When using Microsoft technologies in your enterprise IT stack, you have a few native options for systems monitoring and alerts. Two recent product developments — folding Operations Management Suite (OMS) functionality into Azure Monitor, as well as the release of the new SCOM 2019 — have reignited the debate to determine whether Azure Monitor can entirely replace the long standing, good-old SCOM (System Center Operations Manager).
In a way, I feel this comparison is a bit unfair, like comparing apples with oranges. Ultimately the two products can work together and overlap in order to eliminate monitoring gaps in your environment. So which monitoring solution would work the best for your enterprise? Let’s try to figure out!
This is Part Two and the final entry in our introductory blog series on Azure Sentinel, Microsoft's new Security Information and Event Management (SIEM) tool for Azure environments. Read Part One here for information on what Sentinel is, how to set it up, and how to begin importing data from your Azure PaaS and IaaS.
In Part Two, we'll examine deeper functionalities within Sentinel including Machine Learning, queries, and automation.
This blog series shows you how to quickly import vital components for configuring and scheduling your patches using Beekeeper automation. Last week we looked at how to import data, this week we will demonstrate how to import a schedule for your patches.
When you enter data into Beekeeper Patching Automation, you use the UI to add servers groups, Windows Failover Clusters, and Exchange DAGs. Then, you assign validation tasks to these server groups or clusters. To create the execution job, you assign the server groups or clusters to a schedule. This can be time consuming.
I have created PowerShell scripts to do these tasks. In a series of blog posts, I will share these PowerShell scripts and go over their usage.
The first PowerShell script will export servers from an SCCM collection into a CSV. Then another script will import that CSV to create the appropriate Application groups, Windows Failover Clusters, or Exchange DAGs.
Whatever your cloud or virtualization platform of choice, you can implement tags on your resources in order to easily apply configuration changes or search by group.
As multi-cloud environments continue to become more and more popular and your virtual servers, storage, and associated components sprawl across various providers, efficient governance becomes even more critical.
By implementing a cloud resource tagging policy, you lay the groundwork to consistently apply automated or manual actions relating to allocation, reporting, chargeback, compliance, security, patching, software installation, and even decommissioning or scaling resources when required.
One key concept to master when dealing with cloud, containerized, or otherwise software-defined infrastructure is Infrastructure as Code. This may seem strange at first. After all, your code runs on top of infrastructure, right?
Infrastructure as code (IaC) works in practice by managing your computing resources — virtual machines, storage, networking, and all the associated policies for security and such — in the same manner as you treat your code. This packages everything necessary for your application, from the code and assets to the underlying infrastructure itself, together into what works functionally as a single deployment.
Just as DevOps combined development and operations into one entity, IaC combines code and infrastructure as one.
Sometimes you want to trigger a specific action when something is detected by one of your alert rules inside of Azure. If you want to immediately remediate the specific issue you are facing normally you would have to login to the machine once you receive the alert, but by using an Azure Automation account you don’t have to take any additional steps to fix whatever threw the alert — just create your script and leave it to run whenever the alert is triggered. As simple as that.
This works perfectly when you need to resolve a common issue with a trusty PowerShell script that you have often used. This method will save you time and effort; you can rest assured that the issue is being taken care of with the help of a Custom Script Extension.
Running a custom script on a specific machine when an alert is triggered in Log Analytics is quite easy. Here are the following steps you need to follow to achieve this.
Cloud-native automation and orchestration tools make IT administration easier — at least once you know what you’re doing. While there is also some concern among the ranks of cloud technicians that automation could lead to job losses, by mastering the tools available you make yourself more valuable, while also finding and executing on efficiencies. Cloud automation is a win-win.
But where should you begin when it comes to automating your cloud environment? There are many moving parts in an enterprise cloud deployment, even within specific application clusters.
These are the three easiest targets for automation and orchestration.
Bruce is a 45-year-old IT manager, with twenty years experience working for ACME Power. Bruce has three photos on his desk – one of his wife, Linda; one of his kids - Davy and Wendy; and one of Microsoft CEO Satya Nadella. Apart from his laptop, Bruce’s desk is pristine. He walked into the office this morning with a big smile on his face and passed out donuts to his colleagues.
Today has been highlighted in Bruce’s Outlook calendar for weeks. It’s day one of a thorough compliance audit of ACME Power’s application and server infrastructure.
When you work with Azure Automation — and especially if you use Hybrid Worker machines — sometimes you need to use the certificates that are part of the connections created by the automation account on a local VM or server.
Runbooks that use these kinds of certificates work fine in the Azure environment, but if you need to run it in your local environment, using Hybrid Worker machines, this represents a challenge. Here's how to get those connection certificates on your Hybrid Worker.