Monitoring
Server Monitoring
Each Managed Windows VM will be monitored by Swisscom. The monitoring agent (Prometheus Windows Exporter) is installed and configured with Ansible. Prometheus is a popular open-source monitoring tool that collects metrics from targets by scraping HTTP endpoints. The agent collects Operating System metrics and notifies the Swisscom operation team in the event of an anomaly. You can set up your own self-managed Prometheus monitoring and collect the metrics from the preinstalled Prometheus Windows Exporter available for Managed Windows.
Prometheus Windows Exporter for Managed Windows
Your Managed Windows VM comes with the Prometheus Windows Exporter. The purpose of this service is to provide an endpoint for your self-managed Prometheus instance to scrape Operating System related metrics, including CPU, memory, disk, network, and other components. The Prometheus Windows Exporter listens on http port 9182 by default.
To view all the exposed metrics, you can use the Invoke-RestMethod
powershel command on your Managed Windows VM, as shown below.
Invoke-RestMethod -Method Get -Uri http://localhost:9182/metrics
You can also look at the exposed collectors in the browser:
Configure WMI and Performance Monitor for Managed Windows
Windows Server 2012 and up does not support SNMPv3. Microsoft officially states that SNMP is deprecated in Windows Server 2012 and up. Because SNMP v1 and v2 are not secure they are not supported by Swisscom. The compliance check tests if SNMP is disabled.
Instead, you should use Common Information Model (CIM/WMI). In the Resource Domain you will find for each VM a Domain Local Group called DL_ESC-MOS-Win-Access_[ComputerName]_S_05
for OS, and DL_ESC-MOS-SQL-Access_[ComputerName]_S_05
for SQL. These groups give you the possibility to grant access to a Service Account for reading the CIM Namespace via WMI.
With this group it is also possible to read all Performance Monitors.
With the following Power Shell command you can get all disk information from the Remote Server
Get-WmiObject win32_logicaldisk -Computername RemoteComputer
With this command you can list all performance counter from a Remote Computer
Get-Counter -ListSet * -ComputerName RemoteComputer
Configure additional metrics
In order to configure additional metrics you have to enable collectors for your machine. Find a list of collectors you can activate here. To enable the collectors please open a change request for swisscom to enable the collectors for you.