SCOM 2007 R2 can help you with out of box functionality to monitor Linux /Unix. With SCOM 2007 SP1 you need to get Management Pack from Quest/Jalasoft to name few partner who had developed MP to monitor Unix/Linux.
With the release of SCOM 2007 R2 Unix and Linux MP come along with product.
To Monitor Linux Server you can follow steps below…….
RunAs accounts that will be used by Operations Manager 2007 to install, and to monitor/manage the target Linux machines. For this, two user accounts are created:
· Non-privileged user, used to remotely monitor the Linux/Unix server.
· Privileged User, used to deploy the Unix/Linux agent, as well as to restart processes where privileged rights are required.
Creating a Non-Privileged UNIX User Run As Profile
1. In the Operations console, click Administration to open up the Administration space
2. Under the Run As Configuration node of the tree, click Profiles
3. In the Profiles pane, look for the Unix Action Account profile. Right-click on Unix Action Account and select Properties. This opens the Run As Profile Wizard
4. At the Introduction screen, click Next >
5. At the General Properties screen, click Next >
6. At the Run As Accounts screen, click Add... to create a new Run As Account. The Add a Run As Account dialog will open. NOTE: If you examine the list of current Run As accounts you will see none for UNIX/Linux, so we have to create one.
7. Click New... to open the Create Run As Account Wizard
At the Introduction screen, click Next >
9. Under the General Properties screen a. Select Basic Authentication from the Run As Account type drop-down list. b. Set the display name to "UNIX non-privileged account"
Click Next >
Provide Credential for Non Privileged Account
Under Distribution Security, select the More Secure... option.
When the creation is complete, you will see a warning message that the Run Account must be associated with an appropriate Run As profile. We will do this in just a moment. Click Close to return to the Add a Run As Account dialog
Click Select ... and choose Class... from the drop down.
In the Class Search dialog, enter Unix in the Filter By text box, and click Search
From the list of items returned from the search, select Unix Computer and click OK
Unix Computer now appears as the selected class against which the Run As Account will be applied. Click OK to close the Add a Run As Account dialog
You will now see the UNIX non-privileged account Run As Account just created within the list of accounts for this profile. Click Save.
We now have to associate the Run As account with the RMS management server. Click on the UNIX non-privileged account hyperlink to open the Run As Account properties.
Check to see you are in the Distribution tab.
In the Option: drop down, select Show Management Servers and click Search.
Select RMS Server Name from the results, and click Add
Creating a Privileged UNIX User Run As Profile
In the Profiles pane, look for the Unix Privileged Account profile.
Right-click on Unix Privileged Account and select Properties. This opens the Run As Profile Wizard
At the General Properties screen, click Next >
At the Run As Accounts screen, click Add... to create a new Run As Account. The Add a Run As Account dialog will open.
Click New... to open the Create Run As Account Wizard
Select Basic Authentication from the Run As Account type drop-down list . Set the display name to "UNIX privileged account
Under the Account screen Set The credential for Privilege
Under Distribution Security, select the More Secure... option. Click Create.
When the creation is complete, you will see a warning message that the Run Account must be associated with an appropriate Run As profile. We will do this in just a moment. Click Close to return to the Add a Run As Account dialog.
Notice that the UNIX privileged account you just created now appears as the selected option in the drop down box.
Click Select ... and choose Class... from the drop down
You will now see the UNIX privileged account Run As Account just created within the list of accounts for this profile. Click Save.
We now have to associate the Run As account with the RMS management server. Click on the UNIX privileged account hyperlink to open the Run As Account properties
Check to see you are in the Distribution tab
Select RMS Server Name from the results, and click Add and Click OK
Open the Operations console with an account that is a member of the Operations Manager 2007 R2 Administrator profile
Select the Administration view.
At the bottom of the navigation pane, select the Discovery Wizard link.
In the Computer and Device Management Wizard, select Discovery Type, choose Unix/Linux Discovery Wizard, and then click Next.
On the Discovery Method page, click Add to specify criteria for discovering UNIX-based systems and Linux-based systems on your network.
On the Define discovery criteria page, type the credentials and necessary information to locate the computer you want to discover, and then click OK
Click Discover to initiate system discovery
On the Discovery results page, in the Select the systems you want to manage: list, select the check box for the system or systems that you want to manage, or click Select All to include all discovered systems
If there are systems listed in the Select the systems you want to manage list on the Discovery results page that the wizard was unable to discover, you can click Details to get information about why the discovery failed. Correct the problem and repeat the discovery step
After you have selected the systems you want to manage, click Next to start the deployment, and to close the Discovery results page
On the Deployment complete page, the Computer and Device Management Wizard displays the agent deployment status in the Status menu.
Click Done to close the wizard.
IMPORT MP For Linux
Performance Monitoring by Using Default MP
Where you say "Enable SSL" I think you mean Enable SSH.
Thanks Buddy... You are right it should be SSH.
I have changed to SSH
We have followed all the stpes mentioned But my linux server staus is comsole is showing as critical
shall we need to create the same accoung in linux?
Any quick help is really appreciated
If it is showing critical that mean SCOm is able to monitor your Linux Server.
Go to monitoring->Active Alert-> Find the alert to check what has goner wrong on the server.
Alternatively click on computer State View->Linux Server(Which is critical)in action tab click on heath explorer to drill down to exact problem.
Check and let me know...
Shall i need to create the run as account on Linux machine
Because i have created basic a/c for as unix action & unix preveliged & assoviate them with run as profile
Is their something missing on limux side as i m getting access deined error in active alerts
i m new to the linux environment
One more help required i have created one rule to fetch 644 event ( a/c locked out )for specific a/c the rule is working fine as i m getting alerts abt a/c lockout them i have acreated 1 monitor which will check if the a/c is locked & in recover task i hv added the .vbs scirpt for unlocking the a/c the scipt run sucessfully but when i have added it to the monitor i have created it is only giving alert but not taking action
can you please tell me which account this monitor is using so that i can give the appropriate access becasue i doubt it is access issue
two Account you need.
1) Previledge Account eg:"root"
2) Non Previledge Account eg somthing like user account in your linux box.
If you are doing for test you can add both the account as "root"
Thanks for quick reply
done the steps menioned by you now my linux machine is in helathy state
But when i open the helath explorer cant see check mark to performance entity
Hi, have you ever tried to monitor a process on your linux server with SCOM R2?
I used the Process Monitoring tab, created an object with the process to check and the targeted group ( with my linux server as the only member ). I see the monitor object being created but it never shows up on the MONITORING panel under Process State. Have any idea ?
Thanks you for posting query. Please follow the article from Jeevan Bist Blog
Thx for answering!
The problem with the Unix service template is that it only shows the basename of the service
For example i want to monitor a websphere server on Linux.
The process is :
/usr/WebSphere/AppServer/java/bin/java -Declipse.security -Dwas.status.socket=39880 -com.ibm.ws.runtime.WsServer /usr/WebSphere/AppServer/profiles/sldpw1/config ldpCell sldpw1 asAgileSoft
SCOM only shows me this as a service :
which doesnt help me cause there is 6 process with the same basename and i want to monitor one in particular
I think i need to customise my own management pack to do this cause i dont think SCOM can do it with the default pack
Looking to have our MS server guys monitor my Linux Server using this, just wondering how to configure the Ops Manager Server to connect using SSH when the Linux Server uses Public / Private Keys?
Is there somewhere within ops manager that I can provide either an OpenSSL or Putty Private Key File?
Thanks for the document. I have managed to install the Linux agent working on my Red Hat servers.
I had issues around getting the Runas accounts. The document says to distribute the action accounts to RMS servers. In my experience, I could get the monitoring working only after the accounts were distributed to the management server to which the client was pointing.
I have two Linux server groups that use two different root passwords, how do I set that up? I notice you target the Unix Computer Class which is all Unix servers. Can I split that into two or more groups of Unix Servers? (Thank you for that great post)
great work ......
i have scom 2007 r2 in my environiment with 24 red had linux clients.
i just want to know how to configure monitors for memory utilization high.