images/blog.jpg

In this post i will explain how to onboard your SCOM data to Azure Log Analytics and do a health check on your SCOM management group.
We first need to have a Log Analytics workspace available. You can use an existing one or simple create a new workspace.
A nice start is to read the Best practices for designing an Azure Sentinel or Azure Security Center Log Analytics workspace post by Tiander Turpijn.

In this example i will create a new workspace using the Azure portal because i do not have one active yet.
Login to the Azure portal and go to Log Analytics workspaces.

LogAnalyticsCreate Window

Now open to the SCOM console go to administration arrow right Azure Log Analytics arrow right Connection. Then on the right select register to log analytics.
Log in with the correct account and select the Workspace you want to use for storing the SCOM data:

SCOMConnectLogAnalytics1 Window

Apply these settings and you are done!
You can check the connection in the Azure portal:

SCOMConnectLogAnalytics2 Window

We now need to load the solution that will do the health check for us. Go to the marketplace and look for System Center Operations Manager Health Check.

SCOM Azure Healthcheck1


The solution will inform you that extra configuration is needed. When you click on this link it will show a download for a Powershell script called SCOMAssessmentConfigure.ps1 and some instructions how to run it in your SCOM environment.
I created a new service account for this action and configured it in the Run As account used in this setup:

SCOM Azure Healthcheck2

It can take up to 4 hours before data will be available in Azure.

And there it is:

SCOM Azure Healthcheck3

Zooming in gives you more specific information:

SCOM Azure Healthcheck4

I think this solution is awesome and very helpfull giving insight in the technical configuration on your SCOM management group.

Monitoring rules!!

Volg ons op: