In this Ask the Admin, I’ll run through the features of Azure Operational Insights (OpInsights) and how it compares to System Center Operations Manager (SCOM).
Back in May 2015 at the Ignite conference in Chicago, Microsoft announced general availability of Azure Operational Insights, which it describes as ‘an analysis service that enables IT administrators to gain deep insight across on-premises and cloud environments.’ And adding that ‘it enables you to interact with real-time and historical machine data to rapidly develop custom insights, and provides Microsoft and community-developed patterns for analyzing data.’
Azure Operational Insights is part of the Operations Management Suite of products, but isn’t a replacement for Operations Manager. OpInsights utilizes the cloud to store and index large amounts of data collected either from your on-premise environment, the cloud, or mixture of both, and provides a service that most organizations would struggle to provision onsite due to the cost and complexity of dealing with such large amounts of data. But unlike SCOM, OpInsights isn’t currently able to perform actions based on alerts, although a few Solutions require Operations Manager.
Based on a fast and sophisticated search engine, OpInsights provides analytics for capacity planning, efficiency, SQL, Active Directory, backup, metadata about network traffic (wire data), potential configuration issues, security, change tracking, Azure site recovery, alert management, malware, updates and a growing number of other areas via Solutions, previously called Intelligence Packs.
OpInsights gathers information, uses machine learning and best practice knowledge collected by Microsoft and its customers to display trends, predict problems, and provide best practice recommendations. Currently the service supports monitoring Windows Server 2008 (or higher) and Azure storage accounts, but support for Linux and AWS storage is on the horizon.
OpInsights uses the Microsoft Agent to gather information from Windows Server or can be connected to an existing Operations Manager setup. There’s also integration with Azure, so VMs can be deployed with the agent and authorization information to connect to OpInsights.
Three pricing tiers determine how much data about your environment you can collect and store. The good news is that there’s a free tier so you can try out the service, and it allows 500MB of data daily that can be retained for seven days. The standard tier costs $2.30/GB and data can be retained for a month, or premium at $3.50/GB with 12 months’ data retention. Discounts are available for customers who have licensed Microsoft Operations Management Suite for System Center Standard Edition.
The more Solutions you add to an OpInsights workspace, the more data is collected and retained, which will have an influence on the pricing tier you select. Each Solution you add is represented by a tile on the dashboard, showing the information that Microsoft thinks is most critical. Windows Event Log collection doesn’t need to be added as a Solution, as it’s present by default in all new workspaces, but you will need to configure the logs from which data should be collected, and the types of events.
The sophisticated search engine can be used to find specific information, and you can drill down and display specific time ranges. Searches can be viewed as lists or tables, and the results exported to Excel. And if you want to perform a search on a regular basis, save it and add it to a custom dashboard.
If you already have an Azure subscription, you can add or create a new OpInsights account from the management portal. Otherwise, you’ll need to sign up separately at the OpInsights website here. OpInsights is also mobile, so not only can you use the web portal to view your dashboard, but in addition to the Windows Phone app that’s been available for some time, called The Microsoft Operations Management Suite mobile app, Microsoft has just released the app for Android and iOS.