Post on 19-Sep-2020
Avoid Monitoring Mistakes in the CloudPart 3 of the “Tackle IT Trouble” Webinar Series
Today’s speakersCameron Fuller, MVP
Solution Director @ Catapult Systems
@CFullerMVP
Brian Wren
Cloud + AI Developer Relations @ Microsoft
@MPAuthor
“Monitoring is the eyes and ears of Management”
– John Joyner
In IT, the last place we ever want to be is blind and deaf on any of our core applications, servers or services -regardless of where they reside.
– Cameron Fuller
4
• Systems, Applications & Services must be monitored whether they are on-prem, in the cloud, or hybrid
• Monitoring tools can run on-prem, hybrid, or in the cloud
• Systems must be monitored if they are physical or virtual (Windows Virtual Desktop (WVD) as an example)
• Monitoring tools cannot be isolated they have to work with IT Service Management (ITSM)
Monitoring tools should not care if you are in the cloud or not
When to use the various Microsoft Systems monitoring solutions
Things to avoid
The world is evolving
It’s not onlySCOM…
Which Microsoft monitoring solutions to use when?
7
Microsoft tools for monitoring or diagnostics
• System Center Operations Manager (SCOM)
• Azure Monitor / Log Analytics
• Azure Management Portal, API or PowerShell
• Built-in windows tools
• task manager, process monitor, resource explorer, event viewer
• Windows Admin Center
* Microsoft article for reference for all tools
including 3rd party
8
What tool(s) do you use for monitoring?
• Microsoft tools (SCOM, Azure Monitor, Log Analytics)
• Non-Microsoft tools
• We don't use any tools for monitoring
Poll slide
9
• SCOM & Azure Monitor are different but designed to be complimentary to each other
• Key benefits include:
• Leveraging KQL/Kusto to analyze data over multiple sources & interactively work with your data
• Pre-built solutions built for Azure Monitor (going to Insights)
• Monitor the Monitor scenarios
SCOM & Azure Monitor: Better together
* Check out Brian’s article with SquaredUp:
“Fill SCOM gaps with Azure Monitor”
Demo
The power of Kusto
11
• This is just a side-note but it’s relevant
• OMS is a SKU like EMS and it’s no longer an SKU that Microsoft is actively selling – you could say it’s “Classic”
• Log Analytics was a product within Azure which was part of the OMS SKU
• Just like Application Insights was a product within Azure which was a part of the OMS SKU
• Application Insights and Log Analytics are now features of Azure Monitor
A quick Azure Monitor & Log Analytics & OMS history
No wait…
Azure Monitor!
12
• What kind of scenarios are perfect for SCOM?
• Out of the box on-prem monitoring for almost all workloads via pre-build management packs
• Extremely extendible with easy to build customized solutions via management packs
• Strong community and knowledge sharing
SCOM - What scenarios are easy?
13
• What kind of scenarios are perfect for Azure monitor?
• Azure Monitor is awesome for online workloads
• Monitoring on patterns in Log Analytics from different sources
• Metrics available of Azure VMS and other resources
Azure monitor - What scenarios are easy?
14
• Locally deployed, Browser based (formerly Project Honolulu)
• Management & Monitoring for systems
What is Windows Admin Center?
Why aren’t big players moving to azure monitor?
• Everyone uses SCOM for enterprise apps, unless they are born in the cloud!!
• WRONG.
https://www.microsoft.com/en-us/itshowcase/microsoft-adopts-azure-monitor-for-enterprise-monitoring
16
What Microsoft tools are available for Monitoring & when to use them?
Things to avoid…
Mistakes we’ve made so you don’t have to
Over-monitoring
There is a difference between knowing that your CPU utilization on your SQL server is > 90% and caring that your CPU utilization on
your SQL server is > 90%
Most companies aren’t doing more than touching the edges of what can be done with monitoring & in reality they don’t have to.
What products like SCOM and Azure Monitor can do
What companies actually use/need
20
What to notify on? Start simple with these 3 rules
Build from Rule #1:
“If XYZ breaks, it will get me fired”
Will security walk me out with a cardboard box in a couple of
minutes?
Extend with Rule #2:
“It’s critical only if it’s important enough to wake me up at 2:00
in the morning”
Is it critical enough to wake me, my Significant Other, baby, dog, entire neighborhood up at 2:00
am?
Learn from mistakes with Rule #3:
“Ok, we missed that. But we’ll get it from here on.”
How can I avoid that annoying yelling the next time and enjoy
my coffee again?
Being frugal
“I’m not going to pay a lot for this cloud monitoring”
22
Ways to save $$ on cloud monitoring
• Only add the data that you need to add
• Trick: When you are doing queries, if you are using project-away or using project – see what fields you are writing that you don’t need
• Keep the frequency of data collection as high as possible (especially for metrics)
• Retain data only as long as you need
• Trick: Use a re-writer to a different Log Analytics workspace as a data warehouse – writing only summary data.
• If you are grandfathered to the old licensing, don’t change unless you know it will save cash
• Put alerts in place for changes in trend of data being written to Log Analytics
• Azure Monitoring & Alerts
• Combine common alerts
• Disable non-required alerts
• Run alerts only as frequently as you need to ($.50 per month each vs. $1.50 per month each)
• Metric alerts are cheaper than log alerts!
Processes, Processes, Processes!
24
Processes
• Process is critical to monitoring. What happens when…
• Your company adds a new application, service or system? What about when they are decommissioned?
• An existing application, service or system changes its architecture?
• An alert is generated? Who is receiving that alert and what are they expected to do with it?
• New updates are available for management packs, SCOM versions change, or update rollups need to be applied?
• A company is acquired or divested?
Dependcenties, Redundancy &
Alerting
26
Dependencies, Redundancy & Alerting
• Dependencies:
• You must monitor every dependency you have and assume it will break
• Redundancy:
• You can write logs to multiple logging solutions which span different regions
• Alerting:
• Use Azure Monitor for your alerting – especially if you don’t have SCOM
• Enhance Azure’s alerting via Azure Automation or Logic Apps if that is not sufficient
Automatically Adapting to
changes
“The only thing constant is change” - Heraclitus
28
Automatically Adapting
• Retro back 11 year ago to 2008!
• Where are we at today? What can be done now?
• Change monitoring as applications, servers or services change
• Remediate systems limitations or issues identified
• Manage resources (deployment right-sizing)
• Provide just in time (JIT) access to resources
• Cloud migrate resources, configure DR and more!
• With the automation solutions now available we are getting closer every day to this vision
2929
Dashboards
• Dashboards:
• Use Azure Dashboards or Grafana to visualize automation health and performance
• Using SCOM? Check out solutions like SquaredUp!
Demo
Workbooks
The world is evolving
Lead, follow, or obstruct
32
The pace of change
• New evolutions in Azure happen daily (or hourly, or every minute)
• New evolutions in SCOM also happen frequently (new management packs, new SCOM releases, update rollups).
• Applications and Services change constantly but it is still required to provide health and SLA information.
33
• Do NOT assume that fully functioning monitoring will be finished at go-live.
• Monitoring requires maintenance & enhancement – forever.
• Someone needs to own monitoring of your systems, applications and services.
• Know what’s available in the solutions you have and have a roadmap to deploy new features which are relevant to your company.
Planning for the future
34
• Avoid our mistakes so you have time to make your own!
• Know what tools are available for monitoring
• Use the right tool (or tools!) for the right job
• Don’t over-monitor: Start simple and add capabilities over time
• Build with effective logging, alerting & dashboards out of the gate
• Plan for the future & plan for change
• Go beyond just monitoring!
• Respond to change with pre-built automations
Summary
Q&A
Appendix
37
Would you like help automatically adapting to changes in your environment?
• That would be great!
• We aren’t even close to ready for that yet
• Nope! We are good here…
Poll slide