Microsoft Operations Management Suite (OMS) is Microsoft’s cloud-based IT management solution that helps manage and protect on-premises and cloud infrastructure.

OpsRamp configuration

Step 1: Install the integration

  1. From All Clients, select a client.
  2. Go to Setup > Account.
  3. Select the Integrations and Apps tab.
  4. The Installed Integrations page, where all the installed applications are displayed. Note: If there are no installed applications, it will navigate to the Available Integrations and Apps page.
  5. Click + ADD on the Installed Integrations page. The Available Integrations and Apps page displays all the available applications along with the newly created application with the version.
    Note: You can even search for the application using the search option available. Also yu can use the All Categories option to search.
  6. Click ADD in the OMS application and click Install.
  7. Select authentication type as WEBHOOK and click Save.
  8. Make a note of Tenant ID, Token and Webhook URL.
    These details are used while creating an HTTP Request template during OMS configuration.
  9. Click Save.

Step 2: Configure the integration

  1. From the API tab, enter:
    • Authentication: Copy Tenant Id, Token and Webhook URL for configuration. These settings are used for creating a HTTP Request template.
    • Map Attributes: Enter the mapping information for the third-party.
  2. From the Monitoring of Integration tab, click Assign Templates.
  3. From the Audit Logs, set up audit log criteria and time frame.

Configuring the map attributes

  1. Select the required OpsRamp property from the drop-down.
  2. Click Add Mapping Attributes to map attributes for the specific OpsRamp alert property.
  3. Click + to define the mappings.
  4. From Create Alert Mappings on Status, define the mappings, parsing conditions, and default values, and Save.

The following tables shows the attribute mappings.

OMS PropertyOpsRamp Property
subjectAlert subject
descriptionAlert description
alertTimeAlert time
currentStateAlert state
serviceNameAlert metric
device.hostNameAlert resource name

OMS configuration

Log searches helps retrieve data from the workspace. Alert rules then proactively identify issues from the log search data and create alerts. Further, you can define the necessary actions to do on the alerts. For example, a user wants to send alerts on Event Log Errors to OpsRamp using Webhook, then create a Log Search for Event Log Errors and configure the action Webhook in Alert Rule.

  1. Log in to Microsoft Azure.
  2. Go to Log Analytics (OMS) and click a workspace
  3. In the Management section, click Log Search.
  4. Enter the details for the Search and click Save.
Log Search

Step 2: Configure alert rules

  1. In the General section, click Alert and configure the following:
    • Name: Enter name for alert rule.
    • Search query: Select the search query from the drop-down. Select Use current search query to use the current query or select an existing search from the list.
      Search Query
    • Time window: Time range for the query. The query returns records that were created in this range of the current time.
      For example:
      • Time window is set to 30 minutes
      • Query is run at 12:30 PM
      • Records created between 12:00 PM and 12:30 PM are returned.
  2. In the Schedule section, enter:
    • Alert frequency**: Enter values for alert frequency. Alert frequency specifies how often a query should run.
      For example:
      • Time window is set to 30 minutes and Alert frequency is set to 60 minutes.
      • Query is run at 12:30 PM
      • Records between 12:00 PM and 12:30 PM are returned.
      • The next time the query would run is 1:30 PM and would return records between 1:00 PM and 1:30 PM.
    • Generate alert based on: Select Number of results.
    • Number of results: Select the logical operator from the drop-down and enter the value. An alert is created if the number of records returned is greater than or less than the value.
  3. In the Actions section:
    1. Click Yes in Webhook to post OMS alerts to OpsRamp.
    2. Enter the Webhook URL https://<api-url>/integrations/alertsWebhook/{client_id}/alerts/?vtoken={vtoken}
      Provide Tenant Id and Token from the OpsRamp configuration.
    3. Select Include custom JSON payload and enter the payload:
    4. Click Save to save the alert rule.

Payload

{
    "subject": "#Description",
    "description": "#Description",
    "alertTime": "#SearchIntervalStartTimeUtc",
    "currentState": "#Severity",
    "serviceName": "#AlertRuleName",
    "device": {
        "hostName": "#SearchResult.tables\[0\].rows\[2\]"
        },
    "app": "OMS"
    }
Alert Rule

Alerts are created for the criteria defined in the alert rule and OpsRamp successfully receives alerts from OMS.