Want to learn about Cloud Security? Watch this new training on Azure Security Center

Want to learn about Cloud Security? Watch this new training on Azure Security Center

Security threats increase in volume and sophistication every day. And regardless of your organization’s size or the industry you’re in, Azure Security Center threat detection capabilities, alerts, and recommended fixes can give you the tangible data you need to help protect your cloud resources. Plus, you can monitor your on-premises, hybrid, or cloud environment—Azure, Amazon, or any other public cloud—to get a more complete picture.

In Hybrid Cloud Workload Protection with Azure Security Center, a new course now available on Microsoft Virtual Academy, Yuri Diogenes and Ty Balascio offer an overview of Azure Security Center, including requirements, planning, onboarding, and troubleshooting. Ty and Yuri work with real-world data and share their experience in the industry to show how the threat landscape differs for a cloud or hybrid versus on-premises. And they explore threat detection and response in a lab environment so they can talk you through it.

Check out this detailed demo of using the investigation dashboard to drill down on an incident. You’ll see how to correlate multiple entities that are part of the same attack so you can understand how an attack moves against each host in a system. You’ll learn how to use that information to continue your investigation and pursue closure of your incident response.

Original article. 

You can’t access the UNIX/Linux computers view in the Administration pane in Microsoft System Center 2012 R2 Operations Manager?

You can’t access the UNIX/Linux computers view in the Administration pane in Microsoft System Center 2012 R2 Operations Manager?

If you can’t access the UNIX/Linux computers view in the Administration pane in Microsoft System Center 2012 R2 Operations Manager, then you probably receive the following error message:

 

Date: 12/30/2017 7:48:49 PM Application: Operations Manager Application Version: 7.1.10226.1360 Severity: Error Message: System.NullReferenceException: Object reference not set to an instance of an object. at Microsoft.SystemCenter.CrossPlatform.UI.OM.Integration.UnixComputerOperatingSystemHelper.JoinCollections(IEnumerable`1 managementServers, IEnumerable`1 resourcePools, IEnumerable`1 unixcomputers, IEnumerable`1 operatingSystems) at Microsoft.SystemCenter.CrossPlatform.UI.OM.Integration.UnixComputerOperatingSystemHelper.GetUnixComputerOperatingSystemInstances(String criteria) at Microsoft.SystemCenter.CrossPlatform.UI.OM.Integration.Administration.UnixAgentQuery.DoQuery(String criteria) at Microsoft.EnterpriseManagement.Mom.Internal.UI.Cache.Query`1.DoQuery(String criteria, Nullable`1 lastModified) at Microsoft.EnterpriseManagement.Mom.Internal.UI.Cache.Query`1.FullUpdateQuery(CacheSession session, IndexTable& indexTable, Boolean forceUpdate, DateTime queryTime) at Microsoft.EnterpriseManagement.Mom.Internal.UI.Cache.Query`1.InternalSyncQuery(CacheSession session, IndexTable indexTable, UpdateReason reason, UpdateType updateType) at Microsoft.EnterpriseManagement.Mom.Internal.UI.Cache.Query`1.InternalQuery(CacheSession session, UpdateReason reason) at Microsoft.EnterpriseManagement.Mom.Internal.UI.Cache.Query`1.TryDoQuery(UpdateReason reason, CacheSession session) at Microsoft.EnterpriseManagement.Mom.Internal.UI.Console.ConsoleJobExceptionHandler.ExecuteJob(IComponent component, EventHandler`1 job, Object sender, ConsoleJobEventArgs args)

 

Cause

The issue occurs if the UNIX/Linux monitoring resource pool is deleted

How to solve it!

To resolve the issue, follow these steps:

  1. Create a resource pool for UNIX/Linux monitoring. Give the new pool a different name than the name of the deleted resource pool.
  2. Add the management servers that perform UNIX/Linux monitoring to the new resource pool.
  3. Configure the UNIX/Linux Run As accounts to be distributed by the new resource pool. To do this, follow these steps:
    • In the Operations console, go to Administration Run As Configuration > UNIX/Linux Accounts.
    • For each account, follow these steps:
      – Right-click the account, and then select Properties.
      –  On the Distribution Security page of the UNIX/Linux Run As Accounts Wizard, select More Secure.
      –  In Selected computers and resource pools, select Add.
      –  Select Search by resource pool name, and then select Search.
      –  Select the new resource pool that is created in step 1, select Add, and then select OK.
  4. Run the following PowerShell cmdlet to retrieve the managed UNIX and Linux computers:
    Get-SCXAgent
  5. Verify that the agents that are associated with the deleted resource pool still exist and that the relationship remains.
  6. Run the following command to change the managing resource pool to the one that is created in step 1:

    $SCXPool = Get-SCOMResourcePool -DisplayName "<New Resource Pool Name>"
    Get-SCXAgent | Set-SCXResourcePool -ResourcePool $SCXPool

Original article.
Education In SCOM Management Pack Development

Education In SCOM Management Pack Development

In May, our own Vincent de Vries from OpsLogix will visit Sweden to host a 2-day training in Management Pack development together with Jonas Lenntun from Approved. As in previous years, the education event will be held at the Radisson Blu hotel at Lindholmen in Gothenburg. Vincent has over 10 years of experience in developing Management Pack for SCOM and is one of the most prominent developers in the System Center community.

Vincent de Vries, SCOM DAY 2017 Vincent de Vries, SCOM DAY 2017

The participants will have the opportunity to get tips and tricks from real-world scenarios and learn how SCOM works behind the scenes. When you have a deeper understanding of how Management Packs work, you’ll be better equipped to trim it in the best possible way.

Would you like for us to organize a similar event in Amsterdam?

Fill in the Quick Yes/No Poll below!

After this course, you will learn the most important basic skills to get started with Management Pack development. The training is for those who already work as a SCOM administrator or IT developers who want to start building their own monitoring tools for their organization(s). The course will be held in English.

I'd like to join the Amsterdam Event. Please keep me informed.

11 + 11 =