Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management

Leave a comment

#Microsoft Azure Monitor and Service Map Insights workbooks (Preview) #Azure #Cloud

Azure Monitor for VMs monitors your Azure virtual machines (VM) and virtual machine scale sets at scale. The service analyzes the performance and health of your Windows and Linux VMs, monitoring their processes and their dependencies on other resources and external processes.
As a solution, Azure Monitor for VMs includes support for monitoring performance and application dependencies for VMs that are hosted on-premises or in another cloud provider. Three key features deliver in-depth insight:

  • Logical components of Azure VMs that run Windows and Linux: Are measured against pre-configured health criteria, and they alert you when the evaluated condition is met.
  • Pre-defined, trending performance charts: Display core performance metrics from the guest VM operating system.
  • Dependency map: Displays the interconnected components with the VM from various resource groups and subscriptions.

The features are organized into three perspectives:


Here we have a look at Azure Monitor Service map of my local machine :

Here in the Event you see two Configuration Changes.

What is awesome to see, when you double click on the link marked with a arrow, then It will start log analytics with the right query to see what those changes are 🙂

You see some Changes in Windows Services and Updates on my local Machine

Communications of the local machine on-premisses

Workbooks combine text, Analytics queries, Azure Metrics, and parameters into rich interactive reports. Workbooks are editable by any other team members who have access to the same Azure resources.

Click here on Workbooks

Workbook templates

Here you can use the default workbook templates, but you can also create your own for your Team.
Microsoft has a GitHub Repository for Applications Insights workbooks, where you can contribute

Local Machine On-premises

Communications of the on-premises Machine.

Here you can read more on Microsoft Azure Monitor to get your Virtual Machines on Board

See also :

Microsoft Azure Monitor Documentation

Microsoft Azure Monitor & Security for Hybrid IT Community Group on LinkedIn

Follow Microsoft Azure Monitor on Twitter

Leave a comment

View Container Live logs with #Azure Monitoring #AKS #Kubernetes #Containers #AzureDevOps

Monitoring Azure Kubernetes Cluster

Azure Monitor for containers is a feature designed to monitor the performance of container workloads deployed to either Azure Container Instances or managed Kubernetes clusters hosted on Azure Kubernetes Service (AKS). Monitoring your containers is critical, especially when you’re running a production cluster, at scale, with multiple applications.
Azure Monitor for containers gives you performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API. Container logs are also collected. After you enable monitoring from Kubernetes clusters, these metrics and logs are automatically collected for you through a containerized version of the Log Analytics agent for Linux and stored in your Log Analytics workspace.

Here you find awesome documentation about Understanding AKS cluster performance with Azure Monitor for containers

What I really like is that you now can see the Container Live logs from the Azure portal and see what is going on in the background of a Container 🙂

Activate Azure Kubernetes Container Live Logs

Here you see the Container Live logs

This feature provides a real-time view into your Azure Kubernetes Service (AKS) container logs (stdout/stderr) without having to run kubectl commands. When you select this option, new pane appears below the containers performance data table on the Containers view, and it shows live logging generated by the container engine to further assist in troubleshooting issues in real time.
Live logs supports three different methods to control access to the logs:

  1. AKS without Kubernetes RBAC authorization enabled
  2. AKS enabled with Kubernetes RBAC authorization
  3. AKS enabled with Azure Active Directory (AD) SAML based single-sign on

You even can search in the Container Live Logs for Troubleshooting and history :

Search on ssh

Azure Monitor for containers uses a containerized version of the Log Analytics agent for Linux. After initial deployment, there are routine or optional tasks you may need to perform during its lifecycle.
Because of this agent you can work with Log Analytics in Azure Monitor :

Log Analytics on Containers.

Here you find more on Log Analytics query language

Conclusion :

When you have your production workload running on Azure Kubernetes Clusters, It’s important to monitor to keep you in Control of the solution in Microsoft Azure and watch for improvements like performance for the business. With Container Live logs you can see what is going on in the Containers when you have issues and that’s great for troubleshooting to get your problem solved fast. Get your workload into Azure Containers and make your Azure DevOps CI/CD Pipelines in the Cloud.

Join the LinkedIn Community Groups for :

Containers in the Cloud

Azure DevOps Community

Microsoft Azure Monitor & Security for Hybrid IT

Leave a comment

Monitoring Microsoft Azure Cloud Services and On-premises Datacenters #Azure #MSOMS #Cloud

Microsoft Azure Monitor

There are a range of tools for monitoring your Azure environment, from the application code running on Azure to the services and infrastructure hosting your application. These tools work together to offer comprehensive cloud monitoring and include:

  • Azure Monitor – the Azure service that operates as a consolidated pipeline for all monitoring data from Azure services. It gives you access to performance metrics and events that describe the operation of the Azure infrastructure and any Azure services you are using. Azure Monitor is a monitoring data pipeline for your Azure environment, and offers that data directly into Log Analytics as well as 3rd party tools where you can gain insight into that data and combine it with data from on premises or other cloud resources.
  • Application Insights – the Azure service that offers application performance monitoring and user analytics. It monitors the code you’ve written and applications you’ve deployed on Azure, on-premises, or other clouds. By instrumenting your application with the Application Insights SDK you can get access to a range of data including response times of dependencies, exception traces, debugging snapshots, and execution profiles. It provides powerful tools for analyzing this application telemetry while developing and operating your application. It deeply integrates with Visual Studio to enable you to get right to the problem line(s) of code so you can fix it, and offers usage analytics to analyze customer usage of your applications for product managers as well.

Overview of Application Insights for DevOps

  • Log Analytics –  is an Azure service that ingests log and metric data from Azure services (via Azure Monitor), Azure VMs, and on-premises or other cloud infrastructure and offers flexible log search and out-of-the box analytics on top of this data. It provides rich tools to analyze data across sources, allows complex queries across all logs, and can proactively alert on specified conditions. You can even collect custom data into its central repository so you can query and visualize it. You can also take advantage of Log Analytic’s built-in solutions to immediately gain insights into the security and functionality of your infrastructure.

Log Analytics Documentation

Azure Monitor enables you to consume telemetry to gain visibility into the performance and health of your workloads on Azure. The most important type of Azure telemetry data is the metrics (also called performance counters) emitted by most Azure resources. Azure Monitor provides several ways to configure and consume these metrics for monitoring and troubleshooting.

Telemetry data is important

Because telemetry data is sending every minute, you get near to real-time monitoring of your data and/or your IT Solution.

Alerts on Azure Monitor data

Azure Monitor provides several ways to interact with metrics, including charting them in the portal, accessing them through the REST API, or querying them using PowerShell or CLI. Here you find a complete list of all metrics currently available with Azure Monitor’s metric pipeline.

There are three types of alerts off of data available from Azure Monitor — metric alerts, near real-time metric alerts (preview) and Activity Log alerts.

  1. Metric alerts – This alert triggers when the value of a specified metric crosses a threshold that you assign. The alert generates a notification when the alert is “Activated” (when the threshold is crossed and the alert condition is met) as well as when it is “Resolved” (when the threshold is crossed again and the condition is no longer met)
  2. Near real-time metric alerts (preview) – These alerts are similar to metric alerts but differ in a few ways. Firstly, as the name suggests these alerts can trigger in near real-time (as fast as 1 min). They also support monitoring multiple(currently two) metrics. The alert generates a notification when the alert is “Activated” (when the thresholds for each metric are crossed at the same time and the alert condition is met) as well as when it is “Resolved” (when at least one metric crosses the threshold again and the condition is no longer met).
  3. Activity log alerts – A streaming log alert that triggers when an Activity Log event is generated that matches filter criteria that you have assigned. These alerts have only one state, “Activated,” since the alert engine simply applies the filter criteria to any new event. These alerts can be used to become notified when a new Service Health incident occurs or when a user or application performs an operation in your subscription, for example, “Delete virtual machine.”

Alerts overview


When you go to the Microsoft Azure Portal and click on the left side on Monitor you can start your Solutions and configure them.

To Gain visibility and control across your hybrid cloud with simplified security and operations management there is Microsoft Operations Management Suite (OMS)

Here you find a lot of Hybrid Solutions to monitor and find the benefits of Cloud management with Log Analytics.

Understanding alerts in Log Analytics :


Alerts are created by alert rules that automatically run log searches at regular intervals. If the results of the log search match particular criteria then an alert record is created. The rule can then automatically run one or more actions to proactively notify you of the alert or invoke another process. Different types of alert rules use different logic to perform this analysis.

In addition to creating an alert record in the Log Analytics repository, alerts can take the following actions.

  • Email. Send an email to proactively notify you of a detected issue.
  • Runbook. An alert in Log Analytics can start a runbook in Azure Automation. This is typically done to attempt to correct the detected issue. The runbook can be started in the cloud in the case of an issue in Azure or another cloud, or it could be started on a local agent for an issue on a physical or virtual machine.
  • Webhook. An alert can start a webhook and pass it data from the results of the log search. This allows integration with external services such as an alternate alerting system, or it may attempt to take corrective action for an external web site.

Here you find more on Understanding alerts in Log Analytics

To keep you in Control of monitoring, Microsoft made two Mobile Apps :

Microsoft Operations Management Suite Mobile App

Microsoft OMS on my Phone

And you got the Microsoft Azure Mobile App

For Microsoft Azure Monitoring there are all kind of Solutions in the Marketplace available :

Microsoft Azure Marketplace

Conclusion :

Monitoring your IT Solutions is really important for your Application Life Cycle management to get feedback for improvements and to get Customer satisfaction.
With Microsoft Monitoring from the Cloud with Azure and OMS you get more inside information via telemetry and log analytics to keep you Up-To-Date of
your IT Hybrid Infrastructure. Modern Hybrid Cloud Datacenter(s) need a Modern Secure Monitoring environment to keep yourself and your business in Control all the time in this rapidly fast changing IT World.
Monitoring via the Microsoft Cloud gives you :

  • More Security information, Alerts and Advice to prevent security leaks
  • Application improvements in your Life Cycle management
  • Automation of action plans on Events.
  • The Health of your IT Hybrid Cloud Services
  • Makes troubleshooting much easier with Diagnostics logs
  • Integration with on-premises IT Infrastructures
  • OMS assessments, like Active Directory, SQL, Upgrades, Malware, Security & Audits………… and More
  • Great Dashboards for DevOps, IT Administrators, IT Managers, or for your Customers.

To get More information and benefits about Monitoring and diagnostics for your Design ( Best Practices )

Hope this information is helpful to get you in control of monitoring your Hybrid Cloud Solutions.

Leave a comment

Microsoft #Azure #SQL Database Management Pack for #Sysctr 2012

AzureSQL MP Diagram

This diagram shows the classes used or defined in the management pack

The Microsoft Azure SQL Database Management Pack enables you to monitor the availability and performance of applications that are running on Microsoft Azure SQL Database.

Feature Summary
After configuration, the Microsoft Azure SQL Database Monitoring Management Pack offers the following functionalities:

  • User-friendly wizard to discover Microsoft Azure SQL Database servers.
  • Provides availability status of Microsoft Azure SQL Database server.
  • Collects and monitors health of Microsoft Azure SQL Database databases.
    • Space monitoring:
      • Used space
      • Free space
      • Total allocated quota
    • Track the total number of databases per server
    • Successful connections count
    • Failed connections count
    • Number of deadlocks
    • Throttling/long transactions count
    • Connections blocked by firewall count
  • Collects and monitors performance information:
    • Average memory per session
    • Total memory per session
    • Total CPU time per session
    • Total I/O per session
    • Number of database sessions
    • Maximum Transaction execution time
    • Maximum Transaction lock count
    • Maximum Transaction log space used
    • Network Egress/Ingress bandwidth
    • Percentage of CPU used
    • Percentage of workers used
    • Percentage of CPU used
  • Ability to define Custom thresholds for each monitor to configure the warning and critical alerts.
  • Run-as profile to securely connect to Microsoft Azure SQL Database.
  • Detailed knowledge to guide the IT operator with troubleshooting the problem.
  • Custom tasks to redirect the user to the Microsoft Azure SQL Database online portal.
  • Custom query support to enable application-specific availability and performance monitoring.
  • Dashboard functionality

You can download the Microsoft Azure SQL Database Management Pack for System Center 2012 here


Leave a comment

UPDATE System Center Management Pack for SQL Server 2014 #SCOM #SQL2014 #sysctr #SQL

Instance SummaryInstance Summary Dashboard.

The System Center Management Pack for SQL Server 2014 enables the discovery and monitoring of SQL Server 2014 Database Engines, Databases, SQL Server Agents and other related components. This Management Pack is designed to run by Operations Manager 2007 R2 (except dashboards), Operations Manager 2012 or Operations Manager 2012 R2.

The monitoring provided by this management pack includes performance, availability, and configuration monitoring, as well as performance and events data collection. All monitoring workflows have predefined thresholds and complimentary knowledge base articles. You can integrate the monitoring of SQL Server 2014 components into your service-oriented monitoring scenarios.

In addition to health monitoring capabilities, this management pack includes dashboards, diagram views, state views, performance views, alert views and diagnostic tasks that enable near real-time diagnostics and remediation of detected issues.

Note: This management pack does not depend on SQL Server Library management pack. You do not need to import it to enable the monitoring of SQL Server 2014.
Note: This management pack is only for SQL Server 2014. Please use this link to download the Operations Manager Management Pack for SQL Server 2005/2008/2012.

Feature Summary
The following list gives an overview of features introduced by System Center Operations Manager Management Pack for SQL Server 2014. Please refer to the SQL Server 2014 Management Pack Guide for more details.

  • Discovery and monitoring of SQL Server 2014 roles like DB Engine, Integrations Services.
  • Discovery of SQL Server 2014 components: Databases, SQL Agent and SQL jobs.
  • The management pack introduces 100+ monitors and 380+ rules to provide a deep monitoring of SQL Server 2014. Please refer to the SQL Server 2014 Management Pack Guide for the full list of monitoring scenarios and workflow inventory.
  • Monitoring of SQL Server 2014 AlwaysOn:
    • Automatic discovery and monitoring of availability groups, availability replicas, and availability databases.
    • Health roll-up from availability database to availability replicas.
    • Detailed knowledge for each related monitoring workflow.
  • Seamless integration with SQL Server 2014 policy based management (PBM):
    • Automatic discovery and monitoring of custom PBM polices targeted to Database or Database components.
    • Rollup of policy execution health to the health of related SCOM entity.
  • Monitoring of SQL Server In-Memory OLTP.
  • Reports for long-term analysis of different problematic areas related to SQL Server 2014, such as SQL Server lock analysis, top deadlocked databases, SQL Server service pack levels, user connection activity. Also, generic reports from the Microsoft Generic Report Library can be used to review availability and performance of objects discovered by System Center Operations Manager Management Pack for SQL Server 2014.
  • Low-privilege monitoring is supported for both stand-alone installations and clustered environments, except PBM.
  • Support for Mirroring Monitoring
    • Discover mirroring databases, witness, and mirroring group.
    • Monitor database mirror state, database mirror witness state, and mirroring partners’ state.
    • Custom diagram view to visually represent the primary and the mirrored databases.

New features

  • Added Mirroring monitoring scenarios for SQL Server 2014 product
  • SPN monitor now has ‘search scope’ parameter which allows the end user to choose between LDAP and Global Catalog
  • Fixed Timeout error in CPU utilization monitoring scenario
  • Monitoring SQL Server Instances on the same server with their own network interfaces and default port is now available
  • SQL Server instances with underscores and other allowed special symbols in names can be monitored
  • Minor fixes.


  • Dependency on SQL Server Library management pack has been eliminated.
  • Support of Localized performance counter for CPU and Logical Disk Metrics.
  • SQL Server Integration Services monitoring seed discovery.
  • SQL Server Integration Services moved to separate management pack.
  • SQL Server non-default port is now supported.
  • Optimized performance collection replaced with raw performance collection to guarantee accuracy of hourly and daily aggregated data.


  • Standard Edition Databases discovery issue fixed.
  • AlwaysOn: Endpoint URL points to a non-computer name.
  • AlwaysOn: read intent is not supported, false alert message removed.

Other changes:

  • Monitoring of SQL Server Reporting Services has been deprecated. This component will be monitored by dedicated management pack.
  • Monitoring of SQL Server Analysis Services has been deprecated. This component will be monitored by dedicated management pack.
  • Monitoring of SQL Server Replication has been deprecated. This component will be monitored by dedicated management pack.

You can download the Microsoft System Center Management Pack for SQL Server 2014 here

Leave a comment

#Microsoft System Center 2012 Management Pack for Windows Server 2012 R2 Remote Access #sysctr #SCOM

SCOM 2012 R2Microsoft System Center 2012 R2 Operations Manager

What’s New
System Center Management Pack for Remote Access combines monitoring for DirectAccess and RRAS into a single management pack. This management pack retains the monitoring capabilities of RRAS 2012 management pack. This management monitors Remote Access role in Windows Server 2012 R2 only. This management pack monitors the following conditions:
DirectAccess Monitoring
• Issues with internal and external network adapter connection and settings such as forwarding
• Teredo server state and configuration
• Isatap availability and configuration such as name publishing and route publishing
• 6to4 adapter and forwarding state
• Heuristics around network security such as DOS attack, spoof attack and replay attack and state of IPSec
• State of network infrastructure like DNS servers, Management servers configured for DirectAccess
• IP-Https state and configuration
• State of various underlying services such as BFE, IPHelper etc needed for Remote Access
• Heuristics related to OTP
Most of the health monitoring scenarios that can be monitored using the native DirectAccess UI have been included in the management pack.

VPN Monitoring
Existing capabilities for RRAS management pack have been included in the unified management pack as well. We’ll summarize the monitoring capabilities for RRAS included in the unified management pack:
• Remote access (VPN) connection failures due to erroneous configuration.
• Demand-dial (site-to-site) connection failures due to erroneous configuration.
• Erroneous configuration of VPN tunnels:
• Point-to-Point Tunneling Protocol (PPTP)
• Layer Two Tunneling Protocol (L2TP/IPSec)
• Secure Socket Tunneling Protocol (SSTP)
• Internet Key Exchange version 2 (IKEv2)
• Connection licenses, registry corruption, authentication, and accounting issues for remote access
• VPN network access protection (NAP) enforcement and Network Access Quarantine Control access issues
• Erroneous configuration and setup issues involved with various routing protocols that are exposed through RRAS, such as the following:
• Routing Information Protocol (RIP) v1 and v2
• DHCP Relay Agent
• Internet Group Management Protocol (IGMP)
• DHCPv6 Relay Agent
• Monitors and alarms to notify the administrator about erroneous conditions. These conditions include the following:
• Hardware device error
• Protocol initialization failure
• Remote Access Connection Manager (RASMAN) service unexpected termination
• Routing and Remote Access service unexpected termination
• Routing and Remote Access service monitor
• Authentication or accounting failures
• Configuration failures
• IPsec-related failures
• Packet filter-related failure
• IPCP negotiation failure
• Memory allocation monitor
• Memory allocation failure
• No more licenses monitor
• Port open failures
• Support for monitoring performance counters and instrumentation, including the following:
• Total number of remote access connections
• Total number of timeout and serial overrun errors for this connection
• Total number of alignment errors for this connection (alignment errors occur when a byte received is different from the byte expected)
• Total number of buffer overrun errors for this connection (buffer overrun errors occur when the software cannot handle the rate at which data is received)
• Total number of bytes received for this connection
• Number of bytes received per second
• Total number of bytes transmitted for this connection
• Number of bytes transmitted per second
• Total number of cyclic redundancy check (CRC) errors for this connection (CRC errors occur when the frame received contains erroneous data)
• Total number of data frames received for this connection
• Number of frames received per second.

You can download the Microsoft System Center 2012 Management Pack for Windows Server 2012 R2 Remote Access here

System Center Market Place

Find more System Center Center Management Packs in the Market Store of System Center here

For instructions about importing a management pack, see How to Import a Management Pack in Operations Manager 2012 R2

Tuning Monitoring by Using Targeting and Overrides

When you import a management pack, System Center 2012 – Operations Manager discovers the objects defined by the management pack and begins applying the management pack’s rules and monitors to the discovered objects. You should always import a new management pack in a pre-production environment first so that you can evaluate the management pack and adjust or tune the management pack as necessary to meet your business needs.

To tune a management pack effectively, you should involve the service owner or subject matter experts, the operations team members who monitor the alerts and events and take action when something requires attention, and the engineering team responsible for the Operations Manager infrastructure. Depending on the service that is monitored by the management pack, you might also include the networking or security teams.  Those responsible for the Operations Manager infrastructure might not have the knowledge and experience with the service to effectively tune the management pack without expert input.

Tuning Approach

For servers or applications, tune from the highest severity alerts and dependencies to the lowest. Look at alerts first, then open the Health Explorer to gather more detailed information for the problem. Validate results of the alerts generated, verify scope of monitoring against intended targets (servers or services), and ensure the health model is accurate.

Each rule should be evaluated according to the following criteria:

  • Actionability: An alert is actionable if it tells you what went wrong and how to fix it. When alerts are generated that do not require any action, consider disabling alerting for the rule.
  • Validity: An alert is valid if the issue that generated the alert can be confirmed and the issue actually occurred at the moment the alert was generated.
  • Suppression: There should be only one alert stating the issue occurred.

What to Tune

  • Discovery frequency
  • Monitor thresholds
  • Targets
  • Intervals
  • Parameters


  • Import a single management pack at a time.
  • Review any new alerts reported for servers monitored with the new management pack. You can use the Alerts and Most Common Alerts reports to help you discover your most common alerts. When you first install a management pack, it tends to discover a multitude of previously unknown issues. Monitor the alerts to determine potential areas of concern
  • Override the monitor or rule as applicable for a particular object type, a group, or a specific object.
  • Disable the monitor or rule if the issue is not severe enough to warrant an alert and you do not need to be made aware of the specific situation being monitored.
  • Change the threshold of the monitor that is generating the alert if you want the underlying condition to be monitored, but the alert is being generated before the condition is actually a problem for your particular environment.
  • When you set overrides for a management pack, save them to a management pack that is named ManagementPack_Override, where ManagementPack is the name of the sealed management pack to which the overrides apply. For example, overrides to the management pack would be saved to Microsoft.InformationWorker.Office.XP_Overrides.xml.

Tuning Monitoring by Using Targeting and Overrides topics

Using Classes and Groups for Overrides in Operations Manager
How to Override a Rule or Monitor
How to Enable or Disable a Rule or Monitor
Using the Enforced Attribute in Overrides
How to Enable Recovery and Diagnostic Tasks

Other resources for this component

TechNet Library main page for Operations Manager
System Center Operations Manager Engineering Blog
Managing Discovery and Agents
Using Management Packs

You can find also awesome information about Microsoft System Center 2012 R2 Operations Manager on Technet wiki here :

The System Center 2012 R2 Operations Manager Survival Guide

System Center 2012 R2 logo new