In the first part of this series, we introduced the confusion and complexity that tends to occur when looking at the long list of monitoring tools available for Azure.
We then provided a list of currently available tools that we will explore further.
- Part 2: Activity Logs
- Part 3: Application Insights
- Part 4: Azure Advisor
- Part 5: Azure Alerts
- Part 6: Azure Diagnostics
- Part 7: Azure Metrics
- Part 8: Azure Monitor
- Part 9: Azure Security Center (ASC)
- Part 10: Network Watcher
- Part 11: Operations Management Suite (OMS)
- Part 12: Service Health
- Part 13: System Center Operation Manager (SCOM)
- Part 14: Summary
We’ve already discussed Azure Activity Logs, Application Insights, Azure Advisor, Azure Alerts, Azure Diagnostics, Azure Metrics, Azure Monitor, Azure Security Center (ASC), and Network Watcher. The next tool on the list is Operations Management Suite (OMS).
Operations Management Suite (OMS)
The Operations Management Suite (OMS) is also commonly referred to as “Log Analytics”. So if you see/read any references to Azure Log Analytics, it is referring to the same technology.
If you have been following along with this series, you will know that some of the solutions found in OMS, are now being brought into other monitoring services (i.e. Azure Monitor, Azure Security Center, Network Watcher).
Additionally, over the past little while, there have been many changes to OMS, including:
- Upgrade to a new Analytics Language
- Interfaces being merged into the Azure Portal experience
- Announcing the depreciation of the “classic” OMS portal
Basically, OMS is Microsoft’s hybrid IT management platform. It can monitoring resources, performance, collect logs, networking data, security information, etc. And, if you’ve read the Azure Monitor portion of this series, more and more is being merged into that all-encompassing service solution.
Also, something worth sharing is that OMS has different categories of offers. This is how some solutions are grouped. There are 4 primary categories, namely:
- Insight & Analytics
- Automation & Control
- Security & Compliance
- Protection & Recovery
But you may notice how most of the existing OMS solutions do not necessarily fall within one of these categories. It can be a little confusing, but just keep in mind that most solutions are loosely grouped under the Insights & Analytics category. For a quick and easy reference, there is a table that Microsoft created to show what category, pricing tier, etc. a solution falls into. You can find that table here.
Here is the official documentation about What is Operations Management Suite (OMS)?
Real Word Example
The real-world example of using OMS is (in my opinion) obvious. It’s a monitoring and management platform. So this means you can monitor your systems, applications, networks, etc. You can track issues with performance, security, patching, and so forth.
But, in the interest of consistency for this series, we’ll look at a few common uses that many organizations are leveraging OMS for.
Now, most companies will already have a patch management solution; and in a lot of cases, that solution is System Center Configuration Manager (SCCM). And yes, SCCM can tell you what patches are missing in your environment.
But the experience in OMS is more visually appealing, AND, it also reports against Linux systems!
Another real-world example is with Security. OMS has 2 solutions that fall under the Security & Compliance category; namely Security & Audit, and Antimalware Assessment.
The Security & Audit solution is very robust and contains elements for Identity & Access, Threat Intelligence, Baselining, Network Security, etc.
If you’ve followed along with this series, again, you’ll notice that some of these are starting to appear in other Azure services like Azure Security Center (ASC).
How many times, when something breaks in your environment and you ask “what changed?”, you get the standard response: “Nothing”.
With OMS, and in particular the Automation & Control offering, you gain access to the Change Tracking solution. This solution really helps to drill into what’s changing in the environment.
So, in an investigation or troubleshooting scenario, you can very easily see what Files, Registry, Software, or Services have changed. But note that it also detects changes for Linux system via Daemons.
The last example is the various Assessment solutions. Take note that there is more than one assessment solution, in fact, to-date there are 3.
- AD Assessment
- SQL Assessment
- SCOM Assessment
Note: There are other solutions with “assessment” in their title, but are a part of different OMS offers (like “Antimalware Assessment” or “Update Assessment”).
But the other true “assessment” solutions, help you check your environment and workloads (i.e. Active Directory, SQL Server, System Center Operations Manager) against Microsoft and industry best practice; as a proactive spot-check.
In conclusion, the Operations Management Suite (OMS) is (at this time) the current central hybrid monitoring and management platform. But, as we’ve seen throughout this series, and in particular in the Azure Monitor article, this is shifting.
All the functionality and power behind OMS is being folded into Azure Monitor and various other services, to unify the platform. This allows for deeper and richer integration across all resources and services in Azure, empowering for a better monitoring experience.
The next tool in our series will be the Service Health.