Can we monitor suse linux cluster events using Log Analytics?

%3CLINGO-SUB%20id%3D%22lingo-sub-1450862%22%20slang%3D%22en-US%22%3ECan%20we%20monitor%20suse%20linux%20cluster%20events%20using%20Log%20Analytics%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1450862%22%20slang%3D%22en-US%22%3E%3CP%3EOur%20customer%20has%20SAP%20Landskape%20installed%20on%20Suse%20linux%20in%20Azure.%20We%20don't%20have%20any%20exclusive%20monitoring%20tools.%20So%20far%2C%20we%20are%20using%20LA%20for%20basic%20infra%20level%20monitoring.%20Clustering%20is%20configured%20for%20High%20availability%20using%20pacemaker%20with%20NFS%20for%20SAP%20hana%20DBs.%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20a%20way%20that%20these%20cluster%20events%20can%20be%20monitored%20using%20LA%3F%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1450862%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ELog%20Analytics%20AMA%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1451563%22%20slang%3D%22en-US%22%3ERe%3A%20Can%20we%20monitor%20suse%20linux%20cluster%20events%20using%20Log%20Analytics%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1451563%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F612787%22%20target%3D%22_blank%22%3E%40Ashok42%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGenerally%20if%20the%20SUSE%20version%20is%20supported%20and%20can%20be%20connected%20to%20Log%20Analytics%20you%20should%20be%20ok%20for%20basic%20Syslog%2C%20Local0-n%20monitoring%20-%20not%20sure%20about%20the%20clustering%20side%20though.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1485782%22%20slang%3D%22en-US%22%3ERe%3A%20Can%20we%20monitor%20suse%20linux%20cluster%20events%20using%20Log%20Analytics%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1485782%22%20slang%3D%22en-US%22%3E%3CP%3EFigured%20out%20something%20which%20is%20useful%20for%20cluster%20monitoring.%20Its%20daemon%20log%20having%20info%20about%20cluster%20failures%20and%20i%20could%20repro%20some%20results%20using%20below%20query.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CDIV%3E%3CDIV%3E%3CSPAN%3ESyslog%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3E%7C%20%3C%2FSPAN%3E%3CSPAN%3Ewhere%3C%2FSPAN%3E%3CSPAN%3E%20Facility%20%3D%3D%20%3C%2FSPAN%3E%3CSPAN%3E%22daemon%22%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3E%7C%20%3C%2FSPAN%3E%3CSPAN%3Ewhere%3C%2FSPAN%3E%3CSPAN%3E%20SyslogMessage%20%3C%2FSPAN%3E%3CSPAN%3Econtains%3C%2FSPAN%3E%20%3CSPAN%3E%22cluster%20health%20check%3A%20UNHEALTHY%22%3C%2FSPAN%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

Our customer has SAP Landskape installed on Suse linux in Azure. We don't have any exclusive monitoring tools. So far, we are using LA for basic infra level monitoring. Clustering is configured for High availability using pacemaker with NFS for SAP hana DBs. 

Is there a way that these cluster events can be monitored using LA? 

2 Replies
Highlighted

@Ashok42 

 

Generally if the SUSE version is supported and can be connected to Log Analytics you should be ok for basic Syslog, Local0-n monitoring - not sure about the clustering side though.

Highlighted

Figured out something which is useful for cluster monitoring. Its daemon log having info about cluster failures and i could repro some results using below query.

 

Syslog
| where Facility == "daemon"
| where SyslogMessage contains "cluster health check: UNHEALTHY"