Monitoring with Log Analytics & SNMP

%3CLINGO-SUB%20id%3D%22lingo-sub-1508635%22%20slang%3D%22en-US%22%3EMonitoring%20with%20Log%20Analytics%20%26amp%3B%20SNMP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1508635%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ei%20would%20like%20to%20know%20if%20i%20have%20any%20possibilities%20to%20use%20log%20analytics%20to%20collect%20date%20e.g.%20of%20our%20UPS.%3C%2FP%3E%3CP%3EIs%20ist%20possible%20to%20send%20SNMP%20Traffic%20to%20Log%20Analytics%3F%20(And%20how%3F%20%3A)%3C%2Fimg%3E%20)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20in%20advance.%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1508635%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ELog%20Analytics%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Emonitor%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESNMP%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1508695%22%20slang%3D%22en-US%22%3ERe%3A%20Monitoring%20with%20Log%20Analytics%20%26amp%3B%20SNMP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1508695%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F275685%22%20target%3D%22_blank%22%3E%40PatrickF11%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fnam06.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fblogs.technet.microsoft.com%252Fmsoms%252F2016%252F09%252F21%252Fcollecting-snmp-data-with-operations-management-suite%252F%26amp%3Bdata%3D02%257C01%257CClive.Watson%2540microsoft.com%257C16f94a30137f43e5478b08d70658230c%257C72f988bf86f141af91ab2d7cd011db47%257C1%257C0%257C636984848748202498%26amp%3Bsdata%3DSqdPC6X4EfDP%252F%252Bd%252FIJHI49a1fHS02tmvqcHuKKY3Hww%253D%26amp%3Breserved%3D0%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fblogs.technet.microsoft.com%2Fmsoms%2F2016%2F09%2F21%2Fcollecting-snmp-data-with-operations-management-suite%2F%3C%2FA%3E%26nbsp%3B%3CBR%20%2F%3E%3CBR%20%2F%3EAlso%20linked%20from%3B%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-sentinel%2Fazure-sentinel-syslog-cef-logstash-and-other-3rd-party%2Fba-p%2F803891%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-sentinel%2Fazure-sentinel-syslog-cef-logstash-and-other-3rd-party%2Fba-p%2F803891%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1511257%22%20slang%3D%22en-US%22%3ERe%3A%20Monitoring%20with%20Log%20Analytics%20%26amp%3B%20SNMP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1511257%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F239477%22%20target%3D%22_blank%22%3E%40Clive%20Watson%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%20for%20answering.%3C%2FP%3E%3CP%3ESo%20just%20to%20make%20it%20clear%3A%20The%20OMS%20Linux%20Agent%20is%20the%20same%20as%20when%20i'm%20talking%20of%20the%20%22MMA%20Agent%22%20or%20%22Log%20Analyics%20Agent%22%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBecause%20i%20didn't%20use%20that%20before%20it%20would%20be%20very%20kind%20if%20you%20could%20answer%20some%20more%20questions%3A%3C%2FP%3E%3COL%3E%3CLI%3EThe%20MS%20Docs%20are%20pointing%20me%20to%20use%20linux%20(syslog).%20Do%20i%20have%20any%20option%20to%20do%20this%20without%20a%20linux%20machine%3F%3C%2FLI%3E%3CLI%3EThe%20main%20process%20is%20e.g.%3A%20Network%20Component%20(e.g.%20Switch%20or%20a%20UPS)%20%26gt%3B%20SNMP%20Traps%20fetched%20by%20Linux%20%26gt%3B%20the%20servers%20log%20agent%20sends%20these%20to%20Log%20Analytics.%20Is%20that%20right%3F%3C%2FLI%3E%3CLI%3EBecause%20i'm%20totally%20unexperienced%20in%20linux%20(i'm%20going%20to%20ask%20a%20colleague%20later)%3A%20How%20do%20i%20know%20which%20facility%20name%20i%20have%20to%20add%20in%20my%20Log%20Analytics%20Workspace%20to%20be%20fetched%3F%3C%2FLI%3E%3C%2FOL%3E%3CP%3EThank%20you%20very%20much.%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1511822%22%20slang%3D%22en-US%22%3ERe%3A%20Monitoring%20with%20Log%20Analytics%20%26amp%3B%20SNMP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1511822%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F275685%22%20target%3D%22_blank%22%3E%40PatrickF11%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EYes%20they%20are%20the%20same%20(there%20have%20been%20some%20branding%20changes%20over%20the%20past%20few%20years)%20but%20essentially%20we%20have%20the%20MMA%20(SCOM%20agent%2C%20ASC%20agent%2C%20OMS%20Agent%2C%20Log%20Analytics%20Agent%20etc...)%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E1.%20There%20are%20Syslog%20services%20that%20run%20on%20Windows%20-%20but%20I%20don't%20have%20one%20to%20recommend.%20Please%20search%20on%20%22syslog%20servers%20for%20windows%20server%22%2C%20mainly%20(from%20my%20experience)%20people%20use%20the%20native%20Linux%20capability.%3C%2FP%3E%0A%3CP%3E2.%20The%20flow%20is%20the%20SNMP%20trap%20to%20the%20Syslog%20server%20(see%20%231)%20then%20onto%20Log%20Analytics%26nbsp%3B%3C%2FP%3E%0A%3CP%3E3.%20I%20think%20that%20depends%20on%20the%20product%20you%20use%20(see%20%231)%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Regular Contributor

Hi,

 

i would like to know if i have any possibilities to use log analytics to collect date e.g. of our UPS.

Is ist possible to send SNMP Traffic to Log Analytics? (And how? :) )

 

Thanks in advance. :)

3 Replies

@Clive Watson 

 

Thank you for answering.

So just to make it clear: The OMS Linux Agent is the same as when i'm talking of the "MMA Agent" or "Log Analyics Agent"?

 

Because i didn't use that before it would be very kind if you could answer some more questions:

  1. The MS Docs are pointing me to use linux (syslog). Do i have any option to do this without a linux machine?
  2. The main process is e.g.: Network Component (e.g. Switch or a UPS) > SNMP Traps fetched by Linux > the servers log agent sends these to Log Analytics. Is that right?
  3. Because i'm totally unexperienced in linux (i'm going to ask a colleague later): How do i know which facility name i have to add in my Log Analytics Workspace to be fetched?

Thank you very much. :)

@PatrickF11 

 

Yes they are the same (there have been some branding changes over the past few years) but essentially we have the MMA (SCOM agent, ASC agent, OMS Agent, Log Analytics Agent etc...)

 

1. There are Syslog services that run on Windows - but I don't have one to recommend. Please search on "syslog servers for windows server", mainly (from my experience) people use the native Linux capability.

2. The flow is the SNMP trap to the Syslog server (see #1) then onto Log Analytics 

3. I think that depends on the product you use (see #1)