In this blog post i am going to walk you through the steps to setup Azure Monitor logs aka OMS, aka Azure Log Analytics with System Center Configuration Manager (Current Branch). I wont go into the details of what Azure Monitor is but the premise is that it collects and analyzes data of your cloud and on premises environments to ensure your applications and systems are performing to their peak and surfaces potential issues before you suspect them. For an overview of Azure Monitor Logs check out our docs located here.
First login to your Azure subscription and then go to Azure Active Directory and App Registrations to create a new Web App/API for use in Configuration Manager. Click on New application registration.
Fill in the Name, Application Type and Sing on URL fields and click Create.
Select settings to create a secret key for use with Configuration Manager.
Select Keys and then fill in the Description and Expires fields and then click save to generate the Key. Ensure to write down the key as this is not accessible after you leave this screen. Additionally copy the App ID URI and the Application ID referred to as the (Client ID) later on as that will be required when creating the OMS Connector in Configuration Manager.
Now we need to go to Resource Groups and select the RG we are using and ensure the Contributor role is specified for the WebApp we just created. If not you will not be able to see the RG in the OMS Connector setup in Configuration Manager. Go to Resources Groups > YourRG > Access Control (IAM) and then Role Assignments and then add role assignment. Specify Contributor and your WebApp and select save.
Next lets create a Log Analytics Workspace if one does not already exist. Go to All Resources in the azure portal and search for “Log Analytics workspaces” and select Add.
Select Add and then provide a name, Resource Group, Location and Select ok.
Select your workspace then Access control (IAM), then Role Assignments
Now select Add > Add role assignment then add the Contributor role and select your Wep App/API and select save.
Next we need to configure the Microsoft Monitoring Agent to send data to Azure here is a great link for detailed steps.
Run the MMA Setup and click next.
Click i Agree on the EULA.
Confirm Installation location and click next.
On the Agent Setup options screen select “Connect the agent to Azure Log Analytics (OMS)” and click Next.
Configure your workspace information and select next.
Confirm installation options and select Install.
Review competition and click Finish.
Restart if prompted.
Open the Configuration Manager Console and navigate to “\Administration\Overview\Cloud Services\Azure Services” and select Configure Azure services. (Microsoft Operations Management Suite (OMS) Connector needs to be enabled under Features before continuing.)
Select OMS Connector and provide a name and then click next.
Fill in the Web App Properties and select Next.
Application Name: OMS Connector
Azure Tenant Name: Your Tenant Name
Azure AD Tenant ID: Your azure ad directory id
Client ID: is the Application ID Referenced earlier in WebApp creation.
Secret Key: Referenced earlier in the WebApp creation.
Secret Key Expiry: Referenced earlier in the WebApp creation.
App ID URI: Referenced earlier in the WebApp creation.
Select your subscription, resource group, and workspace then add any collections you want to monitor and the click next.
Confirm selections and click Next.
Verify Completion and select close.
Now we can configure Azure Monitor Logs to pull in Configuration Manager collections. Go to your Log Analytics Workspace and select Advanced Settings > Computer Groups > SCCM and Check the box to “Import Configuration Manager collection memberships” and then select save.
I hope this helps some get their feet wet with Azure Monitor Logs Integration within Configuration Manager. A follow up post will go over some basic Log querying and collection creation based on derived data from Azure Monitor Logs.