UNIFYMonitor was developed to act as a branded portal to host content driven by PowerBI and Azure. While working on a client who has requirements for alert monitoring through UNIFYMonitor it was raised that the alerts we deliver to the client are branded and sent from Microsoft Azure. It would be preferable if the alerts, like our dashboards, are branded as UNIFY products.
The Log Analytics team have stated (here) that they plan on incorporating email/sms templates into the platform; however, there is no stated timeline or information on what level of customisation will be available.
Alerts have several forwarding options when triggered, including the ability to send json to Azure Functions, making it relatively easy to send data to any forwarding service we may configure/develop.
In the case of this project work we plan on using Ivanti as a tool to reformat and forward the alerts we send via Azure Log Analytics.
This item has been roadmapped for the current project.
AMS should incorporate the FIM/MIM reporting currently used for health checks on support contracts.
UNIFYMonitor will provide an SDK for end services to integrate.
One of our customers (UNE) has advised on the time frames for UNIFYMonitor (MIM Dasboards & Alerts) to be WCAG compatible. Could you please advise on the timeframes / next steps.
This item has been roadmapped as part of the current project.
The former hand-crafted MIM Health Check report used to incorporate listings of both Open and Recently Closed JIRA tickets. Reports listing the same data, with Ivanti links direct to the issue, would be useful additions to the PowerBI reporting suite.
Thanks for the suggestion Bob. I've added Ivanti as a potential stakeholder for future integrations as we progress the new project.
Presently the email logwriter is used at 2 sites to write ERROR level alerts to designated UNIFY O365 distribution groups. However these would be better served as JSON alert records written to OMS in the identical format of the corresponding Health Check JSON file. This way they could drive both (selective) OMS alerting as well as (selective) dashboard publishing.
I'm thinking of implementing this myself, but I can see a broader benefit of consistent automated real-time montitoring across all Broker sites (particularly with Event Broker, which is now a prerequisite for ALL UNIFY MIM sites.
Identity Broker v5.2 includes the Azure Log Analytics Log Writer and so can do this out-of-the-box. The next release of Event Broker (after v4.0) should also include this log writer.
Please see the latest comment on the linked ticket for an example PowerShell script for use in lower versions of the two products.
As part of a recent engagement at a customer, where consolidated reports of all export and import (sync) errors per MIM connector were required to support a MIM sync config deployment, a new script MIMErrors.ps1 has been developed to run selected SQL reports from a library AllSQL.xml. A separate HTML application (MIMErrors.hta) has always allowed these reports to be run interactively, displaying the results in an HTML table. However the script version was required for the customer due to problems running an HTA on their host. I have checked the above files into a new subfolder in the UNIFY Solutions.Tools repository.
As a result of this development, the script could now be adapted for inclusion in the Run-HealthCheck.ps1 scheduled task ... either as a custom extension or as a standard option with the -FIMSync switch, and generate JSON data instead of HTML files, for consumption in OMS/PowerBI. These could then be used to drive new reports, including 2 specific ones (ExportErrors and ImportErrors) to support drill-down capability for the existing MA Connector Errors report.
Some things to consider:
- Frequency - at least two customers run the healthcheck report hourly, and this may be overkill ... a separate suggestion is being made to support the running of this script at different frequencies for different switches
- Security - a check would need to be made before implementing a report that identified individual CS/MV objects to make sure that this isn't in violation of any security constraints that need to be observed for each specific customer
- Approach - SQL may not be the best way of retrieving the data, e.g use of the https://github.com/lithnet/miis-powershell PS module may be preferable in an architectural sense because the FIMSynchronizationService database is not strictly designed as a reporting source and is prone to locking if queries are not constructed explicitly to avoid this possibility.
- Target audience - this would generally only be for SD resources who need to be able troubleshoot specific issues without needing to VPN to the customer site to investigate
This item will be revisited with the new UNIFYMonitor project, where the data collection capability will be revisited to allow functionality as suggested above.
Item will be reassessed with the new project
Is there some way we could have these times/dates shown in a local timezone rather than UTC? If not then could the results at least mention the timezone (rather than the viewer having to assume it, based on the search interval start time).
This will be resolved with the new project.
This is a requirement for the UMA for B2C service offering.
Thanks for the suggestion, Shane.
Are you able to supply any details on the specific requirements UMA for B2C would have?
If AMS is to be marketed as a product/service, it must have a published road map.
Customer support service by UserEcho