alert you to potential problems so you can remedy them before anything serious goes wrong.
Have you ever had the tedious task of creating multiple alerts for all of the resources in your subscription? Let me tell you, it is really time consuming to create them from scratch one by one.
I have a PowerShell Script that can Target and Create specific metric alerts for the resources you define inside of the script, making it much simpler to create a large amount of alerts at one time.
Skip down to the script if you’re familiar with Alerts already. If you aren’t here’s an overview on how they work.
One key concept to master when dealing with cloud, containerized, or otherwise software-defined infrastructure is Infrastructure as Code. This may seem strange at first. After all, your code runs on top of infrastructure, right?
Infrastructure as code (IaC) works in practice by managing your computing resources — virtual machines, storage, networking, and all the associated policies for security and such — in the same manner as you treat your code. This packages everything necessary for your application, from the code and assets to the underlying infrastructure itself, together into what works functionally as a single deployment.
Just as DevOps combined development and operations into one entity, IaC combines code and infrastructure as one.
Kubernetes has been kicking around since Google made it open source in 2014. Like many technologies it has taken some time to go mainstream, but with the rapid adoption of containers by many enterprise organizations, Kubernetes (or k8s) has become extremely popular as a method to manage, scale, and deploy containers across host platforms.
If you aren’t very familiar with Kubernetes, here’s why you might be interested in the platform and why it has proven essential to large scale containerized IT applications.
Sometimes you want to trigger a specific action when something is detected by one of your alert rules inside of Azure. If you want to immediately remediate the specific issue you are facing normally you would have to login to the machine once you receive the alert, but by using an Azure Automation account you don’t have to take any additional steps to fix whatever threw the alert — just create your script and leave it to run whenever the alert is triggered. As simple as that.
This works perfectly when you need to resolve a common issue with a trusty PowerShell script that you have often used. This method will save you time and effort; you can rest assured that the issue is being taken care of with the help of a Custom Script Extension.
Running a custom script on a specific machine when an alert is triggered in Log Analytics is quite easy. Here are the following steps you need to follow to achieve this.
You may be familiar with Microsoft Operations Management Suite (OMS) — a management system that works to simplify your IT processes. Troubleshooting, change tracking, and updates are just a few common IT tasks that OMS could handle. OMS components brought together backup services, site recovery, log analytics, and automation and are available for hybrid, multi-cloud, and on-premises environments.
Microsoft deprecated OMS as of January 2019, moving all functionality into the Azure portal. Learn more about why OMS and the new Azure portal are useful for your IT workflow and what has changed with the migration to Azure.
Cloud-native automation and orchestration tools make IT administration easier — at least once you know what you’re doing. While there is also some concern among the ranks of cloud technicians that automation could lead to job losses, by mastering the tools available you make yourself more valuable, while also finding and executing on efficiencies. Cloud automation is a win-win.
But where should you begin when it comes to automating your cloud environment? There are many moving parts in an enterprise cloud deployment, even within specific application clusters.
These are the three easiest targets for automation and orchestration.
When you decide to move your Exchange environment to the cloud, you might be confused to discover that you still need to maintain an on-premises Exchange server. There are several reasons for this, stemming from the migration process and on to Identity Management.
If you’re moving from an active on-premises Exchange deployment, you’ll first configure an interim “Exchange Hybrid” environment which hosts mailboxes within Exchange Online and your local Exchange server. The two locations share namespace, address books, free-busy, calendars, really every Exchange functionality is synced between them. Mail flow and other functions appear to be internal, but might actually be processed and stored in the cloud environment.