For the last several months Pete Zerger, Tao Yang, Kevin Greene, Anders Bengtsson and me have been working hard to update Inside OMS book. With the latest changes we are now on version 3 of the book and with new name: Inside Azure Management
As I still see people confused and not informed about OMS I’ve decided to write this blog post and lay my thoughts around the end of OMS.
If you are not sure what is OMS that is ok and you do not necessary need to know but if you are curious you should check out my blog post What is OMS and a Brief History of It. At Ignite 2018 Microsoft probably announced the last major change related to OMS. This was announced on the Azure blog and at Ignite session. To put it in short Log Analytics (which is in 99% what people refer to when they say OMS) is part of Azure Monitor. In Azure Monitor you might see it being called just Logs for short. But besides that there are actually way more changes some of which happened at Ignite others were happening for quite some time.
While discussing Azure/OMS topics in the community I often see incorrect usage of OMS (Operations Management Suite). That is understandable of course as Microsoft hasn’t done good job at clearing out all the terms but I still think we should be using the correct term when posting questions or discussing OMS in forums and other sites. This can help us communicate better between each other and especially in forums could result to answering question faster. As we the move from OMS Portal to Azure Portal it was about time to write this blog post which I’ve intended to do for quite some time but always delayed due to different circumstances.
For quite some time it was clear that the OMS Portal will move completely to Azure and that is good news. We have seen services like Update Management, Azure Security Center (Security & Audit solution is part of it) releasing new functionalities only in Azure Portal. In fact some services that have been part of OMS (OMS is a suite not a product or service) have always been in Azure Portal. Such services are Azure Backup, Site Recovery, Application Insights, etc. Microsoft has documented OMS Portal deprecation but I would like to add some things to the ones documented there:
Since Ignite 2017 Security & Compliance offering is now part of Azure Service Center service. Because of that some of the controls of that offering are moved to ASC but still the integration is not complete at least to me. With this blog post I will focus on two of the ASC settings that you should set up when you start with ASC – Changing to another Log Analytics workspace and Security Events level (filtering). Continue reading “Tips and Tricks of Setting up Azure Security Center”