In OpsMgr 2012 we have enhanced the capabilities around network monitoring. In this article I will demonstrate how to discover and monitor a network device.
This is also covered in great detail at: http://technet.microsoft.com/en-us/library/hh205982.aspx
Launch the discovery wizard and select Network Devices:
Give a name for your discovery cycle, select the management server that you want to handle the network device discovery, then choose a resource pool. If you want only specific management servers or gateways, you can create a custom resource pool as I have done below, named “Network Monitoring Resource Pool”
Next up choose explicit discovery, or recursive. Since I am targeting a specific device, I will choose explicit. If you didn’t know all your managed network devices and wanted to discover them by reading the ARP cache of each discovered device, you can choose recursive.
Create a RunAs account. In this case – the RunAs account for network devices is simply the SNMP Community string. You can create as many as you need. I am just using the default which is “public” so I will create that.
Next up I click “Add” and type in the IP address of my router, leaving the rest at default settings.
Next I need to pick a schedule, if I want this discovery to run on a regular basis, and pick up and discover/monitor newly added network devices. For this example – I will choose to run manually.
Create the discovery, and you will see the following popup:
Choose YES to continue – this will automatically distribute the community string based RunAs account to any management servers in your resource pool, and to the management server you chose to execute the discovery.
In the admin console – you can see your newly created discovery rule:
You can follow the discovery process in the event log of the Management Server where you assigned discovery to run:
After a few minutes if discovery was a success – you will see your network device show up in the Admin console, under Network devices. Take note of the Certification value – if it states CERTIFIED it means the devices was recognized by the OpsMgr network equipment database and we will apply specific monitoring for that device.
Back in the monitoring pane – select Network Devices – and you will see we have discovered your device. In this case – I have a Cisco 1605 branch office access router:
Open Health Explorer for the device and you can see the out of the box monitoring provided for this specific discovered device:
For my device – we monitor ICMP and SNMP availability (as long as one of those is available we consider the device “up”)
Free memory, and memory pool fragmentation, and additionally CPU utilization monitoring.
We will also begin collecting performance data in the warehouse for each device, similar to the statistics that we monitor out of the box, such as memory, CPU, power supply, temperature and voltage sensors, and fans.
Taking use of the new Dashboards in OpsMgr 2012 – there is a network node dashboard that will give us a lot of cool “at a glance information” about this Network device:
Great job on this functionality but still disappointed that the NW Device is referenced by IP and not sysName ("MIB 2 System Name"). I know you can add that column to the state views but performance views will be less inviting since you can't add the column there. Dashboards would benefit from sysName too. Do alert descriptions contain the sysName in addition to the ip address? If not, assuming sealed MP's, that's going to create some unfortunate work for some of us whose users want alerts with host/system names and not IP's. I do love the look though.
Can you do a blog post on discovering a Linux/Unix server?
maybe something to mention: Disable (or change) the firewall settings of the management server(s) where you are kicking off the network discovery. I noticed that the discovery process will not give you any error/warning event on this. It will simply tell you no devices are discovered...
Have you messed with any of the interface overrides for the network devices yet? By default they are all disabled. I have been trying to figure out how to turn on interface monitoring, however I have yet to find discoveries for this. The monitors are there, which makes me interested to see how much QA the dev team performed to support more SNMP GUID Monitors in this version.
As aways, great posts. don't know what I would do without some of them.
@Carl, the naming algorithm actually uses several branches, it attempts DNS resolution on the following items in the order listed, the first one to succeed wins 1) Loopback IP 2) sysName 3) Public IP 4) Private IP 5)SNMP Agent IP
@Michel We have added diagnostic and recoveries around firewall not being configured in RC/RTM
@Jason By default the only interfaces with monitoring enabled are those that make up connections between network devices or network devices and servers you are monitoring. If you wish to enable monitoring on another interface simply add it to the "Critical Network Adapters Group"
Program Manager - Operations Manager
Vishnu - YOU ROCK!
Hi All, Is there any power shell script avialable for discovering Network devices in SCOM 2012
Has anyone tried supressing alerts to the computer/agents when the network link goes down? I have remote offices which often lose connectivity and when doing so i get numerous alerts about AD, DNS, etc relating to the servers at the site. I thought the new scom 2012 was suppossed to help with oliviating this. If someone has any experience or guidance with this that would be great as this is what we have been waiting for.
@Carl - You can force the network device to use the MIB 2 system name, even if the name does not appear in DNS (or the IP address resolves to something else you do not want to use. I have blogegd the instructions here blogs.inframon.com/.../How-to-use-the-MIB2-System-Name-for-a-device-in-SCOM-2012.aspx
Sorry the response is around a year late - but hopefully this will help some other people as they search
@Brett is there any update on your issue? I can't believe more people aren't having the issue with loss of network connectivity to a remote site causing false SCOM alerts.
If ping is blocked at the network device end, will SCOM be able to discover the device?
Same question as @Brett ... How can we supress alerts behind a monitored network device if that device is down. I clearly remember being told at an MMS presentation for SCOM 2012 network monitoring that this would be possible.
Kevin, are there plans for adding support for more devices? I have a number of Cisco MDS switches but only 1 of the 3 models I use are supported so far.
Yes there are - SP1 added many new devices but I am not sure if we published these in a list.
Have you attempted to discover them?
We can "support" any SNMP device - we just might not have extended monitoring for it out of the box.
Hi All, Kevin,
I’m running scom2012SP1 on a Windows2012 server and I can’t get any network devices working with SNMP.
The message which I get is “No response SNMP” but I am sure that the ip/community string is correct. In scom2007R2 on win2k8 is working fine. Of course I added the ip adress of the scom server in the network devices, but it is still not working! Even when I disabled the windows Firewall.(I thought maybe I made the wrong exclusion) The SNMP feature are also installed and the SNMP trap service is disabled.
Hope you can help me!