Monitor Azure and Off-Azure Virtual machines with Azure Monitor SCOM Managed Instance (preview)

  • Article

Note

This feature is currently in preview.

Azure Monitor SCOM Managed Instance provides a cloud-based alternative for Operations Manager users providing monitoring continuity for cloud and on-premises environments across the cloud adoption journey.

SCOM Managed Instance Agent

In Azure Monitor SCOM Managed Instance, an agent is a service that is installed on a computer that looks for configuration data and proactively collects information for analysis and reporting, measures the health state of monitored objects like an SQL database or logical disk, and executes tasks on demand by an operator or in response to a condition. It allows SCOM Managed Instance to monitor Windows operating systems and the components installed on them, such as a website or an Active Directory domain controller.

Support for Azure and Off-Azure workloads

One of the most important monitoring scenarios is that of on-premises (off-Azure) workloads that unlock SCOM Managed Instance as a true Hybrid monitoring solution.

The following are the supported monitoring scenarios:

Type of endpoint Trust Experience
Azure VM Any type Azure portal
Arc VM Any type Azure portal
Line of sight on-premises agent Trusted OpsConsole
Line of sight on-premises agent Untrusted Managed Gateway and OpsConsole
No Line of sight on-premises agent Trusted/Untrusted Managed Gateway and OpsConsole

SCOM Managed Instance users will be able to:

  • Monitor VMs and applications which are in untrusted domain/workgroup.
  • Onboard endpoints (including Agent installation and setup) seamlessly from SCOM Managed Instance portal.
  • Set up and manage Gateways seamlessly from SCOM Managed Instance portal on Arc-enabled servers for off-Azure monitoring.
  • Set high availability at Gateway plane for agent failover as described in Designing for High Availability and Disaster Recovery .

Linux monitoring with SCOM Managed Instance

With SCOM Managed Instance, you can monitor Linux workloads that are on-premises and behind a gateway server. At this stage, we don't support monitoring Linux VMs hosted in Azure. For more information, see How to monitor on-premises Linux VMs.

For more information, see Azure Monitor SCOM Managed Instance frequently asked questions.

Use Arc channel for Agent configuration and monitoring data

Azure Arc can unlock connectivity and monitor on-premises workloads. Azure based manageability of monitoring agents for SCOM Managed Instance helps you to reduce operations cost and simplify agent configuration. The following are the key capabilities of SCOM Managed Instance monitoring over Arc channel:

  • Discover and Install SCOM Managed Instance agent as a VM extension for Arc connected servers.
  • Monitor Arc connected servers and hosted applications by reusing existing System Center Operations Manager management packs.
  • Azure based SCOM Managed Instance agent management (such as patch, push management pack rules and monitors) via Arc connectivity.
  • SCOM Managed Instance agents to relay monitoring data back to SCOM Managed Instance via Arc connectivity.

Prerequisites

Following are the prerequisites required on desired monitoring endpoints that are Virtual machines:

  1. Ensure to Allowlist the following Azure URL on the desired monitoring endpoints: *.workloadnexus.azure.com

  2. Confirm the Line of sight between SCOM Managed Instance and desired monitoring endpoints by running the following command. Obtain LB DNS information by navigating to SCOM Managed Instance Overview > DNS Name.

    Test-NetConnection -ComputerName <LB DNS> -Port 5723

  3. Ensure to install .NET Framework 4.7.2 or higher on desired monitoring endpoints.

  4. Ensure TLS 1.2 or higher is enabled.

To Troubleshooting connectivity problems, see Troubleshoot issues with Azure Monitor SCOM Managed Instance.

Install an agent to monitor Azure and Arc-enabled servers

Note

Agent doesn't support multi-homing to multiple SCOM Managed Instances.

To install SCOM Managed Instance agent, follow these steps:

  1. On the desired SCOM Managed Instance Overview page, under Manage, select Monitored Resources.

    Screenshot that shows the Monitored Resource option.

  2. On the Monitored Resources page, select New Monitored Resource.

    Screenshot that shows the Monitored Resource page.

    Add a Monitored Resource page opens listing all the unmonitored virtual machines.

    Screenshot that shows add a monitored resource page.

  3. Select the desired resource and then select Add.

    Screenshot that shows the Add a resource option.

  4. On the Install SCOM MI Agent window, review the selections and select Install.

    Screenshot that shows Install option.

Manage agent configuration installed on Azure and Arc-enabled servers

Upgrade an agent

To upgrade the agent version, follow these steps:

  1. Sign in to the Azure portal. Search and select SCOM Managed Instance.

  2. On the Overview page, under Manage, select SCOM managed instances.

  3. On the SCOM managed instances page, select the desired SCOM managed instance.

  4. On the desired SCOM Managed Instance Overview page, under Manage, select Monitored Resources.

  5. On the Monitored Resources page, select Ellipsis button (…), which is next to your desired monitored resource, and select Configure.

    Screenshot that shows monitored resources.

    Screenshot that shows agent configuration option.

  6. On the Configure Monitored Resource page, enable Auto upgrade and then select Configure.

    Screenshot that shows configuration option.

Delete an agent

To delete the agent version, follow these steps:

  1. Sign in to the Azure portal. Search and select SCOM Managed Instance.

  2. On the Overview page, under Manage, select SCOM managed instances.

  3. On the SCOM managed instances page, select the desired SCOM Managed Instance.

  4. On the desired SCOM Managed Instance Overview page, under Manage, select Monitored Resources.

  5. On the Monitored Resources page, select Ellipsis button (…), which is next to your desired monitored resource, and select Delete.

    Screenshot that shows delete agent option.

  6. On the Delete SCOM MI Agent page, check Are you sure that you want to delete Monitored Resource? and then select Delete.

    Screenshot that shows delete option.

Install SCOM Managed Instance Gateway

To install SCOM Managed Instance gateway, follow these steps:

  1. Sign in to the Azure portal. Search and select SCOM Managed Instance.

  2. On the Overview page, under Manage, select SCOM managed instances.

  3. On the SCOM managed instances page, select the desired SCOM managed instance.

  4. On the desired SCOM managed instance Overview page, under Manage, select Managed Gateway.

    Screenshot that shows managed gateway.

  5. On the Managed Gateways page, select New Managed Gateway.

    Screenshot that shows new managed gateway.

    Add a Managed Gateway page opens listing all the Azure arc virtual machines.

    Note

    SCOM Managed Instance Managed Gateway can be configured on Arc-enabled machines only.

    Screenshot that shows add a managed gateway option.

  6. Select the desired virtual machine and then select Add.

    Screenshot that shows Add managed gateway.

  7. On the Install SCOM MI Gateway window, review the selections and select Install.

    Screenshot that shows Install managed gateway page.

Manage Gateway configuration

Configure monitoring of servers via SCOM Managed Instance Gateway

To configure monitoring of servers via SCOM Managed Instance Gateway, follow the steps mentioned in Install an agent on a computer running Windows by using the Discovery Wizard section.

Note

Operations Manager Console is required for this action. For more information, see Connect the Azure Monitor SCOM Managed Instance to Ops console

Delete a Gateway

To delete a Gateway, follow these steps:

  1. Sign in to the Azure portal. Search and select SCOM Managed Instance.

  2. On the Overview page, under Manage, select SCOM managed instances.

  3. On the SCOM managed instances page, select the desired SCOM managed instance.

  4. On the desired SCOM managed instance Overview page, under Manage, select Managed Gateways.

  5. On the Managed Gateways page, select Ellipsis button (…), which is next to your desired gateway, and select Delete.

    Screenshot that shows delete gateway option.

  6. On the Delete SCOM MI Gateway page, check Are you sure that you want to delete Managed Gateway? and then select Delete.

    Screenshot that shows delete managed gateway option.

Configure monitoring of on-premises servers

To configure monitoring of on-premises servers that have direct connectivity (VPN/ER) with Azure, follow the steps mentioned in Install an agent on a computer running Windows by using the Discovery Wizard section.

Note

Operations Manager Console is required for this action. For more information, see Connect the Azure Monitor SCOM Managed Instance to Ops console