Post on 24-Dec-2015
Monitoring UNIX/Linux with Operations Manager 2007 R2 MGT407 Barry Shilmover - Senior Program
ManagerRehan Jaddi – Group Program ManagerSystem Center Cross Platform and Interop TeamMicrosoft Corporation
Agenda
Cross Platform NewsArchitecturePartner ExtensionsDemos
Cross Platform NewsSince we Released System Center Operations Manager 2007 R2:
Open Sourced our Providers – We have made available our UNIX/Linux providers as open source on www.codeplex.com to allow customers and partners to extend our platform supportNovell SUSE Enterprise Linux 11 (SLES 11) support– As part of an update we released October 15th we added support for Novell’s latest Linux release. Solaris Zones support – As part of an that same update released October 15th we added support for Solaris virtual environments.
Today:Beta of Audit Collection Services (ACS) – We have made available a beta of ACS to support UNIX/Linux platforms
Coming Soon:Contribution to OpenPegasus – We have submitted our improvements to the Open Group to contribute our work back to the OpenPegasus project. Open Group targeting end of year for OpenPegaus 2.10.
OpsMgr X-Plat Architecture
Module Details
SSHDaemon
HealthService
WS-ManModules
SSHModules
SFTPModules
Enumerate
Get
Invoke
Execute Cmd
Session
Transfer File
CIMOM OpenPegasus 2.9
with WS-Management
Support
OpsMgrProviders
OSResources
WinRM Putty Library
New component for Cross Platform
Existing v3 or SP1 component
Outside dependencyBuilt-in UNIX/Linux functionality
WS-Man
CIMOM
OpsMgrProviders
OpsMgr
WS-Man
OSResources
UNIX/Linux Component Overview
WSManbinaries
CIMOMbinaries
RPM/depot/pkgInstaller
Providerlibraries
CIMOMdaemon
OpenPegasus
OSProvider
CPUProvider
DiskProvider
MemoryProvider
ProcessProvider
NetworkProvider
SyslogProvider
LogfileProvider
ScriptProvider
Ext APIProvider
File transProvider
New component for Cross Platform
Existing v3 or SP1 component
Outside dependencyBuilt-in UNIX/Linux functionality
WS-Man
CIMOM
OpsMgrProviders
OpsMgr
WS-Man
OSResources
Ops Mgr Component Overview
ModulesDLL
UIExtension
Assemblies
IntegratedInstaller
ManagementPacks
OpsMgrSrv/UI
HealthService
WS-ManModules
SSHModules
SFTPModules
WinRMAPI
New component for Cross Platform
Existing v3 or SP1 component
Outside dependencyBuilt-in UNIX/Linux functionality
WS-Man
CIMOM
OpsMgrProviders
OpsMgr
WS-Man
OSResources
17 Supported PlatformsAIX
Version 5.3 (Power)Version 6.1 (Power)
HP-UXVersion 11iv2 (PA-RISC/IA64)Version 11iv3 (PA-RISC/IA64)
SolarisVersion 8 (SPARC)Version 9 (SPARC)Version 10 (SPARC/x86)
19
Red Hat Enterprise LinuxVersion 4 (x86/x64)Version 5 (x86/x64)
SUSE Linux Enterprise ServerVersion 9 (x86)Version 10 SP1 (x86/x64)Version 11 (x86/x64)
Management Pack Hierarchy
LibraryManagement Pack
Microsoft.Unix.Library
Microsoft.Linux.Library
Microsoft.Linux.SUSE.Library
Microsoft.Linux.SLES.10
• Unix Object Definitions• Data Sources (WSMan/SSH/SFTP)• Probe Actions (WSMan/SSH/SFTP)• Write Actions (WSMan/SSH/SFTP)• Generic Monitors• Generic Tasks• Linux Object Definitions
• SUSE Linux Object Definitions• SLES 10 Object Definitions• Monitors• Rules• Diagnostics/Recoveries• Reports
Management Pack
Generic Libraries (Imported Automatically)Name Description
Microsoft.Unix.Library Defines all objects, DS, WA, PA for Unix-type systems
Microsoft.Unix.Views Defines all generic views used with Cross Platform
Microsoft.Unix.LogFile.Library Used by UNIX/Linux LogFile Management Pack Template
Microsoft.Unix.Service.Library Used by UNIX/Linux Service Management Pack Template
Management Pack - Continued
OS Type LibrariesName Description
Microsoft.AIX.Library.mp Generic AIX Operating System Library
Microsoft.HPUX.Library.mp Generic HP-UX Operating System Library
Microsoft.Linux.Library.mp Generic Linux Operating System Library
Microsoft.Linux.RedHat.Library.mp Generic Red Hat Operating System Library
Microsoft.Linux.SUSE.Library.mp Generic SUSE Linux Operating System Library
Microsoft.Solaris.Library.mp Generic Solaris Operating System Library
Management Pack - ContinuedBase OS Management Packs
Name Description
Microsoft.AIX.5.3.mp AIX 5.3 Base OS MP
Microsoft.AIX.6.1.mp AIX 6.1 Base OS MP
Microsoft.HPUX.11iv2.mp HP-UX 11iv2 (11.23) Base OS MP
Microsoft.HPUX.11iv3.mp HP-UX 11iv3 (11.31) Base OS MP
Microsoft.Linux.RHEL.4.mp Red Hat Enterprise Linux 4 Base OS MP
Microsoft.Linux.RHEL.5.mp Red Hat Enterprise Linux 5 Base OS MP
Microsoft.Linux.SLES.9.mp SUSE Linux Enterprise Server 9 Base OS MP
Microsoft.Linux.SLES.10.mp SUSE Linux Enterprise Server 10 Base OS MP
Microsoft.Linux.SLES.11.mp SUSE Linux Enterprise Server 11 Base OS MP
Microsoft.Solaris.8.mp Solaris 8 Base OS MP
Microsoft.Solaris.9.mp Solaris 9 Base OS MP
Microsoft.Solaris.10.mp Solaris 10 Base OS MP
Cross Platform Audit Collection ServicesAnnouncing
OverviewProvide Audit Collection Services (ACS) for Unix and Linux systems
• Leverage OpsMgr 2007 R2 Cross Platform infrastructure to enable UNIX/Linux auditing• Collect and aggregate audit events across enterprise systems for a singular view• Out of the box support for base OS audit events
Reporting – base OS auditing reports• Access violations• Account management• Administrator activity
Provide the infrastructure to enable enterprise auditing• Network devices• Applications
Delivery• Out of band, dependent on OpsMgr 2007 R2• Private Beta – November 9, 2009• RTM - CY Q1 2010
Cross Platform ACS Details• Access violations – unsuccessful logon attempts• Account management• Account creation/deletion/password change
• Administrator activity – su, sudo• Forensic – all events for a computer/event ID• User logons
Reports • Out of the box MP for each platform• Datasources - Syslog, su log, audit, etc.• Audit event collection:• Logons – success/failure• Ssh, rsh, tty, ftp
• Privilege use activity – su, sudo• Account activity – create/delete/password change
Management Packs
• RedHat Enterprise 4, 5 (Beta)• Novell SLES 9, 10, 11 (Beta)• Solaris 8, 9, 10 (RTM)• HPUX 11iv2, 11iv3 (RTM)• AIX 5.3, 6.1 (RTM)Platforms
How it all works
Syslog
SCX Agent Logfile Provider
SCX Logfile Datasource
Module
Management Pack Workflow
A. Collect syslog audit events
B. Parse syslog events & write to SEL
Windows Security Event Log ACS
Database
SCX Parsing & SEL Write Action
Module
OpsMgr Server
UNIX/Linux Server
Supported ScenariosSU:
FailSuccess
SUDO :FailSuccess
Login - SSH, SFTP, SCP, Console (TTY):
FailSuccess
User/Group Actions:User AddUser RemoveGroup AddGroup RemoveUser added to GroupUser Removed from GroupPassword Change
UNIX/Linux Reports Included
Access Violation - Unsuccessful Logon AttemptsAccount ManagementPrivileged LogonAdministrator ActivityForensic - All Events for Specified UserForensic - All Events for Specified Event IdForensic - All Events for Specified Computer
Partner Extensions
BridgeWays Currently Available:
ApacheMySQLOracle DatabaseVMwareJBossTomcat
Releasing 11/18: IBM DB2BES (v4 support only right now - changes coming that I will update you on soon) JMX Template (only extends JBoss MP right now) Oracle Database ASM
Beta for 11/18:IBM WebSphereOracle WebLogic
Early 2010:
Oracle Database RACJMX Template
BridgeWays - Roadmap
Database
Servers
Application
Servers
Virtualization
Web Servers Communicat
ion Servers
Novell
Linux Roles Management Packs:•BIND/DNS•DHCP Server•SAMBA•NFS server•LDAP server (OpenLDAP)•Print server (CUPS)•Firewall (SuSEfirewall2)
Demos, Demos, Demos
Demos
Discovery WizardManagement Pack TemplatesMonitoring Heterogeneous ApplicationsCross Platform Audit Collection Services
Discovery Wizard – Phase 1
IP Address
DNS Name
IP Range
Agent Installed
?
Supported
Version?
Signed?
Sign Cert
Discovery Wizard – Phase 2Agent
Installed?
Insert in DB
Agent Supported
?
Deploy Package
Install/Upgrade Package
Sign Cert/Valida
te Installation
More info
:Cross Platform Providershttp://xplatproviders.codeplex.com/
Cross Platform Update:http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=4a41a8be-0a37-4bd2-b5b1-026468b317fb
Q & A
Complete an evaluation on CommNet and enter to win an Xbox 360 Elite!
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED
OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.