I thought its perfect time to publish another post on OMS, because last week OMS team makes available two new solutions called Azure Network Analytics & Azure Key Vault.
If your new to OMS review my previous blog about Office 365 on-boarding to OMS . From today’s post I’ll walk-through how to on-board newly release (in preview) feature Azure Network Analytics.so lets get started 🙂
First you have to add the solution to the workspace you working on, in overview page click the solution gallery on left side and you will see various solution available to use click the Azure Network Analytics and add it to workspace.
Next we have to enable the NSG (Network Security Group) diagnostic and configure storage account to store those diagnostic.You can enable NSG diagnostic from Azure Portal or PowerShell.
Next Configure Log Analytics to collect JSON logs from Azure blob storage, we have to run following PowerShell script.
# Connect to Azure Login-AzureRmAccount # If you have diagnostics logs being written to classic storage you will also need to run Add-AzureAccount # Import the module Install-Module -Name AzureDiagnosticsAndLogAnalytics # Run the UI configuration script Add-AzureDiagnosticsToLogAnalyticsUI
When you run Add-AzureDiagnosticsToLogAnalyticsUI you want to choose which diagnostic you want to configure.
After that it checks the NSG diagnostics are enabled and it shows which VM are disable and enable.
Select the diagnostic logging you want to add for OMS.
After finished adding it search for the OMS workspace and prompt you to select the OMS workspace.
After couple of minutes it gives the solution is successfully enabled to the workspace.
You can verify the diagnostic logs are enabled by using following PowerShell command.
Find-AzureRmResource -ResourceType 'Microsoft.Network/NetworkSecurityGroups'| select ResourceId | Get-AzureRmDiagnosticSetting
Ok. That’s all for configuration give OMS couple of hours to collect the logs and analysis the you will see the tile is populated with data.