Azure Operational Insights: Intelligence Packs


Yesterday I finally published my first Operational Insights blogpost. This blogpost described a very basic approach in creating an OpInsights account and installing the Microsoft Monitoring Agent on your servers. I ended this blogpost with an active account and 5 connected servers. The next step is to activate intelligence packs. But let we first look into intelligence packs. Intelligence Packs contain a collection of logic, visualization and data acquisition rules. These packs are used inside OpInsights to add extra functionality to OpInsights. You can compare them to Management Packs which we know from Operations Manager. We have the following Intelligence Packs available in OpInsights:

  • Active Directory Assessment
    The AD Intelligence Pack assesses the risk and health of your Active Directory Environment. Based on the analysis it provides a list of recommendations of your AD implementation. It will focus on 6 different categories.
  • Malware Assessment
    The Malware Intelligence Pack helps identifying servers that are infected or at risk of infection by malware. With simple dashboards you can quickly see which server need for attention looking to malware protection.
  • Capacity Planning (OpsMgr and VMM are needed)
    Based on the information collected by Operations Manager and Virtual Machine Manager this Intelligence pack helps you optimize your virtual machine placement, investigate “what-if” scenarios, pinpoint capacity shortages, identify stale and over-allocated VMs. It also allows you to plan CPU, Memory, Network and Storage needs for your infrastructure.
  • Security and Audit
    This Intelligence Pack helps you with analyses security related data of your environment. With built-in queries for security issues, it helps focus on the things that need your attention. This pack will be updated periodically, so you get the latest security intelligence. This could be a replacement of your current OpsMgr ACS implementation.
  • System Update Assessment
    This Intelligence Pack helps you identifying missing system updates across all of your added servers. With built-in dashboard you can easily see which servers need your attention.
  • Alert Management (OpsMgr needed)
    This Intelligence Pack will sync your OpsMgr alerts to OpInsights. With this pack you get out-of-the-box views which you will give you insights in your alerts.
  • Change Tracking
    This Intelligence pack helps you easily identify software and Windows Services changes that occur in your environment. Through out-of-the-box views you will get an insight in what’s happening in your environment.
  • Configuration Assessment (OpsMgr needed)
    This Intelligence pack helps you with identifying potential configuration problems through alerts and knowledge recommendations. This pack will proactively assesses your servers and identify configuration problems.
  • SQL Assessment
    This Intelligence pack will assesses your SQL Servers and provide an insight in the health of your SQL environment. Through dashboards you will get a visual view on the health.

In this blogpost we will look into the AD Assessment pack in detail. I’m planning blogposts on the other packs but for now I want to start with the AD pack. We can activate this pack by executing the following steps:

  1. Logon to Operational Insights
  2. Browse to Intelligence Packs
  3. Click on the AD Assessment Intelligence Pack
  4. Click Add to activate this Intelligence pack
  5. Now the AD Assessment pack will be loaded in Operational Insight. On your OpInsights page you will see the newly activated pack and the message that it will take 4 hours to get the data available for you.
  6. On your AD server you can see the following events in the Operations Manager log.

You see here in the naming convention that Advisor is still used. Advisor was the precursor of Azure Operational Insights.

  1. Now you have to wait. Data will be collected and send to Operational Insights. When this data has been analyzed the dashboard will be visible in Operational Insight. You should see this kind of dashboards:


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.