Latest posts by Paul Schnackenburg (see all)
- Office 365 Secure Score – Securing Exchange Online - Thu, Aug 3 2017
- Office 365 Secure Score - Reporting and monitoring - Tue, Aug 1 2017
- Office 365 Secure Score - MFA for users and auditing - Mon, Jul 31 2017
Unix and Linux monitoring in SCOM 2012 ^
Monitoring Unix and Linux (*nix) machines is necessary in larger environments because there’s almost always some *nix servers; even in mostly Windows shops and SCOM 2012 brings some very important improvements. The Unix/Linux monitoring covers HP-UX 11i v2 / v3 on PA-RISC and IA64, Sun Solaris 9 on SPARC as well as 10 on SPARC and x86, Red Hat Enterprise Linux 4, 5 and 6 on both x86 and x64, Novell SUSE Linux Enterprise Server 9 on x86, 10 SP1 and 11 on both x86 and x64 along with IBM AIX 5.3, 6.1 and 7.1 on POWER.
SSCOM 2102 Linux monitoring
Compared to SCOM 2007 R2; the 2012 version drops support for Solaris 8; Solaris 11 being very new might make it into RTM, there’s also added support for the iNode filesystem. Preliminary scaling numbers indicate that you can have up to 6000 Unix / Linux computers per management group if you have 50 consoles open, 10 000 per MG if you have 25 open consoles.
SCOM 2007 R2 uses two accounts for monitoring *nix, the Monitoring account is used for 85-90% of the monitoring and was an unprivileged account whereas the Action account that’s used for Syslog gathering and agent maintenance needs to have root credentials on managed systems. SCOM 2012 “fixes” this issue that has caused major issues for security conscious *nix administrators by adding support for sudo and SSH keys.
Sudo support means that a standard account can be setup on managed machines with exactly the required amount of permissions and the latter ensures that all agent maintenance that’s done via SSH is secure. SSH keys need to be in Putty format, if you’re using OpenSSH the keys need to be converted with PuttyGen.
SCOM 2012 also adds new templates for customized monitoring, the new Process Monitor lets you monitor by count (number of processes for instance) and identifies processes by command line arguments (instead of all processes being called “java” for instance) as well as accepting regular expression input for filtering.
Java Enterprise Edition monitoring in SCOM 2012 ^
Brand new in SCOM 2012 is comprehensive support for monitoring Java Enterprise Edition (JEE, formerly known as J2E) application servers. The four most common platforms are supported; IBM Websphere 6.1 and 7; RedHat JBoss 4.2, 5.1 and 6; Oracle Weblogic 10g Rel3 and 11g Rel1; and the open source Apache Tomcat 5.5, 6 and 7 on both Windows and Linux with Websphere also supported on AIX and Weblogic on Solaris.
When you’ve imported the Java Management packs matching your environment the application servers will be automatically discovered and standard monitoring will let you know if the application server is running and if resource utilization is within defined thresholds.
If deeper monitoring is needed Microsoft offers an Open Source Java Management Extension (JMX) application called BeanSpy (known during the beta period as JMX Extender) that you load on the application server, it reports to SCOM via either HTTP or HTTPS, with our without basic authentication. BeanSpy being Open Source should allay fears that some companies might have about Microsoft code running on their application servers.
BeanSpy communicates with MBean counters (which are a bit like performance counters in Windows but more feature reach) to monitor individual applications running, frequency and time spent on memory garbage collection as well as over performance of the application server. Memory garbage collection is particularly important as the application is unresponsive during this period.
For custom monitoring SCOM 2012 offers two templates for building your own monitoring management packs; one for Monitoring and one for Performance; both lets you monitor any simple MBean property.
In the next part in the SCOM 2012 review series we’ll look at the vastly improved Dashboard functionality in SCOM 2012 and how to integrate DashBoards into SharePoint.