Monitoring Windows Services States with Log Analytics

Monitoring Windows Services States is one of the most common requests that I’ve seen on forums, groups and blog posts. My fellow MVP and OMS expert Stefan Roth wrote a similar blog post titled OMS – Monitor Windows Services / Processes. I would suggest to check it out as well. The approach I will show is somehow already cover in official article that demonstrates custom fields in Log Analytics. The difference is that we now have the new rich Log Analytics search syntax so we do not need  custom fields anymore. This approach also is different from Stefan’s as his one covers wider topic with monitoring processes by using performance counters. In this approach we will use windows events which Stefan mentions that is not reliable but he was referring to specific Event Id which I also agree it is not reliable. In the next steps I will use another Event Id that is reliable 100%. The advantage of using windows events for monitoring windows services states are:

  • Only windows events are gathered which results in less data uploaded compared to performance data
  • You do not have to add performance counter for each process, you just need to add only one event log to monitor all services

  • The services are shown with their actual name that is used in services.msc or Get-Service cmdlet.

  • We have the actual state of the service when it happened

Some of the disadvantages of this method are:

  • Until the service is started or stopped it will take at least 5 minutes until the data appears in Log Analytics

Continue reading “Monitoring Windows Services States with Log Analytics”

Advertisements

AD Replication Status Solution in Operations Management Suite

Like a Christmas present OMS team gave us a new solution yesterday. As the name suggest the solution aims to give you visibility over the replication of your domain controllers. To get some results you will need at least two domain controllers located in different AD sites. I believe the solution works with any domain controller that is on a supported by OMS Windows operating system. Continue reading “AD Replication Status Solution in Operations Management Suite”

Creating Azure-like Windows Server Images with System Center

Update

——————————————————————————

A small update on this topic. If you do not want your customers to face error 0x800F0906 when they try to install .NET Fraemwork 3.5 on Windows Server 2012 or 2012 R2 I would suggest you to install and disable .net FRamework 3.5 feature with DISM prior syspreping your images. The following commands should do the work: Continue reading “Creating Azure-like Windows Server Images with System Center”

Windows Server and System Center vNext Technical Preview are Now Available

Windows Server and System Center vNext Technical Preview is out. Just go out grab the bits from here and here and start exploring.

Several MPs Updated

This blog post is to inform you that several MPs have been updated with some important fixes/features. You can find all the information here.

My personal best improvement is:

  • Add Task launch PowerShell session on the remote machine for All Computers

Free Book: Microsoft System Center: Building a Virtualized Network Solution

I would like to introduce another great book authored by my friend Damian Flynn. I can tell you cannot go wrong with this book as you will give a foundation that will definitely need in working with Networking in VMM. I am also have participation in the book as Technical Editor. Grab it in different formats from here.

SCOM APM for Orchestrator, SPF, SMA and WAP

Orchestrator, Service Provider Foundation, Service Management Automation and Windows Azure Pack are all web applications or web services or both. They are all monitored by IIS 8 Management Pack in Operations Manager but that MP can only provide monitoring to certain levels to solve these limitations in SCOM (SP1 and R2 for IIS8) we have Application Performance Monitoring (APM). This blog post does not aim to show you some advanced features in APM but rather to show you how to enable some advanced monitoring for those services. As SMA and WAP are available only in R2 I will use the R2 wave. Let’s start with enabling APM for every service:

Service Provider Foundation

Open SCOM console. Go to Authoring pane. Start Add Monitoring Wizard.

image

Select .NET Application Performance Monitoring

image

Give a friendly name to the application and create new management pack where the settings for this application will be saved.

image

Select Add.

image

Click on Search and add the two web service in SPF – VMM and Admin. Click OK.

image

It is always a good practice to put Environment.

image

Accept the default settings. The idea is to fine tune these settings depending on the performance of the application in your environment. If you have more than one environment (development, test, production and etc.) these settings can be different because some environments will have less resources than other and the application can perform slowly because of that. SPF is only web service and because of that does not have portal so client-side monitoring is not relevant. On summary page click Create and wait until the APM for SPF is created.

And the result is:

image

image

From now on when you have data for a long term period you can fine-tune the APM settings. You can even set exceptions for some methods.

Orchestrator Web Service and Console

Orchestrator has Web Service and Console (Web Application).

image

image

image

One Web service and Web application (portal) added,

image

Orchestrator has web application but do not enable client-side monitoring for now.

image

image

To enable client-side monitoring you need first have to check if the web application could be enabled for this client side monitoring. This is done trough a task Check Client-Side Monitoring Compatibility which is available in Monitoring Pane –> Application Monitoring –> .NET Monitoring –> IIS 8.0 ASP.NET Web Application Inventory View. Select the web application you would like to test and execute the task from the Task pane.

image

I’ve enabled the client-side monitoring for the Orchestrator console but even I didn’t received any error in SCOM or on the Orchestrator portal no performance counters were shown from client-side:

image

Windows Azure Pack

image

image

You need to add all found Web Applications for Windows Azure Pack:

image

image

image

image

I am not using WAP intensively in this environment  so I do not have so much data:

image

image

Because I do not have even database created for WAP you can see the performance exception created for that:

image

image

APM can very useful to public user portal like Tenant Site in WAP:

image

Because of that I’ve tried to check if client-side monitoring can be enabled but unfortunately the check returned negative results:

image

image

Service Management Automation

Service Management Automation is part of Orchestrator setup but can be connected to WAP.

image

Only one web service is available so no client-side monitoring will be available:

image

image

image

image

 

As a summary I hope this will help you in providing advanced monitoring for these Web Services and Application as they are of the Microsoft Cloud OS and critical for Cloud Providers. What I would like to see in the future instructions or possibility from Microsoft on how to enable client-side monitoring for at least the Tenant Site.