Azure Operations Management Suite Overview and Setup

The Azure Operations Management Suite is a powerful tool for managing and monitoring your Azure resources. It's a collection of services that work together to provide a comprehensive view of your Azure environment.

With the Azure Operations Management Suite, you can monitor and analyze your Azure resources, including virtual machines, storage, and networking. This allows you to identify and troubleshoot issues before they become major problems.

The suite includes services like Azure Monitor, Azure Log Analytics, and Azure Advisor, which provide real-time monitoring and analytics capabilities. These services help you gain insights into your Azure environment and make data-driven decisions.

By setting up the Azure Operations Management Suite, you can gain a deeper understanding of your Azure resources and improve their performance and availability.

Suggestion: What Is Azure Monitor

The Microsoft Monitoring Agent (MMA) is required for OMS managed systems, and it can send data to both SCOM and OMS. There are two agent deployment models: SCOM attached and directly connected.

To configure the agent, you need to paste the Workspace ID and Primary Key from the OMS portal into the Microsoft Monitoring Agent settings. This will enable the agent to communicate directly with the OMS service.

You can also configure the agent using PowerShell, which allows you to set proxy information and enable the agent using a script.

Here are the two agent deployment models:

To manually configure the Microsoft Monitoring Agent, you need to enable it to communicate directly with the OMS service, which involves pasting the Workspace ID and Primary Key into the agent settings.

There are two agent deployment models for OMS managed systems: SCOM attached and directly connected.

The SCOM attached model is a straightforward way to add value to your SCOM deployment, as it allows agents to communicate with OMS through the SCOM infrastructure.

Directly connected agents, on the other hand, communicate directly with OMS, without going through SCOM.

The Dependency Agent depends on the OMS Agent for its connections to Operations Management Suite, so a server must have the OMS Agent installed and configured first.

Here's a summary of the two agent deployment models:

For high-volume solutions, even SCOM-attached agents may connect directly to OMS, such as with the Windows Security and Audit and Wire Data solutions.

Since OMS is not yet multi-tenant, each team may opt to use a specific and separate OMS workspace, which is the management boundary used to delegate administrative rights.

The communication protocol used in both cases is simply https, forwarded to well-known and documented destinations.

Configuration is a crucial step in deploying and setting up the Operations Management Suite (OMS). To start, you'll need to sign up for the OMS service and connect your Active Directory subscription. This involves authenticating with your Microsoft or organizational account and following the detailed configuration steps outlined in the onboarding process.

You might enjoy: Configuration Management in Azure

You can sign up for the OMS service by browsing to https://microsoft.com/oms and clicking Try for free. Then, get started by authenticating with your Microsoft or organizational account.

To create an OMS Log Analytics workspace, you have several options, including creating one from the OMS Portal, Azure Portal, PowerShell, or an Azure Resource Manager (ARM) template. Each method has its own step-by-step instructions, but the process typically involves supplying a name for the new workspace and your details, then linking the Azure subscription associated with your account.

Here are the different ways to create a new OMS Log Analytics workspace:

You'll also need to link the Azure subscription associated with your Microsoft or corporate account to enable user onboarding and role delegation in OMS for users in your organization.

Once you've created your OMS workspace, you can configure the Microsoft Monitoring Agent to communicate directly with the OMS service. This involves installing the agent, opening the Control Panel, and clicking the 'Azure Log Analytics (OMS)' tab. From there, you can select 'Connect to OMS' and paste the Workspace ID and Primary Key from the OMS portal.

To enable the agent using the command line, you can use PowerShell, as shown in Example 3. This involves creating a new object for the AgentConfigManager.MgmtSvcCfg, setting the proxy information, and then enabling the agent.

Here are the steps to enable the agent using PowerShell:

1. Create a new object for the AgentConfigManager.MgmtSvcCfg

2. Set the proxy information using the SetProxyInfo method

3. Enable the agent using the EnableAgent method

For more insights, see: Azure Powershell vs Cli

Data security is of paramount importance in the public cloud, and Azure Operations Management Suite (OMS) takes this seriously. Customer data is kept logically separate on each component throughout the OMS service.

Data segregation is enforced at each layer of the service, with each customer having a dedicated Azure blob that houses long-term data, encrypted with unique per-customer keys that change every 90 days.

Data retention varies depending on your licensing tier: 7 days on the Free tier, 1 month on the Standard tier, and 1 year on the Premium tier, with an option to extend it to 2 years if desired.

Here's a quick rundown of data retention options:

The OMS service runs 100% in Azure and complies with the Azure common engineering criteria, with Microsoft personnel managing the service and all activities logged and auditable.

Data security is a top priority in the public cloud, and it's essential to understand how your data is protected. Data segregation is implemented in the OMS service, keeping customer data logically separate on each component.

Customer data is tagged per organization and this tagging persists throughout the data lifecycle, enforced at each layer of the service. This ensures that each customer's data is isolated from others.

Each customer has a dedicated Azure blob that houses the long-term data, encrypted with unique per-customer keys. These keys are changed automatically every 90 days.

Data retention varies depending on your licensing tier. Here's a quick rundown of the data retention periods:

The OMS service runs 100% in Azure and complies with the Azure common engineering criteria. This ensures that the highest level of physical security is maintained.

The OMS service ensures that incoming data is from a trusted source by validating certificates and the data integrity.

Once validated, the unprocessed raw data is stored as a blob in Microsoft Azure Storage, where each OMS workspace has a dedicated Azure blob accessible only to users with permissions.

The types of data stored by OMS may expand as Microsoft releases new solutions in OMS.

Incoming data is processed by the OMS service, and the processed data is stored in a SQL database, which is part of the OMS service and not managed by the OMS customer.

Communication between the OMS service and SQL relies on SQL database authentication.

The OMS service processes the raw data and stores the processed data in a SQL database, which is part of the OMS service.

Collected data is compressed and sent to the OMS service, bypassing on-premises databases, to prevent database bloat.

Collected data is sent to the OMS service every 8 minutes for 2 hours if the management server is unable to communicate with the service.

Here is a summary of the data processing flow:

Communication between the agent and OMS services can use an HTTP or HTTPS proxy server, which is supported with both anonymous and basic authentication proxies.

You can specify the proxy server during installation or directly in a file. If you choose to specify it during installation, you'll pass the proxy info using the -p option in the /omsagent.. shell script.

The proxy configuration is set in the files /etc/opt/microsoft/omsagent/proxy.conf and /etc/opt/microsoft/omsagent/conf/proxy.conf, which can be directly created or edited but must be readable by the omsagent user.

In the world of internet and proxy settings, there's a lot to consider when it comes to diagnostic settings.

Diagnostic logs for non-compute resources are configured using diagnostic settings, which control where logs are sent.

You can choose to send logs to a Storage Account, Event Hubs, and/or OMS Log Analytics.

The log categories you can send include a variety of options, but it's worth noting that each category has its own specific retention period.

On a similar theme: Azure Api Management Timeout Settings

Retention periods determine how long each log category is kept in a Storage Account, with a retention of zero days meaning that logs are kept forever.

Here's a breakdown of the options for sending logs and their retention periods:

By understanding these diagnostic settings, you can better manage your logs and ensure that you're getting the most out of your internet and proxy settings.