Monday, April 30, 2018

[SCOM] Create Monitor Based on Event Viewer Log

Recently we got a request from our customer to monitor few custom applications wherein they wanted to monitor Event IDs as well. Earlier they wanted to monitoring to be done only focus on the Event ID only, however when they see the report, they also need to be monitor the Event Source and Event ID. So, below are the steps involved in enabling Windows Event ID monitoring thru SCOM:

 Let’s start..

 What’s required?

 Below information gather from our customer that we can used to monitor:
1. Source ID
2. Event ID
Step 1: Create Monitor Rules

 1. Login SCOM console and click on Authoring

 2. Expand Management Pack Objects and click on Rules

 3. Right-Click on Rules and click Create Rules

 image

 4. Select Event Based > NT Event Log (Alert) rules and destination of Management Pack, and click Next

 clip_image001

 5. Insert Rule Name, Description, Rule Category, and Rule Target as below;

 Rule Name: Event Viewer Monitoring
Description: Monitor Event Viewer ID: 8888 & Source ID: MSSQLSERVER
Rule Category: Alert
Rule Target: Windows Computer
Then, click Next

 Note: If you tick Rule is enabled, this rule will discovery all the Windows Computer

 image

 6. Click Next

 image

 7. Insert Event ID and Event Source and click Next

 image

 8. On the Configure Alert page, set the priority to High and severity to Critical and click  Create

 image

 9. Taadaaaa. You already create the Monitor Rules. Next step is to override the monitor rule. If you want to point directly to certain servers, yes you are required to override this rules else just leave it.

image

 Configuration completed. If your event viewer logged the log from Event ID:8888 or Source ID: MSSQLSERVER, you will viewer the alert sending to SCOM.

 You might want to view;

 [SCOM] – Override Rules
[POWERSHELL] – Simulate an Event Viewer Error Log
Shared by No comments:
Labels:

[AZURE] Quick Start – Create a Resource Group in the Azure Portal

Azure Resource groups provide a way to monitor resources such as virtual network, virtual machine, network security groups, subscriptions and others. You can deploy, update, or delete all the resources for your solution in a single coordinate operation. To create an Azure resource group, perform the following steps:

 Step 1: Login to Azure Portal
1. Login to the Azure portal at https://portal.azure.com

image

 2. On the Microsoft Azure Portal page, insert your Email Address and click Next

image

 3. Insert password and click Sign in

image

 4. This is view for Microsoft Azure Portal. In this Portal, you are able to manage all your Azure Services under your subscriptions.


Step 2: Create Resource Group

1. On the left pane of the dashboard, click Resource Groups
2. In the Resource groups pane, click Add

 image

 3. Insert your Resource Group Name, Subscriptions and Resource Group Location.

 Note:
Resource Group Name: rg_firdaus_adfs 
Subscriptions: Pay-As-You-Go

 4. Click Create



image

Complete configurations. You may configure VMs inside this Resource Groups.

Shared by 1 comment:
Labels:

[AZURE] Quick Start–Create a Windows virtual machine in the Azure Portal

Azure virtual machines (VMs) can be created through the Azure portal. This method provides a web-based user interface to create VMs and their  resources including virtual network, and storage account. This quick start shows you how to use the Azure portal to deploy a virtual machine (VM) in Azure that runs Windows Server 2016. To see your VM in action, you then RDP to the VM.
Step 1: Login to Azure Portal

 1. Login to the Azure portal at https://portal.azure.com

 image

 2. On the Microsoft Azure Portal page, insert your Email Address and click Next

 image

 3. Insert password and click Sign in

 image

 4. This is view for Microsoft Azure Portal. In this Portal, you are able to manage all your Azure Services under your subscriptions.

 Step 2: Create Virtual Machine

 1. On the left pane of the dashboard, click Virtual Machines

 2. In the Virtual machine pane, click Add

 3. Search and select Windows Server 2016 Datacenter in the Compute pane, then choose Create

 image
image

 4. Provide a VM name, such as firdaus-dc01, leave the disk type as HDD, then provide a username, such as firdaus.adm. The password must be at least 12 characters long and meet the defined complexity requirements.

 image

 5. Choose to Create new/ Use existing resource group, then provide a name, such as rg_firdaus_adfs. Choose your desired Location, then select OK

 Note: If you already create resource group, then choose Use existing resource group else Create new resource group. Later I will show you how to Create new resource group in Quick Start – Create a Resource Group in the Azure Portal

image

 6. Select a size for the VM, You can filter by Compute type or Disk type, for example. Mine using VM size is B2S Standard, then click Select

 clip_image001[8]
image

 7. Under Settings, leave the defaults and select OK

 Note:If you are new user, this configuration just leave the defaults else you can configure Virtual Network, Subnet, Public IP Address, Network Security Group (Firewall),Monitoring and etc

 image

 8. Verify the configuration on the summary page, select Create to start the VM deployment

 9. The VM is pinned to the Azure Portal dashboard. Once the deployment has completed, the VM summary automatically opens

 Step 3: Connect to Virtual Machine

 1. Navigate to the left pane by clicking to the Resource Groups > rg_firdaus_adfs

 image

 2. Choose your VM. E.g. firdaus-dc01

 image

 3. Click the Connect button on the virtual machine properties. A Remote Desktop Protocol file (.rdp file) is created and downloaded.

 4. To connect to you VM, Open the downloaded RDP file, If prompted, click Connect.

 5. Enter the username and password you specified when creating the virtual machine , then click OK

 6. You may receive a certificate warning during the sign-in process. Click Yes or Continue to proceed with the connection

You also able to RDP using Azure VM Public IP

Shared by No comments:
Labels:
Subscribe to: Posts (Atom)