SOLVED

Running the OMS agent containerised

%3CLINGO-SUB%20id%3D%22lingo-sub-2316945%22%20slang%3D%22en-US%22%3ERunning%20the%20OMS%20agent%20containerised%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2316945%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFor%20our%20deployment%20setup%20we%20are%20wanting%20to%20run%20the%20OMS%20agent%20within%20a%20Docker%20container.%20This%20agent%20will%20purely%20serve%20as%20a%20log%20forwarder%20for%20which%20ingests%20syslog%2FCEF%20over%20IP%20or%20from%20file%20(mounted%20within%20the%20container)%20and%20forwards%20these%20logs%20to%20the%20Sentinel%20LogAnalytics%20workspace.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBased%20on%20the%20OMS%20agent%20document%20I've%20found%20at%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Fagents%2Fagents-overview%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Fagents%2Fagents-overview%3C%2FA%3E%20it%20seems%20to%20me%20that%20running%20in%20a%20container%20is%20not%20a%20supported%20solution%2C%20am%20I%20correct%3F%20Also%2C%20is%20there%20anyone%20who%20has%20experience%20in%20deploying%20the%20OMS%20agent%20within%20a%20Docker%20container%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2318430%22%20slang%3D%22en-US%22%3ERe%3A%20Running%20the%20OMS%20agent%20containerised%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2318430%22%20slang%3D%22en-US%22%3EHi%3CBR%20%2F%3EYes%20you%20can%20use%20it%20as%20a%20container%20.%3CBR%20%2F%3EAll%20supported%20environments%20%2F%20systems%20and%20instructions%20below%20%3A%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2Fmicrosoft%2FOMS-docker%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2Fmicrosoft%2FOMS-docker%3C%2FA%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi,

 

For our deployment setup we are wanting to run the OMS agent within a Docker container. This agent will purely serve as a log forwarder for which ingests syslog/CEF over IP or from file (mounted within the container) and forwards these logs to the Sentinel LogAnalytics workspace.

 

Based on the OMS agent document I've found at https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agents-overview it seems to me that running in a container is not a supported solution, am I correct? Also, is there anyone who has experience in deploying the OMS agent within a Docker container?

2 Replies
best response confirmed by reda21 (New Contributor)
Solution
Hi
Yes you can use it as a container .
All supported environments / systems and instructions below :
https://github.com/microsoft/OMS-docker
Hi
Is this repository maintained? I see that repo is not updated since 2019 and there are couple of PRs pending.

Moreover, I have the similar use case and I am testing this currently. The containerised OMS agent never showed up in LA Workspace and there is no troubleshooting utility present in container. Please add some troubleshooting documentation for oms container.