Monday, January 9, 2012

SCOM 2012 - Network Monitoring Magic!

This is the first of many posts I'll be blogging this year on System Center 2012 Operations Manager (SCOM 2012). With the upcoming RTM release of SCOM 2012 just around the corner, I've been test driving most of the System Center 2012 products for the last 6 or 7 months in conjunction with the Microsoft System Center 2012 Private Cloud Community Evaluation Program (CEP).

In the past, network monitoring within SCOM 2007 R2 was badly lacking out of the box and it could be quite cumbersome to configure using the built in SNMP functionality that came as part of the original build. Microsoft had no monitoring pack of their own available either that could build on this basic functionality and it was left to the SCOM community and 3rd party companies to create the management packs that would then allow all of the network devices within an infrastructure to be monitored easily.

One of the best management packs that I've used to complement SCOM 2007 R2 for SNMP network device monitoring was created by SCOM community member Kris Bash and distributed free of charge through Codeplex - see the link below for more info:

Kris did an excellent job with this management pack and it still forms an integral part of all SCOM 2007 R2 deployment projects that I'm involved in since I came across it in 2009 and the fact that it's a free download keeps it miles apart from its nearest 3rd party (costly) competitor!

In fairness to Microsoft, they took all of this onboard when developing the roadmap for SCOM 2012 and decided to hire Kris Bash to work for them directly on the SCOM 2012 product team ('if you can't beat them hire them' maybe....)!

This post will show an example now of exactly what that means for the latest version of Microsoft's monitoring application and how easy it is to get up and running with your SNMP discoveries.

To begin, open up the SCOM 2012 Management Console, go to the 'Administration' tab on the left hand side and then right mouse click on 'Discovery Wizard' to bring your network SNMP devices directly into SCOM without the need to add any additional management packs.

Once the Discovery Wizard opens up, select 'Network Devices' and then click 'Next'

It's at this point that people familar with SCOM 2007 R2 will start to see some new screens and functionality. When discovering network devices within SCOM 2007 R2, you only had the option to either input in a single IP address of a network device along with its associated SNMP community string or you could search for a range of devices using the subnet range method along with a single SNMP community string. Once this SCOM 2007 R2 network device search was complete, you lost all of your search settings and then had to re-enter them again if you wanted to do another search.

SCOM 2012 allows us to to create and save custom network device searches along with the capability to use a number of different SNMP community strings against explicit or recursive discoveries. This is a MAJOR change to SCOM 2007 R2 and I can see this making our future SCOM installs so much easier to handle disparate network discoveries in Enterprise environments.

From the screen below, enter a name for your new Discovery Rule, select a Management or Gateway server that you want your network devices to report to and choose a Resource Pool from the 'Available Pools' option down the bottom - leave this at the default of 'All Management Servers Resource Pool' if you don't want to create a new one - and then click 'Next' to continue.

In the next screen, select either an 'Explicit Discovery' or a 'Recursive Discovery' and then click 'Next'.

(If you want to learn more about Explicit and Recursive discovery rules, then check out this other blog post of mine)

When you click onto the next screen, it is here that you will be able to create the 'RunAs' accounts for your SNMP discoveries that allow you to specify different SNMP versions and community strings that can apply to all network devices from a single search. Click on 'Create Account' to kick off the wizard for a new RunAs account.

Input a display name and desciption for the discovery account and then click 'Next'

Now enter in your SNMP community string, then click 'Create'

In the example below, I've created two different discovery accounts, both with different SNMP community strings. Select the one(s) that you want to use for this particular discovery, then click 'Next'

You will be prompted to distribute the new RunAs accounts to the health service on the Management server that was specified for the network devices to report into. Click 'Yes' and then click 'Next' to move on.

Now specify the device or the network devices that you want to use as your starting point for your recursive searches and then click 'Advanced Discovery Settings'

You can change any of the options here to suit your search and when happy, click on 'OK' and then click on 'Next' to continue

Select your recursive discovery search options from the screen below and then click 'Next'

You can specify what network devices to exclude from your recursive search from the screenshot below, click 'Next' when you're ready to move on

This is another cool new feature where you can schedule the discovery rule to fire any day you want at any time

Finally, click on 'Save' to complete the discovery wizard and search creation

Before you click 'Close' from the screen below, ensure you have enabled the 'Run the network discovery rule after the wizard is closed' option

Now if you click on the 'Discovery Rules' link on the left hand side of the screen, you can see the status of your rule as it changes from an 'idle' state to 'processing' to back to 'idle' again. If you chose to run this rule just the once, then it will remain in an idle state until you kick it off manually again. If you configured a schedule for your rule to fire, you will be able to check here to see the status of the rule running during the schedule times specified.

Once complete, you should see the screen below telling you the discovery was a success.

Now when you go to your 'Network Devices' link on the left, you will see that it is starting to populate with the newly discovered SNMP network devices

Once you are happy that all of your devices have been discovered, go back to the 'Monitoring' tab on the left hand side of the Wunderbar, expand the 'Network Monitoring folder and then click on one of your network switches in the list from the central screen.

Now click on the 'Network Vicinity Dashboard' option from the 'Tasks' pane on the right hand side

Hey presto! The screenshot below now shows the brand new and fresh out of the box functionality of the SCOM 2012 Network Monitoring Vicinity and Availability view!!

If you want to learn more about the other great System Center 2012 products and how they interact with each other, see my previous posts from the links below:

Cloud Management with System Center - Building a Private Cloud with System Center Virtual Machine Manager 2012

Cloud Management with System Center - Creating a Virtual Machine Template with System Center Virtual Machine Manager 2012

Cloud Management with System Center - Creating a Service Template with System Center Virtual Machine Manager 2012

Cloud Management with System Center - Connecting your private cloud to System Center App Controller 2012

Cloud Management with System Center - Customizing System Center App Controller 2012

Cloud Management with System Center - Connecting App Controller to Azure Part 1

Cloud Management with System Center - Connecting App Controller to Azure Part 2

Cloud Management with System Center - Integrating App Controller with SCOM

Managing and Monitoring System Center DPM 2012 with SCOM Part 1



  1. yes but the name of the ports really really sucks

  2. Hello Kevin,

    And how do you discover a device that only sends out a trap and that's it?
    I need to catch snmp traps from a piece of software that only sends out a trap when there is an issue. I see that snmp trap coming in on the server but scom is not picking it up.

    1. Hi!
      You've to discover the device as network device in SCOM in order to process SNMP traps.
      You have to move on with another approach (like System Center Orchestrator as middleware or an SNMP Proxy (SNMP to Event Log or similar)) if you're not able to discover them (you need SNMP Get access) or the application is hosted on a Windows Computer.
      Cheers, Patrick