Monitoring Linux with SCOM 2012 R2 – Part 2: Configure SCOM For Monitoring Linux

In our last post, we went through the Installation and Configuration of a Linux Virtual Machine. In this part, we will configure System Center Operations Manager (SCOM) to be prepared to monitor UNIX / Linux systems. To accomplish this, we will need to setup a Resource Pool, import the appropriate Management Packs, Configure Name Resolution, and Configure/Assign RunAs Accounts. Let’s get started.

 

Create A Resource Pool

Log on to the Operations console with an account that is a member of the Operations Manager Administrators role.

Click Administration.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In the navigation pane, click Resource Pools.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In the Tasks pane, click Create Resource Pool.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In the Create Resource Pool wizard, on the General Properties page, enter a name and, optionally, a description for the resource pool, and then click Next.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Pool Membership page, click Add.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In the Member Selection window, enter text to filter the search results if desired, and then click Search. If you click Search without entering anything in the filter field, all available management servers will be displayed.

In Available items, select the servers that you want in the resource pool, click Add, and then click OK.

Click Next.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Summary page, review the settings and then click Create.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

When the wizard completes, click Close.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

 

 

Import UNIX and Linux Management Packs

The UNIX and Linux Operating Systems Management Packs enable discovering, monitoring, and managing UNIX and Linux computers with System Center Operations Manager. They provide both proactive and reactive monitoring of the UNIX and Linux operating systems.

In the SCOM Console, navigate to the Administration workspace.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Right-click on the Management Pack item in the navigation pane, and choose ‘Import Management Packs’. This will cause the Import Management Packs wizard to launch.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In the Import Management Pack wizard, click the Add button. You will be presented with 2 options, ‘Add From Catalog’ and ‘Add From Disk’. The ‘Add From Catalog’ option will enable you to search the catalog directly, however, most Production systems don’t have an Internet connection, which this option requires.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Therefore, we will demonstrate and choose the ‘Add From Disk’ option. When you select this option, you will immediately receive the following prompt. Since, in Production, your server probably will not have Internet access, we will choose ‘No’.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Now, you will see the File Explorer dialog. From here you need to navigate to the location of the Management Pack files. You can find the UNIX and Linux Management Packs on the SCOM Source Media.

In my lab example, I have the SCOM ISO mounted to my DVD Drive as D:, so the location of my Management Packs is: D:ManagementPacks

NOTE: As of this writing, there is an update available (version 7.5.1025.0) to the existing Management Packs from the source meida, which can be found here: http://www.microsoft.com/en-ca/download/details.aspx?id=29696.

The specific .MP files that you want to import will depend on what version of UNIX or Linux you want to monitor. To start, you will want to import the “Microsofot.Linux.Library.mp”. You will also want to find the appropriate Library and Version MP files for the edition of Linux you are monitoring.

In my lab example, since I am monitoring SUSE, I will also be importing the “Microsoft.Linux.SUSE.Library.mp” and “Microsoft.Linux.SUSE.11.mpb” files.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Once the Management Packs are displayed in the import list, click Install.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

After the Management Packs have been imported, click Close.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

NOTE: You may have to restart the following Services on the Management Server:

  • System Center Data Access Service
  • System Center Management Configuration

 

Configure Name Resolution

The SCOM Management Servers needs to be able to communicate with the Linux server. This means it needs to be able to resolve the FQDN of the Linux system, and the Linux system needs to be able to resolve the SCOM Management Server(s) FQDN.

To simplify this process in my lab, we’re going to modify the HOSTS file. On the Management Server(s), navigate to C:WindowsSystem32DriversETC and edit the HOSTS file. Note that there is no file extension on this file. The easiest way to edit the file is in Notepad.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring LinuxWhen you have the HOSTS file open in Notepad, we need to add an entry for the Linux system so that the SCOM Management Server(s) can resolve it. Once you have added the entry, save the file.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Now from the SCOM Management Server(s), ensure that you can successfully PING the name of the Linux server.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Also from the Linux server, ensure that you can successfully PING the name of the SCOM Management Server(s).

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

 

 

Configure Run As Accounts and Profiles for UNIX and Linux

You must create Run As accounts for agent maintenance operations, and for health and performance monitoring. These Run As accounts must then be associated with the Run As profiles defined in the UNIX and Linux management packs, so they can access the agents on UNIX and Linux computers.

We need to create 3 accounts:

  • UNIX/Linux Action Account
  • UNIX/Linux Privileged Account
  • UNIX/Linux Agent Maintenance Account

UNIX/Linux Action Account

In the Operations console, click Administration.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In Run As Configuration, click UNIX/Linux Accounts.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In the Tasks pane, click Create Run As Account.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Account Type page, choose the Monitoring Account option, then click Next.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the General Properties page, provide a name and description for the account, then click Next. The description is optional.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Account Credentials page, provide account credentials that can be used for the Run As account type that you selected, then click Next.

NOTE: This account does not necessarily need to exist on the Linux system yet, and you can create it later if need be.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Distribution Security page, select the More Secure or Less Secure option, then click Create.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Once the wizard is complete, click Close.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

UNIX/Linux Privileged Account

In the Operations console, click Administration.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In Run As Configuration, click UNIX/Linux Accounts.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In the Tasks pane, click Create Run As Account.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Account Type page, choose the Monitoring Account option, then click Next.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the General Properties page, provide a name and description for the account, then click Next. The description is optional.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Account Credentials page, provide account credentials that can be used for the Run As account type that you selected, then click Next. Ensure that the elevation option is set to “Elevate the account using sudo for privileged access“.

NOTE: This account does not necessarily need to exist on the Linux system yet, and you can create it later if need be.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Distribution Security page, select the More Secure or Less Secure option, then click Create.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Once the wizard is complete, click Close.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

UNIX/Linux Agent Maintenance Account

In the Operations console, click Administration.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In Run As Configuration, click UNIX/Linux Accounts.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In the Tasks pane, click Create Run As Account.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Account Type page, choose the Agent Maintenance Account option, then click Next.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the General Properties page, provide a name and description for the account, then click Next. The description is optional.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Account Credentials page, select the “User name and password” option, and provide account credentials that can be used for the Run As account, then click Next. Ensure that the privileged access option is set to “This account does not have privileged access“.

NOTE: This account does not necessarily need to exist on the Linux system yet, and you can create it later if need be.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Elevation page, select the Use ‘sudo’ elevation option, then click Next.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Distribution Security page, select the More Secure option, then click Create.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Once the wizard is complete, click Close.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Configuring Run As Profiles for UNIX and Linux

Now that you have created the Run As accounts, you must add each Run As account to the applicable profile.

In the Operations console, click Administration.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In Run As Configuration, click Profiles.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In the list of profiles, right click and then select Properties on one of the following profiles:

  • UNIX/Linux Action Account
  • UNIX/Linux Privileged Account
  • UNIX/Linux Agent Maintenance Account

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

In the Run As Profile wizard, click Next until you get to the Run As Accounts page.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Run As Accounts page, click Add to add a the Run As account that you created. Select the “All targeted objects” option, then click OK.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Click Save.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Completion screen, you may see a warning message about the More Secure accounts (if you chose this option when creating the accounts).

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

If you click on the Linux Action Account link, the Run As Account Properties dialog will appear. Click the Add button.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

On the Computer Search screen, search for the Resource Pool, and add the Linux Resource Pool that we previously created, then click OK.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Back on the Run As Account Properties screen, click OK.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Back on the Completion screen, the Warning icon will now have changed to a green checkmark. Click Close.

create-resource-pool-01-administration Monitoring Linux with SCOM 2012 R2 - Part 2: Configure SCOM For Monitoring Linux

Repeat these steps for each of the UNIX/Linux Run As Profiles.

Wow! That was a lot of work, but SCOM is now ready to monitor Linux. In the next part of this series, we will install the SCOM Agent on the Linux server.

%d bloggers like this: