Today we will discuss about another out of box feature in OM 2012 - Network monitoring.You can monitor physical routers and switches their ports, interfaces, VLAN memberships etc. We have some default reports for networking like Interface Traffic volume, Packet Analysis. Also we have Dashboards for network devices like Network node Dashboard and Network Vicinity.
In this post, we will discuss key features of network monitoring with Operations Manager 2012. I am using Beta Edition. I have Cisco switch in my lab and three servers (all 2008 R2).
For network discovery and monitoring we need Microsoft.Windows.Server.NetworkDiscovery and Microsoft.Windows.Client.NetworkDiscovery management packs. We can monitor connection health, VLAN health, Up/down status of port/interface, Volume of inbound/outbound traffic for port/interface for discovered network devices. Operations Manager provides more detailed processor or memory monitoring for some network devices. You can check complete list here. For Cisco devices we can monitor in depth memory counters.
Let’s Start with Discovery
From SCOM console, click on Administration and click on Discovery Wizard
On General properties page, give Name and specify management /gateway server from which discovery will run. We can have only one Discovery rule per Management server. Select a management pool option is used to specify pool of management servers you want to use. This is from High availability prospective. Pool can have one or more management servers. This will allow network devices to failover to other SCOM server within pool, if one of them fails.
Select a discovery type : We have two types of discoveries available. Discovery rule can perform either one of the two types. But you can change the type even after the rule is created. Two types:
Explicit discovery – It will only attempt to discover those devices that you explicitly specify in the wizard by IP address or FQDN. It will only monitor those devices that it can successfully access. The rule will attempt to access the device by using ICMP, SNMP, or both depending on the configuration of the rule.
Recursive discovery – This will attempt to discover those devices that you explicitly specify in the wizard by IP address, as well as other network devices that are connected to the specified SNMP v1 or v2 device and that the specified SNMP v1 or v2 device knows about through the device’s Address Routing Protocol (ARP) table, its IP address table, or the topology Management Information Block (MIB).
I selected Explicit Discovery in my case. In case you select Recursive Discovery you get two more options:
1) Include Filters: Allow to discover all connected network devices or devices within specific IP address range
2) Exclude Filters: Allows to exclude specific network devices using IP address or name.
Default Accounts: These accounts are used to discover and monitor network devices. For SNMP V1, V2 we need community string. However for V3 devices we need unique Run As Account . These Run As Accounts can be created before the wizard or during the wizard as well
I click on Create Account option and get the wizard to create run as account.
In the wizard, We can specify the Community String. You can get this from Network Administrator
Next is Specify Devices page. You can give the name or IP address of the device. For Access Mode you can specify whether Operations Manager will use ICMP, SNMP, or both to communicate with the network device. The network device must support the protocol that you specify. If you specify ICMP as the only protocol to use, discovery is limited to the specified device and monitoring is limited to whether the device is online or offline.
You can specify SNMP version here and associate a Run as Account for same. You can also create Run as account here.
You can also click in Import button. You can browse to text file which has IPv4 addresses of all devices you want, with IP address of single device per line.
Schedule Discovery : We can either schedule the network discovery or run it manually.
My discovery was successful and I was able to discover by Cisco switch.
From SCOM console, in Administration export the Network Discovery Internal MP in XML format, if you want to check the changes.
Time for some Screen Shots
1) Network Vicinity Dashboard
2) Average Response Time and Processor Usage
Hi Rohit. Excellent post. Hope to see many more, as it really helped us.
I'm want to monitor my network device, but I don't have those MP. Could you please tell me where can I download it?
I want to add network devices in SCOM 2012 using power shell, i have script which works on SCOM 2007 R2 but the same one does not work on SCOM 2012.
You dont need to purchase MP's from vendors in 2012.
MP's are available out of box.
below is the link with list of devices that you can monitor with 2012
Can you provide some more details on power shell and if you are getting any error
You're probably using the old cmdlets. Th Cmdlets change between SCOM 2007 and 2012
Excellent post and explanation. Can you help me with this please.
I am having issues while adding using ICMP and SNMP v1 and v2 on DrayTeck devices (2820, 2830 ...).
On Network Devices Pennding Management i am getting "No Response SNMP" . Although it working fine for Cisco devices.
I have to monitor around 4000 drayteck devices. Is there is any way to add the Site Name and IP address both together as just an IP address don't help to identify which site goes down or live.
SNMP string i am using on router :
Get Community : Public
Set Community : Public
Trap Community : Public
Notification IPV4 : 80.x.x.x
Trap Timeout : 10
Is there a way to monitor the net flow analysis using SCOM 2012? I need information about who uses most bandwidth in your network. or conversation at router interface (source,destination IP) .Is There a way?
I'm trying to monitor our T1 interfaces used for voice for errors and such. When I look at Health Explorer, I see those monitors available like regular Ethernet interfaces, but I'm not seeing statistics. Is this possible?
Hey, Good Post.
Need help to understand following scenario:
Currently SCOM is generating ticket for following Alert: Failed to Connect to Computer
Reason: Due to Network Connectivity entire site is down.
Need Following Resolution:
1. Can we configure SCOM to Create Ticket for 1st point of Failure (Router, Switch, Network) & not for each server in site?
2. Can we configure it to check dependency before generating Ticket? i.e. Router, Switch, Network etc.