Today Microsoft announced the public availability of Service Map (Previously known as Application Dependency Monitor) and a rewamped Wire Data 2.0 solution pack which is now available in Microsoft OMS.
I’ve blogged about Wire Data solution pack before which is a great way to get an overview of what kind of traffic is going in and out of your infrastructure. Service Map is technology from a company called BlueStripe before Microsoft bought them.
Service Map is supported for more then just Windows Server!
Windows Server 2016
Windows Server 2012 R2
Windows Server 2012
Windows Server 2008 R2 SP1
Red Hat Enterprise Linux, CentOS Linux and Oracle Linux (with RHEL Kernel)
Now before we start deploying them we need to import the solution packs into OMS
- Now both these new solutions require an additional compoent installed, which is the application dependency agent which is leveraged to do the component mappings and such. But you need to remember that it interacts with the OMS agent, to ensure that data is forwarded to OMS using the correct workspace ID and such. When Serivce Pack is activiated a 300KB Management Pack is sent to all the Microsoft Monitoring Agents in that workspace.
The simplest way to get and install it is to use the script like this.
wget https://aka.ms/dependencyagentwindows –O C:\somelocation\dp.exe
dp.exe /S (To run a silent install, it fetches workspace ID from the OMS agent that is preinstalled)
After the agent is installed it will start to forward data to OMS.
So for instance we can see all processes running and what kind of interaction they have with each other, we can also se interactions with other servers and what kind of port they are using.
We can also drill down on individual processes and see what they are and how they are communicating with other servers, and what kind of command line parameter they are running under.
Now we also have Wire Data, which using the same type of agent to tap into what kind of traffic is going inside and out of your datacenter.
So for instance in my example here I have traffic categorized as “Unknown” traffic which might be a bad indication, but I can do drill down into that specific traffic and see what kind of traffic is happening.
By using the query
Type: WireData ApplicationProtocol=Unknown Direction=Outbound
I can see what kind of traffic is going on, which is tagged as unknown, but in my case it was just some citrix components. Now moving forward I would love to see some integration between Wire Data and Networking Performance Monitoring and being albe to “Classify” unknown data in Wire Data based upon personal tags for instance or based upon process name.