MOM 2005 Management Packs Grow up!

by Chris Fox

As I take a closer look at MOM 2005, it is clear to me that Microsoft is doing the right things regarding the evolution of management packs (MP).
For those who don't know, a management pack is a collections of health defining rules, reports, executable tasks and sets of criteria that are used to identify and track the health of an application on a single server or across servers. For every application that you monitor with MOM 2005, there usually is a MP if its a Microsoft product. MS has promised to ship each server product with its MP, but they don't always make it. I hope they get serious about keeping that promise, the mp for Virtual Server is sorely needed.

In the MOM 2000 and MOM 2000 SP1 days, when MS was frantically trying to rebrand the code that they had bought from NetIQ (who bought it from Mission Critical), MP's basically scraped the event logs and raised alerts when it found someting it didn't like. It wasn't even very good at telling you when a server had gone down. OK, I will say the AD and Exchange mps were a little more sophisticated, running scripted responses, and synthetic transacitons to determine response times etc. Overall there was plenty of room for growth.

One of my biggest gripes about MOM 2000 was the lack of state awareness, and apparently this was the gripe of plenty of other folks as well. The only way you could tell that an app was healthy or not was if it had associated alerts in the consoles.

Management packs in MOM 2005 go a great distance towards addressing these shortcomings. To start with the authoring of management packs starts with developing a health model of the application, the health model is based on indicators (event log events, perfmon counters, WMI providers etc.). This allows you to produce what MS calls a level 1 MOM 2005 MP. Level 2 MP's include state rollup features. The State of any monitored application or server is a composite of all the lower level components and health indicators. You can configure how you want the top level State to reflect the condition of the lower level contributors. It is some %tage representation of the best to worst state of the components. Also included are tasks, which are available in the new Operators Console. The tasks that are available are context sensitive to the appliations on the server you are examining and basically, they are shortcuts to the tools you would most commonly used for troublshooting. For example, if you are looking at an alert on a domain controller, a task that invokes DCDIAG is available and enabled, which it would not be if you were examining a member server.

The third (and last) level of management pack includes Report definitions for consumption in the new MOM Reporting Console. This is makes use of the new SQL Server 2000 Reporting Server services which draws its data from an automatically populated datawharehouse. Throw in the ability to create test transactions that feed into state awareness for the application, like the client side point of view of the response time to an LDAP GC/DC query or the responsiveness of an Exchange server and you have a tool that will help you know what is going on in your environment right now.

There are a host of management packs for other platforms and devices and with those added in, MOM 2005 starts to look like a true management framework. I personally would like to install the Cisco agent so I can elevate monitoring of my physical layer into the dynamically generated topology diagram.

Still lacking in MOM 2005 is the ability to do predictive modeling based on previously gathered performance and hardware baselines. The Dynamic Systems Initiative (DSI), as advertised, should fix this and do much more.

In some areas, the Microsoft platform is still viewed as the plastic toy cars when compares to their SUV peers in the big iron and UNIX fields. By making its platform the easiest to monitor and manage and model on, Microsoft will raise the bar in such a way as to make even the most ardent nay-sayers pause and take another look.

Agree with me or not, let me know!