Can you clarify if I understood correctly: you would like to pull in and index events from other tools/collectors that are already collecting them? Could you please elaborate on the scenario and what you would like to achieve?
On our side, we need to send all data from OMS to ArcSight, how can that be done?
7 votes1 comment · Azure Monitor-Log Analytics » Log Management and Log Collection Policy · Flag idea as inappropriate… · Admin →
10 votes0 comments · Azure Monitor-Log Analytics » Agent Management, Data Metering and Usage (Portal) · Flag idea as inappropriate… · Admin →
Thank you for your feedback. Our Marketing team is actively working on this. we will let you know once it will be defined.
There are a few options here.
- You could use SCCM to deploy SCEP
- You could use the Azure Automation component of OMS to deploy SCEP e.g. using Desired State Configuration (DSC)
I would like to be able to push, update or remediate SCEP agents issues from the Malware Assessment tab.
I like the DSC idea, but will be some time before I get to that.
12 votes2 comments · Azure Monitor-Log Analytics » Agent Management (OnPrem components) / Connectivity / Setup · Flag idea as inappropriate… · Admin →
Do you have a tool today that you use for deploying software? What are the drawbacks to using it to deploy the MMA?
It would be very useful to be able to Install\Push OpsMan Agent to servers through the OMS page when connected to your AD.
Yes, SCCM is used for deploying software, but only for clients, not servers. Drawbacks would be not being able to install agent to those systems without SCCM client also.
we are investigating overall noise-reduction techniques for change-tracking. This remains in our product backlog.
Ignore certain software or services in the change tracking dashboard. Ignore certain alerts that do not matter and should not be shown in the console causing clutter.
15 votes2 comments · Azure Monitor-Log Analytics » Alert Management Solution · Flag idea as inappropriate… · Admin →
We have rolled out in public preview, enhanced alert interface allowing alert owners to acknowledge or close alerts. See: https://docs.microsoft.com/en-us/azure/monitoring-and-diagnostics/monitoring-overview-unified-alerts#enhanced-unified-alerts-public-preview
2 votes0 comments · Azure Monitor-Log Analytics » Configuration Assessment (Legacy Advisor Scenario) · Flag idea as inappropriate… · Admin →
Thanks for the feedback, Nathan.
We’re looking at using information from the Windows Security Center to collect status from non-Microsoft antimalware products.
38 votes2 comments · Azure Monitor-Log Analytics » Solutions / Packs Gallery and new IP ideas · Flag idea as inappropriate… · Admin →
This is not currently on the roadmap for the ‘new’ assessment styles. We’ll watch the community for interest.
the old Configuration Assessment does have rules for Exchange, anyhow.
I would like to double down on my comment to the lync assessment, additional assessments are useful and others such as SCOM, SCCM, LYNC, Exchange, SharePoint, and clustering would be great.
6 votes1 comment · Azure Monitor-Log Analytics » Solutions / Packs Gallery and new IP ideas · Flag idea as inappropriate… · Admin →
Potentially, based on demand. Our Customer Support (CSS) partners own those technology assessments and best practices/health rules. I’ll check with them.
It might be more appropriate to track each vertical/technology request under its own idea…
I won't vote for this, but agree it would be great to have more assessments. I think that tracking individually needs to happen as mentioned in the comments. Some assessments that would be useful and would be good to track might be SCOM and SCCM along with Lync, Sharepoint, Exchange and clustering. There are probably others, but those are the ones that come to mind.
We continue to investigate this. Due to the current roadmap and strategy this will remain in our backlog. Please continue to share feedback related to this topic to help us make an informed decision at a later time.