Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft Operations Manager 2000

Published byGeorge Cooper Modified over 7 years ago

Similar presentations

Presentation on theme: "Microsoft Operations Manager 2000"— Presentation transcript:

1 Microsoft Operations Manager 2000
Ian Blyth Principal Systems Engineer Microsoft Ltd MOM is for companies running Windows 2000 and the dot‑net enterprise servers, as well as BackOffice applications and Windows 2000‑hosted applications and services. It addresses key management tasks for your Windows enterprise, including… Core management infrastructure, including event management, pro‑active monitoring and alerts, reporting, and trend analysis. MOM is used for monitoring the health and activities of Windows 2000‑based servers and dot‑net Enterprise servers such as Exchange 2000, SQL Server, and Commerce Server. MOM can also be used to manage Microsoft BackOffice applications. And it can be used to manage applications and services that are hosted within the Windows 2000 environment. Because of the comprehensive nature of these functions, you can use MOM as a central, single point of monitoring and control for your Windows 2000 environment.

2 Taxonomy Of Windows Management Solutions
Partner solutions built on Microsoft management products or directly on Windows Value-add Microsoft Products Third Party Solutions Microsoft Management Products for the Enterprise Shipped in Windows Function Solutions for Consumers and Small Biz Common Infrastructure Less # of Windows IT & Admin/IT skill-set More

3 Management Products Desktops Laptops PDAs Web Servers Web Services
Application Servers Database Mail Other

4 MOM 2000 Scaleable Windows Operations Management
Policy-based management based on rules Extremely powerful and scaleable event consolidation processing infrastructure Out-of-the-Box knowledge for monitoring provides instant return on investment Install the entire MP: no need to pick-and-choose rules This triage – what is important to know about – has been made for you! Self-managing Easy to use, flexible, self deploying Based on NetIQ’s Operations Manager technology, licensed to Microsoft in October 2000 MOM is designed to be the “data center console” for businesses that have heavily invested in – or plan on migrating to – Windows 2000 and dot‑net enterprise servers. MOM excels at event consolidation, and can be used for creating management policies. Key point that although MOM is new to MS it is not a v1 product. Microsoft bought NetIQ OM v3.3 which already was an established product with a large market share. Being rules based means it is fast and hardly takes up any time on the host CPU. Unlike some competitor’s products MOM is easy to deploy and get running. ITG have scaled it up to 1000’s of servers. This is a key focus. It starts working at once without someone having to spend time deciding on what to monitor. The knowledge built into MOM is a big advantage which will be covered later. Uses SNMP and WMI (WBEM). MOM can also be enhanced with add‑on Management Packs from either Microsoft or Microsoft partners such as NetIQ.

5 MOM 2000 The main defense Design Philosophy:
“listen for everything, advise on exceptions” Management by exception: “watches everything – just in case!” Interprets event/performance data generated by each app & service Additional performance monitoring through synthetic transactions Identifies components not meeting availability / performance criteria Monitoring policies simplifies / standardizes mgmt of server groups Automated actions in response to alerts

6 Proof Point: Microsoft IT
Benelux Stockholm Munich Dublin Chicago Milan Building 11 Les Ulis Tokyo Silicon Valley Madrid Los Colinas Charlotte Singapore Sydney Regional Collection Centrally manages ~7,300 production servers located in 168 sites Regionally collect events and forward critical alerts to the console All MOM alerts reported centrally (Redmond WA) < 2 minutes Global Event Forwarding

7 Microsoft IT Metrics Daily Averages The value of MOM
Monitors >9000 servers WW from a single location Analyses 100% of all AD & Exchange events generated Exchange: processes 42k events, collects 1.2M instances of performance data, issues <1 alert per server/day AD: Issues less than 3 operator alerts per AD DC per day The value of MOM Before MOM: Multiple products required 35 operator alerts investigated for each trouble ticket raised 100% AD problem investigations in response to helpdesk calls Since MOM: MOM is the sole manager of OTG servers Intervention to trouble ticket ratio dropped to 3:1 97% all AD issues fixed proactively

8 Daily Event Processing
Managed Servers Collector/Gatherer Security DB 31.5 Million Events Collected Forwarded 31.5 Million events Alert Console 3.5 Million Alerts 120 Million NT Events Forwarded 85 Million events discarded Agent processes 1,073 rules 35 Million Events/Alerts 1100 Alerts = 180 SRs Log volume by percentage: 90% security log, 8% application log and 2% system log. On average, each managed node generates 24,000 events/day. The local event agent processes each event (one event in every 4 seconds). 35 Million Events/Alerts collected daily Security Events: 31.5 Million Application Events: 2.8 Million System Events: .7 Million Alert delay to the central Console under 2 minutes globally. The left hand column shows the total number of SL0 3 managed devices. On a daily basis Microsoft processes about 120 Million events in our enterprise. What this means is that on average each server will generate approx. 24,000 events per day. The processing agent must determine what is important and what can be discarded. An alert is an event that is forwarded to a centralized console. - An event can be collected for correlation or reporting purposes. The agent on the managed node can forward alerts to central console. - Forward and collect events for availability reporting or correlation. - Can invoke an automation script to fix a problem - Can notify by paging, or back into the event stream. - The collector is the consolidation point for all alerts and events.

9 MOM Architecture Overview- Flexible, scalable, adaptable
Web Console Agents: Execute local Management Packs Collect and analyze event, performance and configuration data Event correlation, automated response Single instance Consolidator/Agent Manager: Dispatches Management Pack Funnels data to/from Agents and DAS Dynamically installs, configures, updates uninstalls Agents Central event correlation, automated response Database Access Server: Brokers data between Consolidator and DB This builds to show how MOM is made up. Agents run on the servers. The appropriate rules are copied to the server and constantly run against the events etc. As they are rules and not scripts they are fast. Responses to rules can occur at the agent or at the consolidator. The MOM server is two parts. The first bit is the DCAM. (DAS, Consolidator and Agent Manager). This needs to run on Windows 2000 with SP2. The first bit is the CAM. It is done like this as NetIQ allowed the splitting of the components across multiple servers but MOM needs all three parts to be on one server. The Agent Manager is responsible for finding servers that match the criteria that have been set. That is all Exchange servers of all servers in DomainX called LON*. Ones they are found a regscan is done to find out what the server is running (IIS, DNS, DHCP etc). The AM puts the server into the right group and then sends down the rules associated with that computer group. The agents can be installed automatically with no intervention or it can be set to be manually authorised first. AM is also responsible for removing agents from the servers. The Consolidator is responsible for receiving alerts and information from the agents. It can also run responses on the DCAM server. A SQL Server 2000 database is the last part of the MOM setup. MOM comes with MSDE but this should only be used for pilots as MSDE has a 2 GB limit. SQL Server can be installed and run on the DACM server but this is only recommended for small environments. The database houses al the rules, knowledge and collected events and alerts. There are grooming rules for the database to stop it getting too large. The type of grooming will depend on what each customer wants from MOM. While a single DCAM server can deal with between 600 and 800 agents it may need a second DCAM for larger environments. This also provides a degree of redundancy. In some situations certain parts of the organisation may want to collect there own information. In this case a second DCAM and SQL database is created. This is a second configuration group. One popular scenario is to have a second group for security events. The security team are not interested in operational issues and operations are not interested in security matters. The good thing is that there is only one agent and the rules are run for both configuration groups correctly. To view the information there is an MMC console and a web console. It should be noted that all consoles are free unlike some competitiors. Database: Events and alerts Management Pack Policies Performance and capacity Resolution workflows Views Reports

10 Deploying MOM … MMC UI MOM Server Domain DC W2K01 W2K02 W2K09 EX01
Attributes Computer Group Def. Rules Views MMC UI MOM Server Domain DC W2K01 W2K02 W2K09 EX01 EX01 added to Exchange Computer Groups Associated to Exchange Rules rules run locally alerts, events, and perf sent to MOM server Heartbeat from EX01 MOM Server passes down new EX01assigned rules Collects Atrributes (Registry Keys) Install Exchange Management Pack Walk them through a quick MOM deployment: -install the MOM server – with SQL MOM needs a domain but it can be NT4 as well as AD -then configure MOM to manage domain\w2k* You now decide to put in Exchange and manage that. The Exchange management pack is installed on the MOM server and stored in the SQL database This contains info on what makes a server an Exchange server as well as the rules You need to add the exchange servers to the Global Configuarations of servers to be managed (domain\ex*) MOM scans to find servers -MOM installs the agents and starts communicating with the MOM server (heartbeats) -now Rules are installed on the MOM Server – explain how this works -Attributes collected so mom classifies computers into the right groups -once computers are in a group associated to a PRG Rules are downloaded -results of the rules are sent back to the MOM server – stored in the DB and displayed on the UI

11 MOM Demo

12 It’s All About Knowledge
INVESTMENT PRESENTATION KNOWLEDGE INSTRUMENTATION This is the most significant slide. Presentation and instrumentation have been around for a while so it is fairly well done in all packages. The different ion going forward will be the knowledge. Not just event x has happened but event x has happened, here is why and here is what you should do about it. This is an area that Microsoft has invested in. The rules are not written by the MOM team but by the teams that wrote the product. So the Exchange team wrote the Exchange rules and the AD team wrote the AD rules. They are the ones who decided that if event x happens it should be written into the event log. Therefore they know why and what should be done about it. Going forward we will want to feed PSS knowledge into MOM. So as Q and KB articles are written rules can be written that customers can download into Mom to ensure that they are running the servers against current bets practices. Customers can also add their own local knowledge into MOM so that the organisation can benefit. It also measn that if one person l,eaves that knowledge is still retained by the organisation. 1995 2000 2005

13 Management Pack = Knowledge
Processing rules Processing rule groups Computer groups Computer attributes Notification groups Providers Scripts Views In MOM that knowledge is made up as a management pack. The heart of which is the rules. There are over 11,000 rules shipping from Microsoft. These rules are group together and associated with a computer group. A computer group is defined by the computer attributes (i.e. a registry key that says this server is running IIS 5 etc) To simply responses to rules notification groups make it easy to send alerts, messages to a select group. Providers are log files, WMI events, performance monitors, SNMP traps etc. A number of scripts are provided to do checks in response to various alerts. These can be looked at and used by the organisation to build other scripts. It is very simple to create different views of the alerts. For example a view can be create to show just Exchange alerts or a view that shows critical alerts from a group of servers in the last two hours.

14 MOM Operations Manager 2000 Base License
Modules Windows NT 4.0 (limited) Windows 2000 Windows 2003 Event Collector (Default Windows Events) Active Directory™ Group Policy Terminal Server IIS 4, 5 & 6 .Net Framework Hardware via WMI Windows SharePoint Services Windows Media® Services 9 Series Component Services (MTS) DNS DHCP WINS RRAS MSMQ MSDTC NLB MSCS (Cluster Services) WSRM (Windows System Resource Manager) FRS MOM The Base Management Pack is the stating point and is licensed per processor of the managed systems. There is no costs for management or web consoles so these can be used throughout the organisation as needed. All the monitoring for all parts of Windows 2000 is included. A limited support for NT4 Servers is included but for a more comprehensive package the NetIQ agent is needed. It will only do heartbeats, uptime and system event log. Note that the processors on the MOM servers must be licensed. These rules and knowledge in these packs are being created by the product group that has written the application to ensure the best information is available. This knowledge is supplemented by MCS and PSS knowledge. Normally for Back Office and .Net Enterprise Servers you would also need the application management pack. The base licence also covers MOM so it can manage itself, all SMS servers and the BizTalk team have included the BizTalk pack as part of their licence so only the base licence is needed.

15 MOM Operations Manager 2000 Server Application License (AMP)
Modules Exchange 5.5 and 2000 SQL Server 7.0 and 2000 Proxy Server 2.0 and ISA Server 2000 Site Server 3.0 and Commerce Server 2000 SNA Server 4.0 and Host Integration Server 2000 Application Center Server 2000 Modules that only require base license Exchange 2003 BizTalk 2002 Ent Ed & 2004 SharePoint Portal Server 2003 Microsoft Identity Integration Server 2003 Microsoft Office Live Communications Server (LCS) 2003 Microsoft Office Project Server 2003 SMS 2.0 and 2003 The Application Management pack is also per processor (on top of the Base Management Pack). This is to manage all Back Office and .Net servers. Additional modules will be released as new products are released or existing ones upgraded. These Application Management Modules offer great assistance to support teams by providing access to the knowledge base of the various Microsoft application and server development teams and by using easily understood, human‑language responses in the diagnosis and resolution of common application issues.

16 NetIQ XMP Library Microsoft Technologies XMP for Windows NT 4 Base
XMP for Windows NT 4 Apps XMP for Windows Analytics XMP for Microsft Apps Analytics Hardware XMP for Server Hardware Compaq/HP, Dell, IBM Upcoming: Brocade Switches Security Management XMP for Windows Security XMP for Anti-Virus McAfee, Symantec, Trend Micro Security Analyzer MP Third-Party Applications XMP for Oracle XMP for Lotus Domino XMP for Web Services Management Connectors Tivoli Enterprise Micromuse Netcool HP OpenView Operations HP OpenView Network Node Mgr NetIQ AppManager NetIQ End2End Platform Agents XMP for Novell Netware XMP for Sun Solaris XMP for Red Hat Linux Upcoming: IBM AIX and HP-UX

17 Other Partners Extending MOM
HP – Insight Manager Dell - OpenManage Citrix – MetaFrame XP and WMI Provider Quest – integration of Spotlight with MOM eXe – WMI Event Providers for MVS, AS400, Unix, Linux & network equipment Metilinx – UNIX, Linux HP - HP Openview Service Desk Netreon – Brocade SAN management CA Unicenter TNG – connector included in latest version JalaSOFT - Cisco Network Devices, APC UPS, F5 BigIP Full Arour Audits GP changes and feeds into MOM Actional Web Services MP Unicenter Web Services MP Amberpoint NetPro Skywire – iWave Integrator Veritas

18 Itheon TotalView for MOM
Service Level Management representation from MOM data Business Service View Business Process Geography Responsibly

19 Creating you own Management Pack
MOM Demo Creating you own Management Pack

20 MOM Integration with Heterogeneous Systems

21 Connecting MOM and Third Party Management Systems
e.g. Tivoli, HP Openview, etc. MOM Management Group MCF Product Connector Product Connectors Available in Resource Kit Tivoli TEC HPOVO HP NNM MOM Generic (web service) MCF Web Service MCF Management Pack

22 Extending MOM Heterogeneous platform support
MOM MP for IBM AS/400 MOM MP for IBM z/OS MOM MP for non-Windows Unix, Linux Networking equipment, Firewalls, Power devices SAN, NAS Applications Any Vt100, Telnet and/or SSH capable device SNMP All products ship with the same components: WMI Event Provider (generates extrinsic events) MOM MP Reports Support Tools Configuration Tool (Win32 GUI) Management scripts (provide same functionality as Configuration Tool) Software License Program

23 Extending MOM Heterogeneous platform support
Get Connected! MetiLinx Connector for MOM captures unique, correlated system health measurements. It then normalizes and integrates this data with MOM, enabling managers to greatly expand this already powerful tool. MetiLinx can transform MOM into a heterogeneous tool for analysis and reporting. Features and Benefits: Monitoring and analysis of: Windows NT 4 Windows 2000 Windows 2003 HP-UX Solaris AIX Linux Monitoring of non-Microsoft server hardware. Management of non-Windows partitions and powerful virtualization capabilities allow groups of servers to be monitored and measured as one entity, to conform more closely with business SLA’s Centralized alerting Advanced analysis and reporting

24 Able to Handle Solaris, AIX, HP-UX
Also Supports RedHat and SuSE Linux Sends data from non-Windows platforms to MOM MOM and the MetiLinx Connector can now alert on non-Windows platforms

25 Microsoft Solutions For Management
Increases your effectiveness of managing an IT Lifecycle Address primary workloads People, process, and technology Plan, build, deploy, operate Microsoft Management Technologies Solution Accelerators Software Update Critical Patching Desktop Deployment New Desktop Provisioning Account Management Applications Deployment Server Deployment Server role provisioning Service Monitoring Custom MOM reporting

26 Service Monitoring Solution Accelerator
Master Config Group Guidance about which parameters should be monitored Design different configurations Multiple geographic locations Apply MOF IT processes for incident management Build MOM custom reports SQL Reporting Services Templates, Whitepaper Agents MOM DB MOM DB MOM DB Agents Agents Zone Config Group A Zone Config Group B

27 Futures MOM 2005 and System Center

28 MOM 2005 New Look

29 Alerts View

30 MOM 2005 Web Console Web Console Alerts View

31 State View

32 Diagram View The Diagram view is a powerful visualization platform that can be customized for the needs of the organization. Features include: Customizable placement of items on the surface Automatic layout and routing of connecting lines Management Pack designated service discovery, highlighting application topology (Example Active Directory Site Topology). Export to Visio Drill in for Computer Groups Customizable visibility of links, through expanding/contracting of levels Zoom in & out Background images, assignable by user (Administrator or Author) Pivot to other views Run tasks on one or many computers

33 Console Task (Response)

34 MOM 2005 New Reporting

35 Reporting Based on SQL Reporting Service and the System Center Data Warehouse: Long term data storage Customization Dynamic/Sophisticated reports Per report security Exporting data to other formats Service specific reports out of box Summary reports Capacity and performance trend graphs Operations reports Resources Availability and Reliability Capabilities View or print Publish to Web site Schedule generation offline

36 MOM 2005 Reporting MOM 2005 Reporting Console

37 Service Monitoring Version 2.0 (H2CY04)
db Developed for MOM2005 Auto-ticketing Best practice guidance on alert to ticket properties mapping with sample code snippet Service Continuity Minimize MOM down time in the event of a disaster Notification workflow Send MOM notification to a different target Alert Tuning Optimizing MOM management packs Tiered Data Warehousing Propagate data from multiple MOM 2005 management groups into a central System Center data warehouse

38 Service Monitoring Auto Ticketing Scenario for MOM2005
Exchange Enterprise Management Data Center db Management Framework Exchange db Incident Ticketing Systems MOM Connector DOS Exchange db MOM 2005

39 Custom Reporting SQL Reporting Services
MOM Connectors for other 3rd Party Management tools Record Failure Events Enterprise event collection Rules based filtering and consolidation Proactive alerting/action response Performance thresholds MP - Rules libraries Built-in knowledge- base Automated Action MOM - Automated Script, , Pager, Send to other tools… MOM Performance collection MOM Event collection Enterprise Incident Management Practice Historical DB Data Reporting Management Trend reports Whitepaper for Custom Reporting with SQL Reporting Services

40 Distributed Enterprise
System Center 2005 Reporting Server Distributed Enterprise

41 Distributed Enterprise
Desired State Capacity Planning Data Warehouse Reporting Server Distributed Enterprise

42 MOM 2005 Schedule Beta 3 March 10 Release Candidate June RTM CYQ4
Guest ID = MOM2005Beta Release Candidate June RTM CYQ4 RTM + 60 Localized (Japanese, German, French)

43 Case Studies Avenade ALTO Group/ClearPointe Australian Taxation Office
CenterBeam Cinergy Commonwealth Games (Manchester, UK) Erste Bank GmbH Greater Shepperton City Council (Australia) HNTB Corporation Intersil Microsoft Operations Technology Group OTP Bank Rackspace Managed Hosting Scottish & Southern Energy (UK) SUVA WCI (UK) Case studies on the web.

44 Microsoft Operations Manager Solves the Management Issues
Enables single-point-of-management of highly distributed enterprise Proactively delivers on service level management Scales both technologically and organisationally Eliminates the need to “manage the management system” W e n t s M I E v a t i o n i c A p p l Centralised management for a distributed environment that most organisations are in. It has service level management built in so if problems are not being dealt with they are automatically escalated. It can be split for various groups but still feed into a single alerting database. It manages itself and does not need a large overhead just to look after itself. Diagram shows all the different feeds that MOM can use. t s P e r f o r m s 2 E v e n a n c e T h r e i n d o w s h W o l d s Operations n n i n g D a t a Manager W a i n d C a p a c i t y P l o w s N T E v e n t s U N I p s X S T r a y s M P t e m S N L o g s

45 Resources Microsoft Operations Manager 2000 Management
Management Microsoft Solution for Management Microsoft Management Alliance Microsoft Systems Management Server v2 Microsoft Application Center 2000 TechNet Slide Objective: Where to go for more info

46

47 MOM Demo Backup slides

48 ASP-SQL Error > ASP SQL Alert! Back End SQL Server MOM Server
(based on ‘n’ events) (based on 2 events) Back End SQL Server MOM Server IIS Server 2 IIS Server 1 Event Event Event Event Web Clients

49 Pinpointing problem, event consolidation and company knowledge
ASP SQL Demo Pinpointing problem, event consolidation and company knowledge

50 Security Scenario Login Attack
A security administrator wants to monitor the number of servers in a domain where more than 3 unsuccessful logon attempts have been logged within a 30 second time span When the number of servers where such an occurrence is verified is greater than 10 in the space of an hour, the administrator wants to create a security breach alert

51 { The “Engine” } Consolidation rule Event rule Timed rule
Consolidate all 529 events within 30 seconds Timed rule Consolidation rule Event rule ID 529 Repeat Count > 3 } GlobalFailedLogons++ Agent Consolidator GlobalFailedLogons { <= 10 then GlobalFailedLogons = 0 > 10 then create alert GlobalFailedLogons = 0

52 Processing Rules Consolidation Rule
Bundles all events that happen within a time span Event processing Rule Increments a global state variable if criteria is met Timed Rule Triggers a script that: Resets state variable OR Generates an alert and

53 Consolidating events from multiple servers
Login Attack Demo Consolidating events from multiple servers

54 Code Red Worm Self-propagating malicious code
Attempts to connect to TCP port 80 on a randomly chosen host Attacking host sends a crafted HTTP GET request to the victim Worm activity on a compromised machine is time sensitive Day : The infected host will attempt to connect to TCP port 80 of randomly chosen IP addresses in order to further propagate the worm. Day : A packet-flooding denial of service attack will be launched against a particular fixed IP address Day 28 - end of the month: The worm "sleeps"; no active connections or denial of service

55 Code Red Demo Monitor for Code Red by checking threshold for Total Not Found Errors on Web Service

56 WMI Architecture And Events
WMI Consumers (MOM, scripts, etc) CIMOM Common Information Model Repository Query Service Event Service WMI Providers Exchange .NET NT Event Log SQL Server SNMP Active Directory

57 Using WMI Event Queries
Use WQL (a SQL subset) to define event subscriptions Queries specify: What kind of event you want to receive What conditions are necessary for an event If applicable, how often to watch for changes State change events vs. system events WMI events can be from Windows® or .NET applications – there is no difference

58 State Change Example: Check every 10 minutes to see if any logical drive has fallen below 10MB of free space Select * from __instancemodificationevent WITHIN 600 WHERE TargetInstance ISA ‘Win32_LogicalDisk’ AND TargetInstance.FreeSpace < AND PreviousInstance.FreeSpace > Event received is an __instancemodificationevent object There are also creation and deletion events Polling is generally needed but there are exceptions. Events come from monitoring changes in instance data The current/previous instance data is returned as embedded objects for modification

59 System Events Example: Send an event when a power state event occurs in the system Select * from Win32_PowerManagementEvent Event received is a Win32_PowerManagementEvent object No polling required; event is driven from an actual notification/callback

60 Sound Volume Demo Alerter Service Demo
Using WMI to monitor and take multiple actions

61 Rules and Notification Groups Processing Rule Groups
Processing Rule Group (PRG) Computer Group (CG) KEY MESSAGE: Processing rule groups consist of related processing rules, like event rules, performance rules and alert rules, that managed a specific application or environment through providers that can collect required data, criteria you can define for events, and responses. SLIDE BUILDS: 6 SLIDE SCRIPT: [BUILD 1] We start with a processing rule group. This is a group of event, performance, and alert rules related to a specific environment, like Windows 2000, or Active Directory, or to a specific application like DHCP, Exchange 5.5, or SQL Server Server. [BUILD 2] These are related to computer groups. We looked at computer groups earlier. Those are just groups of computers that share a specified criteria. For example, the processing rule group for DHCP is realted to the computer group DHCP servers. [BUILD 3] Next we have the event, performance and alert rules. These provide the following: [BUILD 4] Providers. Providers allow the collection of information from various sources such as the Windows NT/2000 Event Log, WMI sources, SNMP and log files. [BUILD 5] Criteria. Criteria determine what we’re looking for, or events that will trigger alerts, and so on. [BUILD 6] Finally there are responses. A response is an action that Operations Manager initiates when a processing rule match occurs. Notifications, command or batch files, scripts, and SNMP traps are examples of possible responses. Responses that occur on the Consolidator computer are central responses. Responses that occur on the agent computer are local responses. SLIDE TRANSITION: Now we’ll take a closer look at the types of processing rules. ADDITIONAL INFORMATION FOR PRESENTER: MOM User guide: (pages 41-51) Provider NT Event Log WMI SNMP Log Files Criteria Where source=DCOM and EventID=1006 Response Alert Script SNMP Trap Notification

62 “Sources” for MOM

63 Application Log IIS Logs Unix Syslogs SQL Trace Logs
Generic Single Line provider Text file with CR

64 Creating Your Own Rules Demo
Creating an event rule with multiple responses

65 What if there is no event?
Use a timed rule to run a script Scripts have context objects that allow then to alert into MOM Scripts can be VBScript, JScript or Custom - Perl or Rexx for example All scripts provided are visible and so can be used as templates for your own scripts

66 Script rule to regularly check a server is alive
Script Demo Script rule to regularly check a server is alive

67 Monitoring and Reporting Reporting
Provide useful reports Out of box 140+ predefined reports Summary reports Capacity and performance trend graphs Operations reports Application specific monitoring of resources, traffic, availability View/print reports on demand Publish reports on the web Schedule offline generation of reports KEY MESSAGE: Operations Manager comes with 140 predefined reports providing a wide range of information. SLIDE BUILDS: None SLIDE SCRIPT: Out-of-the box, Operations Manager comes with over 140 predefined reports including reports for: Windows NT/2000 Active Directory Internet Information Server Windows Terminal Server Remote Access Service You can additional reporting with the Application management packs. These reports range from summary reports to capacity and performance trending reports, operations reports, and application specific reports on resource usage, and availability. You can view and print reports from the web or locally if MS Access is installed. You can create reports for use by others, and publish reports on the web. You can also schedule off-line generation of reports. SLIDE TRANSITION: Let’s look at some typical scenarios for reporting. ADDITIONAL INFORMATION FOR PRESENTER: MOM User guide: (pages 31-33)

68 Reports via Access or Browser Reporting against a reporting database
Reporting Demo Reports via Access or Browser Reporting against a reporting database

Download ppt "Microsoft Operations Manager 2000"

Similar presentations

IBM SMB Software Group ® ibm.com/software/smb Maintain Hardware Platform Health An IT Services Management Infrastructure Solution.

IBM SMB Software Group ® ibm.com/software/smb Maintain Hardware Platform Health An IT Services Management Infrastructure Solution.
Xtremesoft and Understanding AppMetrics in the.NET Environment © Xtremesoft, Inc.

Xtremesoft and Understanding AppMetrics in the.NET Environment © Xtremesoft, Inc.
The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
System Center 2012 R2 Overview

System Center 2012 R2 Overview
Introduction to Systems Management Server 2003 Tyler S. Farmer Sr. Technology Specialist II Education Solutions Group Microsoft Corporation.

Introduction to Systems Management Server 2003 Tyler S. Farmer Sr. Technology Specialist II Education Solutions Group Microsoft Corporation.
Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.

Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.
Integrating The Datacenter OpalisRobot MOM Operator.

Integrating The Datacenter OpalisRobot MOM Operator.
WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
1 ECM System Monitor in the CMOD Environment. © 2013 IBM Corporation Enterprise Content Management IBM ECM System Monitor Improve Availability / Lower.

1 ECM System Monitor in the CMOD Environment. © 2013 IBM Corporation Enterprise Content Management IBM ECM System Monitor Improve Availability / Lower.
Microsoft Operations Manager (MOM) 2005 Allen G. Abrahamson Principal Systems Engineer National Technology Team June 28, 2015.

Microsoft Operations Manager (MOM) 2005 Allen G. Abrahamson Principal Systems Engineer National Technology Team June 28, 2015.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Session Objectives And Takeaways Identify the role of Service Manager in the System Center suite Service Manager - Integrating People, Process and Technology.

Session Objectives And Takeaways Identify the role of Service Manager in the System Center suite Service Manager - Integrating People, Process and Technology.
Slide 1 of 9 Presenting 24x7 Scheduler The art of computer automation Press PageDown key or click to advance.

Slide 1 of 9 Presenting 24x7 Scheduler The art of computer automation Press PageDown key or click to advance.
ADM393 Extending MOM with SDK2 and Building Connectors Martin Dey Sr. Product Manager Enterprise Management Division.

ADM393 Extending MOM with SDK2 and Building Connectors Martin Dey Sr. Product Manager Enterprise Management Division.
Winter 2005-2006 Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.

Winter Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.
Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.

Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.
Security Overview for Microsoft Infrastructures Fred Baumhardt and James Noyce Infrastructure Solutions and Security Solutions Teams Microsoft Security.

Security Overview for Microsoft Infrastructures Fred Baumhardt and James Noyce Infrastructure Solutions and Security Solutions Teams Microsoft Security.
An Introduction to IBM Systems Director

An Introduction to IBM Systems Director
Module 7: Fundamentals of Administering Windows Server 2008.

Module 7: Fundamentals of Administering Windows Server 2008.
Microsoft ® System Center Service Manager 2010 Infrastructure Planning and Design Published: December 2010.

Microsoft ® System Center Service Manager 2010 Infrastructure Planning and Design Published: December 2010.

Similar presentations

Ads by Google