When using Microsoft technologies in your enterprise IT stack, you have a few native options for systems monitoring and alerts. Two recent product developments — folding Operations Management Suite (OMS) functionality into Azure Monitor, as well as the release of the new SCOM 2019 — have reignited the debate to determine whether Azure Monitor can entirely replace the long standing, good-old SCOM (System Center Operations Manager).
In a way, I feel this comparison is a bit unfair, like comparing apples with oranges. Ultimately the two products can work together and overlap in order to eliminate monitoring gaps in your environment. So which monitoring solution would work the best for your enterprise? Let’s try to figure out!
This is Part Two and the final entry in our introductory blog series on Azure Sentinel, Microsoft's new Security Information and Event Management (SIEM) tool for Azure environments. Read Part One here for information on what Sentinel is, how to set it up, and how to begin importing data from your Azure PaaS and IaaS.
In Part Two, we'll examine deeper functionalities within Sentinel including Machine Learning, queries, and automation.
Azure Sentinel is Microsoft's cloud-native SIEM (Security Information and Event Management) service with built-in AI analytics. It reduces the cost and complexity to provide a single pane of glass to get central and near real-time view of your whole environment.
Threats related to infrastructure, networking, users, and applications can be monitored via Azure Sentinel. As a cloud-native service, it scales as per your needs. It collates the data from your environment on-premises, in Azure, and any third party cloud providers. It uses Microsoft Threat Intelligence to analyze all the signals and filters out the noise from actual relevant alerts.
This two part blog series will introduce you to Azure Sentinel and show you how to get set up with the service and start exploring its many features.
Alert Rules in Azure are a tool to let you know when some condition of your choice has occurred within any given component of your Azure infrastructure. In other words, they alert you to potential problems so you can remedy them before anything serious goes wrong.
Have you ever had the tedious task of creating multiple alerts for all of the resources in your subscription? Let me tell you, it is really time consuming to create them from scratch one by one.
I have a PowerShell Script that can Target and Create specific metric alerts for the resources you define inside of the script, making it much simpler to create a large amount of alerts at one time.
Skip down to the script if you’re familiar with Alerts already. If you aren’t here’s an overview on how they work.
Many customers frequently ask the question whether or not it is possible to fetch a report of up-time of a service being monitored with SCOM. Usually, the answer is – not out of the box. However, you can achieve this using a simple workaround.
One way of doing it is to author your own service monitor, but that involves considerable amount of knowledge and experience of management packs and the underlying coding. It usually takes a lot of time as well. Not everyone has the right knowledge or the time to spend on this so I thought I’d share a quick trick I do to measure uptime of a service and also be able to present it to the concerned parties in the form of a report.
You may be familiar with Microsoft Operations Management Suite (OMS) — a management system that works to simplify your IT processes. Troubleshooting, change tracking, and updates are just a few common IT tasks that OMS could handle. OMS components brought together backup services, site recovery, log analytics, and automation and are available for hybrid, multi-cloud, and on-premises environments.
Microsoft deprecated OMS as of January 2019, moving all functionality into the Azure portal. Learn more about why OMS and the new Azure portal are useful for your IT workflow and what has changed with the migration to Azure.
When you decide to move your Exchange environment to the cloud, you might be confused to discover that you still need to maintain an on-premises Exchange server. There are several reasons for this, stemming from the migration process and on to Identity Management.
If you’re moving from an active on-premises Exchange deployment, you’ll first configure an interim “Exchange Hybrid” environment which hosts mailboxes within Exchange Online and your local Exchange server. The two locations share namespace, address books, free-busy, calendars, really every Exchange functionality is synced between them. Mail flow and other functions appear to be internal, but might actually be processed and stored in the cloud environment.
Azure Stack enables you to run Azure workloads on-premises or even within a colocation facility, enabling stronger security and control over your data and applications with a single management platform for your public Azure cloud infrastructure and your Azure Stack deployment.
You can use many of the best Azure tools, processes, and features — including add-ons and open source solutions from the Azure Marketplace — in the cloud of your choice, helping to meet regulatory or technical challenges.
Before you get started with this intriguing hybrid and private cloud technology from Microsoft, there are a few things you’ll need to keep in mind, however. Here are some of the most important.
In a world where we have self-driving cars, cures for complex diseases, and where we’re building houses with 3D printers, some enterprise organizations still manually patch servers which run their mission-critical applications.
Enterprise data center management can fray the nerves of even the most experienced administrators. “To err is human”, as the saying goes, and errors can happen during patching, even with the powerful toolset in Microsoft System Center. A server admin could spend hours struggling with a single patch and cause productivity delays the next day for the systems which don’t get addressed.
There are effective ways of automating these tasks, which come with price tags both directly and indirectly related to patching itself.
Automated patching server application patching can alleviate a lot of work for IT management teams. It shifts the patching and updating process outside of business hours. In an ideal world, Microsoft’s System Center Configuration Manager (SCCM) would flawlessly execute server application patches.
However, there are some gaps in SCCM patching functionality, especially when it comes to orchestration, validation, and report logs. These can cause issues with QA and risk mitigation and can drive frustrations among your IT staff.