Microsoft Operations Management Suite (OMS) is Microsoft’s cloud-based IT management solution that helps manage and protect on-premises and cloud infrastructure.

OpsRamp configuration

Step 1: Install the integration

  1. From All Clients, select a client.
  2. Go to Setup > Account.
  3. Select the Integrations and Apps tab.
  4. The Installed Integrations page, where all the installed applications are displayed. Note: If there are no installed applications, it will navigate to the Available Integrations and Apps page.
  5. Click + ADD on the Installed Integrations page. The Available Integrations and Apps page displays all the available applications along with the newly created application with the version.
  6. Search for the application using the search option available. Alternatively, use the All Categories option to search.
  7. Click ADD on the OMS tile.

Inbound (Optional):

OMS - Inbound configuration

To configure the inbound, follow these steps:
Authentication:

  1. Select the Authentication Type as Webhook.

    • Webhook: By default, Webhook is selected as the Authentication Type.
      Make a note of Tenant ID, Token and Webhook URL.
      These details are used while creating an HTTP Request template during OMS configuration.
  2. Map Attributes: Map OpsRamp entity attributes with OMS attributes.

    1. Click +Add from the Map Attributes section.

    2. From the Add Map Attributes window, enter the below information:

      • OpsRamp Entity: Select Alert from the dropdown.
      • OpsRamp Property: Select the OpsRamp property from the dropdown.
      • OMS Entity: Enter the OMS entity value in the box and click the +value from the dropdown to add it. You can add multiple values.
      • OMS Property: Enter the OMS property.

      Parsing Condition:

      1. Click +Add and provide the parsing condition:
      2. Select an operator from the dropdown and enter a value in the fields accordingly. Based on the operator selected, the fields vary.
      3. Click Save. Click +Add to add more conditions.

      Property Values:

      1. Click +Property Value.
      2. Enter a value in the OMS Property Value box and select the appropriate value from the OpsRamp Property Value dropdown.
        The options in the OpsRamp Property Value dropdown appear based on the OpsRamp Property selected.
      3. Click Save.
      • Click +Property Value to add more property values.

      Default Value: Alternatively, you can enter/select a default value in the box.

      Note: To map more attributes, click +Entity.

    3. Click Add Map Attributes. The mapped attributes list is added.

      • Click the three dots icon at the end of each row to edit or remove the map attributes.
      • Use the Filter option to filter the map attributes.

  3. Additional Settings: Select the Drop alerts from unmanaged resources checkbox if you do not want to trigger alerts from unmanaged resources.

  4. Enrich and Create Alert: Select a process definition from the dropdown. You can customize the incoming alerts according to the properties defined in the process definition.

  5. Click Finish.

The following tables shows the attribute mappings.

OMS PropertyOpsRamp Property
subjectAlert subject
descriptionAlert description
alertTimeAlert time
currentStateAlert state
serviceNameAlert metric
device.hostNameAlert resource name

OMS configuration

Log searches helps retrieve data from the workspace. Alert rules then proactively identify issues from the log search data and create alerts. Further, you can define the necessary actions to do on the alerts. For example, a user wants to send alerts on Event Log Errors to OpsRamp using Webhook, then create a Log Search for Event Log Errors and configure the action Webhook in Alert Rule.

  1. Log in to Microsoft Azure.
  2. Go to Log Analytics (OMS) and click a workspace
  3. In the Management section, click Log Search.
  4. Enter the details for the Search and click Save.
Log Search

Step 2: Configure alert rules

  1. In the General section, click Alert and configure the following:
    • Name: Enter name for alert rule.
    • Search query: Select the search query from the drop-down. Select Use current search query to use the current query or select an existing search from the list.
      Search Query
    • Time window: Time range for the query. The query returns records that were created in this range of the current time.
      For example:
      • Time window is set to 30 minutes
      • Query is run at 12:30 PM
      • Records created between 12:00 PM and 12:30 PM are returned.
  2. In the Schedule section, enter:
    • Alert frequency**: Enter values for alert frequency. Alert frequency specifies how often a query should run.
      For example:
      • Time window is set to 30 minutes and Alert frequency is set to 60 minutes.
      • Query is run at 12:30 PM
      • Records between 12:00 PM and 12:30 PM are returned.
      • The next time the query would run is 1:30 PM and would return records between 1:00 PM and 1:30 PM.
    • Generate alert based on: Select Number of results.
    • Number of results: Select the logical operator from the drop-down and enter the value. An alert is created if the number of records returned is greater than or less than the value.
  3. In the Actions section:
    1. Click Yes in Webhook to post OMS alerts to OpsRamp.
    2. Enter the Webhook URL https://<api-url>/integrations/alertsWebhook/{client_id}/alerts/?vtoken={vtoken}
      Provide Tenant Id and Token from the OpsRamp configuration.
    3. Select Include custom JSON payload and enter the payload:
    4. Click Save to save the alert rule.

Payload

{
    "subject": "#Description",
    "description": "#Description",
    "alertTime": "#SearchIntervalStartTimeUtc",
    "currentState": "#Severity",
    "serviceName": "#AlertRuleName",
    "device": {
        "hostName": "#SearchResult.tables\[0\].rows\[2\]"
        },
    "app": "OMS"
    }
Alert Rule

Alerts are created for the criteria defined in the alert rule and OpsRamp successfully receives alerts from OMS.