introduction
Microsoft System Center Operations Manager (SCOM) is a part of the Microsoft System Center suite of enterprise management software.
SCOM allows data center administrators to deploy, configure, manage and monitor the operations, services, devices and applications of multiple enterprise IT systems
this article we will discuss SCOM architecture and components and see how to works
SCOM components
SCOM includes several components.
- management server handles the essential administration and connection to databases.
- The operational database Collected information from agent for 7days , then transferred to warehouse DB and provides an SQL database for current reporting.
- The data warehouse database holds SQL data collected over long-term reporting.[about 400 days ]
- A reporting server queries the databases and produces detailed reports delivered to administrators.
- Audit Collection Service ACS : used to collect event log from ALL Microsoft and Linux OS in cartelized location
- Management group : include management servers, and SQL[with2 DB operational an warehouse DB], server as well as SSRS [SQL reporting services]
- please note that Management group could have many SCOM server for HA & LB by creating [resources Pool]
- The IT department can install these components on one server or across several servers for scalability.
How SCOM works
Every enterprise relies on its underlying services and applications for everyday business and user productivity.
SCOM is a monitoring and reporting tool that checks the status of various objects defined within the environment, such as :
- server hardware
- system services,
- operating systems (OSes),
- hypervisors
- and applications.
Administrators set up and configure the objects >> SCOM then checks the relative health — such as packet loss and latency issues — of each object and alerts administrators to potential problems.
Additionally, SCOM offers possible root causes or corrective action to assist troubleshooting procedures.
color coding
SCOM uses traffic light color coding for object health states
- Green is healthy,
- yellow is a warning
- red is a critical issue.
- Gray can indicate that item is under maintenance or SCOM cannot connect to the object
threshold
Administrators set a threshold for each object’s health state to determine if SCOM should issue an alert.
- For example, the admin can set a disk drive as green/healthy with more than 70% capacity remaining,
- yellow/warning with 70% to 80% capacity filled
- and red/critical with more than 80% of storage capacity filled.
The admin can adjust these levels when needed.
Pioneers LAB network diagram
please have a look to network diagram above
SCOM server will be installed on Windows 2016 server wit the following components :
- Management Server
- SQL server 2016 to run Operational DB
- same server will run Data warehouse DB
- SSRS to support reporting service and ACS
- reporting server
- ACS Collector to collect event log from client devices
SCOM agent could be installed on windows server [2012,2016,2019] as well as windows client 10 or 7
SCOM linux Agent will installed on Suse Linux Enterprise Server SLES to monitor ALL aspects
also we can monitor network devices like network firewall through SNMP protocol
windows and Linux agent will run ACS forwarder to send event log to ACS collector