Microsoft Operations Management Suite Cookbook E-Book

Microsoft Operations Management Suite Cookbook

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Kartikey PandeyAcquisition Editor: Meeta RajaniContent Development Editor: Devika BattikeTechnical Editor: Manish ShanbhagCopy Editors: Safis Editing, Dipti Mankame, Laxmi SubramanianProject Coordinator: Judie JoseProofreader: Safis EditingIndexer: Rekha NairGraphics: Tom ScariaProduction Coordinator: Shraddha Falebhai

First published: April 2018

Production reference: 1170418

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78646-909-0

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

PacktPub.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Contributors

About the author

Chiyo Odika is a author, consultant, strategist and thought leader who is passionate about data-driven management and architecture. Chiyo excels at helping clients think strategically about how to use technology to optimize the service delivery to the business, and to create fundamental business change and value. His current technology focus is cloud computing. He enjoys talking about hybrid cloud flexibility, exploring business technology trends, optimizing cloud infrastructures, and leading solution delivery teams.

He has extensive experience in leading full lifecycle technology implementations of cutting-edge business solutions for a wide range of global clients and has championed initiatives from ideation to execution and delivery.

About the reviewer

Oskar Landman has more than 15 years of IT consulting experience in monitoring and automation. He works as a consultant and owner for OWL IT, a company based in the Netherlands where his focus is monitoring and automation in hybrid and cloud-based solutions. He started with monitoring, Microsoft Operations Manager (MOM) 2005, System Center Operations Manager (SCOM) upto Operations Management Suite (OMS) and beyond. He was awarded the Microsoft Most Valuable Professional Award (MVP) on System Center Operations Manager (SCOM) followed by two MVP awards in Cloud and Data Center Management for his outstanding technical skills and community efforts on the products.

Oskar was a contributing author to System Center 2012 Operations Manager Unleashed (2013), System Center Service Manager 2010 Unleashed (2011), and System Center 2012 Service Manager Unleashed (2015).

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and credits

Microsoft Operations Management Suite Cookbook

Packt Upsell

Why subscribe?

PacktPub.com

Contributors

About the author

About the reviewer

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

Getting Started with Microsoft Operations Management Suite

Introduction

Understanding OMS architecture and data flow

Getting ready

How to do it...

How it works...

Log Analytics

Automation

Azure Backup

Azure Site Recovery

There's more...

See also

Connecting sources without internet access to OMS

Getting ready

How to do it...

Downloading the OMS Gateway setup file

Installing the OMS Gateway

How it works...

There's more...

Using a proxy server to access OMS from SCOM

Use PowerShell cmdlets with OMS Gateway

See also

Getting started with OMS

Getting ready

How to do it...

Creating an Azure account

Creating an OMS Log Analytics workspace

Adding solution offerings and solutions

Connecting Azure VMs to OMS Log Analytics in Azure portal

Connecting Windows computers to OMS Log Analytics

Adding data sources in OMS

Configuring performance data sources in OMS

Collecting Windows performance counters:

Collecting Linux performance counters:

How it works...

There's more...

Managing users in the OMS portal

Adding a user or group to a workspace

Editing or removing a user or group from a workspace

Considerations for other solution offerings

Add Automation & Control Solution Offering to OMS

OMS data retention

Pricing

See also

Reviewing the collected data

How to do it...

How it works...

See also

Searching and Analyzing OMS Data

Introduction

Understanding the Azure Log Analytics query language

Getting ready

How to do it...

How it works...

There's more...

See also

Working with queries in the Analytics portal

How to do it...

How it works...

There's more...

See also

Working with visualizations

How to do it...

How it works...

There's more...

Working with multiple dimensions

Working with time charts

Feed Power BI from Azure Log Analytics

See also

Managing Alerts in OMS

Working with search queries and alert rules

How to do it...

Creating an alert rule

Editing an alert rule

How it works...

Alert rule types

There's more...

Third-party Alert Management

Operations Manager Alerts in Log Analytics

Collecting Nagios and Zabbix alerts in Log Analytics

See also

Configuring alert actions and notifications

Getting ready

Enabling webhooks in Slack

How to do it...

Using email actions

Using Webhook actions

How it works...

Email actions

Webhook actions

Using automation with alert rules

Getting ready

Installing automation solution in OMS workspace

How to do it...

Create a new PowerShell Azure Automation runbook

Creating an automation variable

Defining a search query and creating an alert rule

How it works...

There's more...

Creating a webhook for a Runbook

See also

Using ITSM Actions

How to do it...

Adding the ITSM Connector solution in OMS

How it works...

Using ITSM action in a Log Analytics alert rule

There's more...

See also

Working with the Alert Management solution

Getting ready

How to do it...

Adding the Alert Management solution in OMS

How it works...

Working with the Alert Management solution

There's more...

See also

Protecting and Recovering Data with OMS

Understanding Backup and Recovery with OMS

Working with Azure Backup

Getting ready

Creating a Recovery Services vault

How to do it...

Backing up a Virtual Machine in Azure

Manually starting a backup job

Backup multiple virtual machines

How it works...

There's more...

Understanding Azure Backup Components and Options

Comparing Azure Backup components

See also

Working with ASR

Getting ready

Creating a Recovery Services vault

How to do it...

Replicate Azure VMs to a Secondary Azure Region

Configure outbound network connectivity

Verify Azure VM Certificates

How it works...

There's more...

Network Infrastructure Considerations

See also

Protect and Replicate Hyper-V VMs

Getting ready

How to do it...

Hyper-V (without VMM) replication to Azure

To Enable Replication

See also

Replicate Physical Servers and VMWare VMs

Getting ready

How to do it...

How it works...

There's more...

See also

Configure Recovery plans

Getting ready

How to do it...

How it works...

There's more...

To add a manual action or script to a recovery plan

See also

Configure failover and failback

Getting ready

How to do it...

Failover an Azure VM(s) to secondary Azure region

Failback an Azure VM(s) to primary region

Failover on-premises Hyper-V VM(s) to Azure

Failback Hyper-V VM(s) from Azure to on-premises site

Failover on-premises Hyper-V VM(s) to secondary site

Failback Hyper-V VM(s) from secondary site to primary site

Failover on-premises VMware VM(s) and Physical servers to Azure

Failback VMware VM(s) and Physical servers to on-premises

How it works...

See also

Configuration Management and Automation with OMS

Working with Process Automation

Getting ready

Creating an Automation account

Installing the Automation solution in OMS workspace

How to do it...

Creating a new runbook in Azure Portal

Publishing a runbook in Azure portal

Importing and starting a runbook from the Azure Runbooks Gallery

How it works...

Runbooks

Jobs

Shared resources

There's more...

Installing and configuring a Windows Hybrid Worker

Running a runbook on hybrid worker

See also

Configuration management with Azure Automation

How to do it...

Creating an Azure Automation DSC configuration

How it works...

See also

Working with OMS Automation and Control solutions

How to do it...

Adding the Update management solution to OMS Log Analytics workspace

Installing updates with Update management

Configuring change tracking from the OMS portal

Configuring Change Tracking from the Azure Portal

How it works...

Working with Security and Compliance in OMS

Introduction

Using the Security and Audit solution

Getting ready

How to do it...

Adding the Automation account

Adding the Security and Audit Solution to the OMS workspace

Adding the Update Management Solution to the OMS workspace

How it works...

Security domains

Notable issues

Detections (preview)

Threat intelligence

There's more...

Manage Security and Audit event data collection

Filtering Security events in OMS

See also

Understanding Security and Audit data

How to do it...

Reviewing Security and Audit data with Log Search

How it works...

See also

Using the Antimalware Assessment solution

How to do it...

Adding the Security and Audit Solution to the OMS workspace

Reviewing malware threats in your environment

Reviewing malware protection status.

How it works...

Support for third-party Antimalware products

Using baseline assessment

How to do it...

Adding the Security and Audit Solution to the OMS workspace

Reviewing security baseline assessment in OMS

Reviewing computers compared to the baseline

Reviewing Web Servers computers compared to the baseline

How it works...

See also

Using the Update Management solution

Getting ready

Supported operating systems

How to do it...

Adding the Update Management Solution to OMS workspace

Using the Update Management solution.

Installing updates with Update Management

Reviewing Update deployments

How it works...

See also

Using Wire Data 2.0 and Service Map

Introduction

Using Wire Data 2.0

How to do it...

How it works...

Using Service Map

How to do it...

How it works...

There's more...

Machine Groups

See also

Exploring Other Management Solutions

Introduction

Installing other management solutions

Getting ready

Create an Automation account

How to do it...

Installing a management solution from the Azure Portal marketplace

Installing a management solution from the OMS Portal

Installing a management solution from the Azure Quickstart templates

Listing management solutions in Log Analytics workspace

Viewing and removing solutions in OMS portal

Reviewing other Management solutions

How to do it...

Agent Health

Alert Management

Hyper-V Capacity and Performance

Change Tracking

Configuring Change Tracking from the OMS Portal

Configuring Change Tracking from the Azure Portal

AD Replication Status

Configuring a member server to send AD replication data to Log Analytics

Office 365 Analytics

There's more...

See also

Log Analytics assessment solutions

How to do it...

How it works...

Active Directory Health Check

Ignoring AD Assessment recommendations

SQL Server Health Check

Ignoring SQL Assessment recommendations

See also

Cross Platform Management with OMS

Introduction

Connect Linux to OMS

Getting ready

How to do it...

Installing and configuring the Linux agent

Uninstalling the Linux agent

Onboarding with the Azure VM extension

How it works...

See also

Linux data collection and metrics

How to do it...

Collecting the data for Linux applications

Collect MySQL server performance counters

Collecting the Apache HTTP server performance counters

How it works...

Collect Zabbix and Nagios alerts

How to do it...

Configuring the alert collection in Nagios

Configuring the Zabbix alert collection

See also

Work with syslog data

How to do it...

How it works...

Monitor containers with OMS Log Analytics

How to do it...

How it works...

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

Microsoft Operations Management Suite (OMS) is a cloud-based collection of management services that is designed with hybrid management in mind. OMS simplifies IT management within your environment by providing you with solutions in order to manage and protect your on -premises and cloud environments. OMS is designed to provide you with a single-pane-of-glass view into the operation of your IT environment, and it is built to work across heterogeneous environments. It provides you with capabilities to manage your Windows and cross-platform devices across such clouds as Amazon Web Services (AWS) and Microsoft Azure, and because it is implemented as a cloud-based service, you can onboard to the service quickly and with minimal investment in infrastructure services and start to realize many benefits of OMS. In addition, the cloud-based nature of the service means that new features and capabilities are automatically delivered, saving you upgrade and maintenance-related costs. This cookbook aims to deliver recipes across various OMS solution offerings and provide guidance for working with core OMS components for Insights and Analytics, Protection and Recovery, Security and Compliance, and Automation and Control.

Who this book is for

This book is written for the IT professional and general reader who is interested in technology themes such as DevOps, Big Data Analytics, and digital transformation concepts. Azure and other cloud platform administrators, cloud professionals, and technology analysts who would like to solve everyday problems quickly and efficiently with hybrid management tools available in the Microsoft product ecosystem will derive much value from this book.

What this book covers

Chapter 1, Getting Started with Microsoft Operations Management Suite, provides an overview of OMS and its underlying services and shows you how to onboard to OMS services.

Chapter 2, Searching and Analyzing OMS Data, shows you how to review, search, and analyze collected data using the powerful new Azure Log Analytics query language.

Chapter 3, Managing Alerts in OMS, shows you how to use OMS for alert and event management and view and correlate alerts from various connected sources, such as SCOM, Nagios, and Zabbix. You will also learn how to use and configure alert actions in Log Analytics.

Chapter 4, Protecting and Recovering Data with OMS, provides an overview of the data protection and recovery capabilities of OMS and shows you how to leverage the various features of Azure Backup and Azure Site Recovery (ASR) as part of your disaster recovery and business continuity strategy.

Chapter 5, Configuration Management and Automation with OMS, shows you how to leverage the Azure Automation capabilities for inventory and change tracking, update management, process automation, and desired state configuration.

Chapter 6, Working with Security and Compliance in OMS, provides an overview of the Security and Compliance service in OMS and shows you how to assess your security state across various security domains, audit security-related events across your environment, identify and remediate security gaps within your environment, and remain compliant with various security standards.

Chapter 7, Using Wire Data 2.0 and Service Map, shows you how to unlock insights into your network traffic and understand how application components relate to one another and any network dependencies.

Chapter 8, Exploring Other Management Solutions, provides an overview of other management solutions and their various capabilities, shows you how to install and configure a variety of solutions, and perform assessments of various workloads within your environment.

Chapter 9, Cross-Platform Management with OMS, shows you how to manage Linux and other non-Windows workloads with OMS and also shows you how to work with collected data, and correlate data from other monitoring solutions to unlock insights and manage your cross-platform workloads wherever they might reside.

To get the most out of this book

To get started with OMS and to make the most of the content in this book, you will need an Azure subscription, and an Azure Log Analytics workspace. You will also need some test Windows and/or Linux machines, depending on your interest area. You will also benefit from deploying some cloud-based workloads in Azure or other cloud to understand how OMS works across management boundaries.

To work with the Hybrid worker group feature in Azure Automation, you will need at least one VM or Physical computer on-premises that can serve as a hybrid worker.

You will also need to ensure that your test machines are running supported versions of Windows or Linux operating systems for the various capabilities that you intend to explore. Furthermore, each chapter in the book spells out any requirements you will need to get started, in the Getting Started section of the various chapter recipes.

Download the example code files

You can download the example code files for this book from your account atwww.packtpub.com. If you purchased this book elsewhere, you can visitwww.packtpub.com/supportand register to have the files emailed directly to you.

You can download the code files by following these steps:

Log in or register at

www.packtpub.com

.

Select the

SUPPORT

tab.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR/7-Zip for Windows

Zipeg/iZip/UnRarX for Mac

7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub athttps://github.com/PacktPublishing/Microsoft-Operations-Management-Suite-Cookbook. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available athttps://github.com/PacktPublishing/. Check them out!

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it from https://www.packtpub.com/sites/default/files/downloads/MicrosoftOperationsManagementSuiteCookbook_ColorImages.pdf.

Get in touch

Feedback from our readers is always welcome.

General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packtpub.com.

Getting Started with Microsoft Operations Management Suite

This introductory chapter will provide an overview of how to get started with the management capabilities in Operations Management Suite (OMS). It will cover the various methods for signing up to Log Analytics, creating and administering a workspace, provisioning and managing access to workspaces, on-boarding agents to OMS, and viewing the initial data. This chapter will also review architectural considerations for OMS, including proxy and firewall configurations, OMS gateway considerations, and placement. This chapter will include the following topics::

Understanding OMS architecture and data flow

Connecting sources without internet access to OMS

Getting started with OMS

Reviewing the collected data

Introduction

Microsoft OMS is a cloud-based collection of management services that is designed with hybrid management in mind. OMS simplifies IT management within your environment by providing you with solutions for managing and protecting your on-premises and cloud environments. OMS is designed to provide you with a single pane-of-glass view into the operation of your IT environment, and is built to work across heterogeneous environments.

It provides you with the ability to manage your Windows and cross-platform devices across such clouds as Amazon Web Services (AWS) and Microsoft Azure, and because it is implemented as a cloud-based service, you can onboard to the service quickly, and with minimal investment in infrastructure services. Additionally, the cloud-based nature of the service means that new features and capabilities are automatically delivered, saving you upgrade and maintenance-related costs.

At the heart of OMS lies a set of Azure-based services that provide the core functionality of OMS. These services enable the key solutions that provide you with flexible access to the management capabilities that you need:

Automation

provides you with consistent control and compliance capabilities across your environments, both on-premises and in the cloud, including third-party clouds

Log Analytics

enables you to gain rich insight into your environment, from collected data and provides you with analytics capabilities across your workloads

Backup

provides you with reliable backup and restore capabilities to protect critical data both on-premises and in the cloud

Site Recovery

helps with availability and disaster recovery through seamless replication, failover, and failback capabilities for your workloads

These services are the foundation of the manifold benefits of OMS, which include the ability to do the following:

Enable a unified view of all of your IT assets, both on-premises and across the various clouds

Gain instant insights across a variety of Windows, Linux, and other workloads

Improve your security posture with the ability to identify and respond quickly to security threats

Deliver continuous IT services through consistent control and compliance

Ensure the availability of your data through automated cloud data protection and disaster recovery

OMS provides you with true hybrid management capabilities, so that while OMS services run in the cloud and effectively provide you with comprehensive management of your cloud workloads, you can also seamlessly and effectively manage on-premises workloads. If you already have investments in System Center, you can seamlessly integrate System Center components with OMS in a hybrid scenario.

Understanding OMS architecture and data flow

This section will explore important architectural concepts and considerations for the various OMS services, and provide you with an understanding of how OMS receives and processes data. A good grasp of how data flows to OMS for the various management functions will enable you to better follow the subsequent recipes.

Getting ready

OMS is a collection of cloud-based services that provide you with hybrid cloud management capabilities, and through four key solutions offerings, OMS provides you with flexible access to the management capabilities that you need. Each of the four solution offerings require specific cloud services to be enabled in Azure in order to access the underlying management capabilities that they provide.

How to do it...

To get started, you should determine which of the key solutions and underlying capabilities you need, and understand how the various OMS cloud services facilitate their respective capabilities. For instance, if you are primarily concerned with insight and analytics capabilities for log collection and searches, and for network health monitoring, you would make use of the Log Analytics service in Azure. If, however, you are interested in protection and recovery capabilities and would like to ensure the availability of your applications and data, you would make use of the Backup and Site Recovery services in Azure. When evaluating the key solutions, note the following capabilities included with each offering:

Insight and Analytics

Automation and Control

Protection and Recovery

Security and Compliance

Log collection and search

Azure Automation Desired state configuration (DSC)

Back up to Azure and restore from Azure

Security and audit capabilities with threat intelligence

Network health monitoring and application insights

Update management and automated remediation

Site recovery to Azure and the customer's secondary datacenters

Malware threat analysis

Application and server dependency mapping (Service Map)

Change tracking

Replicate and failover to Azure, and failback from Azure

Integration with Azure Security Center for in-depth Azure services security management

How it works...

To understand how OMS works, you need to know about the various services that enable the various management functions in OMS.

Log Analytics

As mentioned earlier, Log Analytics is an OMS service that enables you to monitor your environments' availability and performance. Log Analytics does this by collecting data from sources that you connect to the service. The following are some examples of such sources:

Windows and Linux agents

Azure VMs and resources

System Center

For Windows and Linux operating systems, Log Analytics collects data through agents that must be installed on the host computers. These agents then collect data from the server and relay the data directly to OMS endpoints. If, however, the computer(s) are part of a System Center Operations Manager (SCOM) management group, then no additional agent is required because through SCOM-to-OMS integration, and depending on the management solution enabled in OMS, the SCOM agents will collect data from the servers they are deployed to and send it either to OMS via the SCOM management group, or they will simply send the data directly to OMS.

In addition to collecting data from Windows and Linux computers and System Center, Log Analytics can also collect data from Azure resources such as Azure Diagnostics and Azure Monitor. Azure Diagnostics data can be written directly into Log Analytics, or sent to Azure storage, where Log Analytics is then able to read the storage logs. Log Analytics can also collect data from other Azure resources using connectors, which enable data to be sent from services such as Application Insights to Log Analytics. In addition, Log Analytics provides a REST API that enables data collection from other Azure services, third-party applications, and custom management solutions that can't send data through any of the aforementioned means.

Once sources are connected to Log Analytics, data sources are then collected from the various connected sources, based on data source configurations that are delivered to agents either directly, for directly connected computers, or through SCOM management packs, for agents that report to a SCOM management group that is integrated with OMS. Some examples of data sources include Windows Event logs, custom logs, Windows and Linux performance counters, and Syslog, among others.

Once the agent receives the data source configurations, it collects the specified data, and, depending on the collected data source - directly or via SCOM - it sends the data to Log Analytics. Once the collected data gets to OMS, it is then stored as records in the OMS repository. You will then be able to make use of the log search feature in Log Analytics to query and analyze the indexed data to glean insights about your cloud and on-premises environment and consume the data in various ways (visualize, alert, automate, integrate into workflows, and so on), which we will take a look at later in this book.

The following diagram depicts the flow of data from various connected sources to OMS and to the OMS repository for storage:

Automation

As mentioned earlier, the Azure Automation service lies at the heart of configuration management, process automation, and other automation-related capabilities in OMS. The Automation service uses Azure technologies and Windows PowerShell to provide you with process-automation capabilities using runbooks, and configuration-management capabilities using desired state configuration (DSC) for your Windows and Linux resources that may reside on-premises, in Azure, or other cloud service.

To automate processes such as long-running and repetitive tasks, you will make use of a set of tasks called runbooks. These enable you to perform automated processes in Azure Automation. You can perform automation tasks with runbooks just like you can with PowerShell, because runbooks in Azure Automation are based on Windows PowerShell or PowerShell workflows. Azure Automation runbooks execute in Azure and can be run against any cloud resources and any other resources that you can access. To execute runbooks against your on-premises resources, you can make use of the Hybrid Runbook Worker feature, which enables you to designate one or more computers on premises as resources, on which Azure Automation can execute runbooks to manage resources on premises.

Each worker will require the Microsoft Management Agent (MMA) and will connect to both the Automation account in Azure Automation and OMS Log Analytics. Azure Automation delivers the runbooks to the workers, and all other automation processes are executed in Azure Automation. You can then monitor the behavior of the management agent using Log Analytics. There are other considerations for making the Hybrid Runbook Worker feature highly available using groups, and we'll explore these later in this book.

Azure Automation also provides you with configuration management capabilities, using Azure Automation DSC. Azure Automation DSC is based on PowerShell DSC fundamentals, and is, in fact, a cloud-based solution for PowerShell DSC, and uses a declarative PowerShell syntax to enable you to manage, deploy, enforce, and monitor configuration for your computers. Because it is cloud based, you will manage your DSC resources in Azure Automation and apply your desired configurations to any computers on premises or in the cloud. Your computers then retrieve the configurations from a DSC pull server in Azure. You can then use the reporting capabilities in Azure Automation DSC to monitor the application according to your criteria, and identify and manage drift.

The following diagram depicts the Azure Automation data flow, process automation using runbooks in Azure and Hybrid Runbook Workers on premises, and configuration management using Azure Automation DSC:

Azure Backup

Azure Backup is one of the services that enables the protection and recovery management functionality in OMS. It is a service based in Azure that enables you to protect and restore your data from the Microsoft cloud, and includes support for the protection and recovery of files, folders, application workloads, and Azure virtual machines. Azure Backup provides various components to meet your protection and recovery needs, and depending on your protection goals, you can use one of the following components to protect your data in a Recovery Services vault in Azure:

Azure Backup (MARS) agent

System Center

Data Protection Manager

(

DPM

)

Azure Backup Server

Azure IaaS VM Backup

Note that while all Azure Backup components enable you to protect your data using a Recovery Services vault in Azure, the Azure Backup Server also enables the storage of backup data to a locally attached disk, and the System Center DPM component enables the protection of backed-up data to a locally attached disk and on-premises tape libraries. Azure Backup also provides some support for protecting Linux computers.

When storing backups in Azure, depending on the backup component you utilize, once the data is backed up at the protection point, it is compressed and stored in an Azure-based online storage entity called a Recovery Services vault, and, based on your storage needs, you can enable high availability through locally-redundant or geographically redundant storage replication. You can monitor backup metrics and connect to the OMS Monitoring solution for Azure backup..

The following figure depicts an Azure Backup data flow, a backed-up data relay to an Azure Recovery Services vault, storage replication of protected data, the monitoring of backup statistics, and the viewing of backup reports with Power BI, as well as the monitoring of backup parameters with the OMS monitoring solution:

Azure Site Recovery

Azure Site Recovery (ASR) enables the recovery management capabilities for OMS. ASR is a service in Microsoft Azure that facilitates your disaster recovery and business continuity strategy by enabling you to replicate, failover, and recover your workloads in the event of a failure. With ASR, you can replicate on-premises VMWare, Hyper-V VMs and Windows and Linux physical servers to either Azure storage or to a secondary datacenter. You can also use ASR to replicate Azure VMs to another Azure region.

ASR supports the replication of VMs in the following scenarios:

Replication and recovery to and from Azure of on-premises Hyper-V VMs on Hyper-V standalone hosts and clusters that are managed with or without System Center

Virtual Machine Manager

(

VMM

)

Replication and recovery to and from Azure of on-premises VMWare VMs

Replication and recovery to and from Azure of on-premises physical servers

Replication and recovery to and from secondary datacenters of on-premises Hyper-V VMs on Hyper-V standalone hosts and clusters that are managed in VMM clouds

Replication and recovery to and from secondary datacenters of on-premises VMWare VMs

Replication and recovery to and from secondary datacenters of on-premises Windows and Linux physical servers

Replication and recovery of Azure VMs from one Azure region to another

The ASR replication process varies according to the scenario you implement, and will be explored in greater detail in Chapter 4, Protecting and Recovering Data with OMS, of this book. In general, if replicating workloads to Azure from an on premises location, you will need to set up requirements for the Azure components, including an Azure account, a storage account, and an Azure network.

For VMWare VMs and Physical server replication to Azure, you will also need ASR component servers (configuration and process servers) and a master target server for failback. You will need to set up a Recovery Services vault in Azure, which is the storage entity that houses the data in Azure. In the vault, you can specify the replication target and source, set up the configuration server, add sources, define your replication policy, and perform other recovery tasks, such as test failovers and failbacks.

Similarly, for replicating Hyper-V VMs to Azure, if the hosts are configured in VMM clouds, you can register the VMM server(s) in the Recovery Services vault and install the Site Recovery Provider to orchestrate replication with Azure. If hosts are not located in VMM clouds, then you will install the Site Recovery Provider directly on the hosts.

Once the infrastructure is set up and the replication configured, protected on-premises machines will replicate an initial copy of the data, after which delta changes will be replicated. Traffic is then replicated over the secure internet connection or Azure ExpressRoute to Azure storage endpoints. For Azure VMWare VMs and Windows/Linux physical servers, this traffic can also be replicated over a site-to-site VPN connection.