Getting overwhelmed with alerts in your OpsMgr environment? Not sure which alert to tackle first?
Ideally, we’d like our OpsMgr environment to be fine-tuned so that the environment…
That sounds nice and is relatively easy to get to when you are starting an implementation of OpsMgr, but what if you’ve inherited an environment where fine tuning didn’t really go as planned?
Well, one option to regain control of your environment, without having to rebuild everything or take out every management pack, is to use Distributed Applications to surface what’s critical to your organization.
What is DA?
Distributed Applications, DA, (not to be confused with Direct Access–-an awesome piece of technology in its own right) is a feature in OpsMgr that allows us to combine and group any discovered objects into a logical arrangement and roll up the health of the group into one availability monitor thus generating a single alert. This last part is key and often overlooked when building a DA.
A Scenario – Database Tiers
Let’s say we’re looking after SQL database health and availability in our organization using OpsMgr. In a large organization, OpsMgr may discover and monitor hundreds or even thousands of SQL DBs, each one that can go offline, run out of space, fail to backup, experience disk IO contention, etc. How can we prioritize these alerts?
In the case of databases, some good tricks exist out there to reduce non-actionable alerts (like disabling the discovery of certain DBs altogether), but maybe we still have a large number of DBs where things can go wrong.
The SQL DB view is a good place to start.
We can then reduce this administrative task further and embed some simple logic into our monitoring.
Creating our Simple DA – All Tier 1 DBs
Now let’s test to see what happens. When we put one of our databases “test_cloned” offline, an alert is generated:
So how are we better off than before?
The idea is to help us prioritize our remediation work while we develop a longer term strategy and tune our environment. So here’s what this DA alert gives us:
I’d like to stress once more that this tactic shouldn’t be used as a free pass to ignore the other alerts. It’s just a way to have the critical alerts filter out to the top. If you can only work on a limited number of alerts in one day, this technique allows you to address the key items first.
What do you think? Would a DA allow us to better prioritize our alerts?
For more information on Distributed Applications, see: http://technet.microsoft.com/en-us/library/hh457612.aspx
Great article. Is there any way to change the name for the alert subscription? As having the long string SCIMembership.... is kind of ugly and if you get it on a mobile device it is hard to read.