So you think you know all the features in OMS? Think again! So I’ve been working closely with OMS the last couple of years and to be honest I haven’t yet grasped how much features Microsoft has introduced over the last couple of years and more is coming!
I have blogged already about some of the capabilities.
Leverage OMS to detect bad networks –> http://msandbu.org/leveraing-oms-network-performance-monitor-to-detect-network-loss/
- Monitor Syslog from OMS with non-oms agents –> http://msandbu.org/monitoring-syslog-from-oms-with-non-oms-agents/
- WireData monitoring from OMS –> http://msandbu.org/wire-data-in-operations-management-suite/
So if you now look at all the possible solutions that OMS now provides, it is alot! If you look at the complete picture OMS integrates directly into Azure to be able to monitor Azure specific features like Azure Network Analytics. It can also leverage agents to do monitoring against Windows and Linux machines. Now the strenght of OMS is that you are able to gather all that information (logs/counters/events) from different sources and being able to structure that data to get valuable information, which is much fo the logic that is in place behind the different Intelligence packs from OMS. Since OMS is leveraging Azure, it is easy for them to be able to instantly search between thousands thousands of logs. It also allows them to detect security breaches since it integrates with other Microsoft online services to detect bad known IP’s, leaked accounts and so on. Leveraging OMS allows for Microsoft to add more logic and allows to be more proactive instead of OpsMgr which is more reactive, since it consists of Management Packs and a set of rules which determine how it should react to a specific event. But for a while OMS has been more a competitor to ELK & Splunk then it has been to OpsMgr
Now if we compare on the evolution that has happend in Operations Manager, well its not so much, for instance http://blog.orneling.se/2015/05/system-center-2016-operations-manager-whats-new/
There are of course support for the latest versions and added management packs, but I belive that Microsoft is pushing more focus on OMS, instead of OpsMgr why shouldn’t they? Microsoft has enormous growth on Office365, Azure and even EMS so having a operations tool which is fully directly integrated into all those cloud solutions makes it easier for customers as well as Microsoft to be able to add features directly.
Now we also have alert management which can be added to specific events and can trigger Runbooks or Webhooks to remidiate alarms. I’m also thinking that in the future that Microsoft will integrate OMS with Intune to do more event based monitoring and also integrate with Microsoft Defender Advanced Threat Protection to get a common solution for security pre & post breach events, combining the logic.
So with all these feature there and more coming, why leverage Operations Manager?
Of course it is not a one-size fits all appoarch, Operations Manager provides more in-depth monitoring like Windows Service and Processes, there is a larger ecosystem of third party vendors which have their own Management Pack to do monitoring of their hardware or services running, and also for larger enterprises they might not just have the adequate bandwidth available to be able to upload data collected from 100,000 of endpoints (Switches,Routers,Firewall,Linux, Windows) but of course you need to think about that with OpsMgr it will require alot of management to have it work properly unlike OMS which is a online based tool. Also OMS does not have any APM capabilities yet, and of course not everyone can use cloud services to do event monitoring as well.
But moving forward I’m pretty sure that Microsoft will be adding more of the features which are now available in OpsMgr into OMS and that OMS will be more integrated directly into Azure (For instance auditing and with Intune and even ATP) which will make even more of complete monitoring tool.