Tag: Monitoring

How To Capture Client IP in OCI Application Performance Monitoring

The Oracle Cloud Application Performance Monitoring (APM) service collects end user trace sessions for Real User Monitoring (RUM). By default the client IP is not captured for the end user session. For some customers, default Geolocation info (eg. Country, Region, City) may be sufficient for end user monitoring. However, for those who want to collect Client IP information as well, to enable this setting please see the following example.

Enable Client IP Collection for End User Session

For every End User Session, we want to capture the Client IP address location.

1. To do this, in the OCI Console, navigate to the OCI APM Service

OBSERVABILITY & MANAGEMENT > APPLICATION PERFORMANCE MONITORING > ADMINISTRATION

2. Then navigate to:
APM DOMAINS > [Select APM Domain eg. psft_app] > Span Enrichment > Global Settings

Continue reading “How To Capture Client IP in OCI Application Performance Monitoring”

Guide to OCI Custom Metrics and Monitoring Options

OCI gives you flexibility to create custom metrics when no out of box metrics are available. There are two options on how this can be achieved. Depending on your use case let’s take a look at which choice works for you.

RequirementsOCI Monitoring Service OCI Stack Monitoring Service
View Metrics in Monitoring Service
YesYes
Create AlarmsYesYes – Automatically, emitted to Monitoring Service once Metric Extension is enabled for target resource
Metric DimensionsYesYes
Frequency CollectionControl by client API execution, cron job, scheduler or agentYes – can be configured when creating the metric extension.
Collection can be directly executed by OS command, Script(eg. Shell, Python), SQL, JMX or HTTP (REST API) Custom Metrics can be published using OCI CLI or REST APIYes – Use Metrics Extensions
Centrally manage Custom Metrics for single or multiple resources – Enable, Clone, Export/ImportYes
Define collection based on Resource Types (eg. apache_http_server, apache_tomcat, oci_oracle_db, ebs_instance, host_linux, host_windows, miscrosoft_iis, sql_server etc…)Yes
Baseline and Anomaly detection in Metrics using ML based algorithms Yes
Perform correlation across multiple metricsYes
Apply Metric Extension lifecycle phases: Test and Validate, PublishYes
Custom Metric Collection from OCI, on-premise and/3rd party CloudYesYes
Alert against log data from OCI Logging AnalyticsYes – The Detection Rule needs to be created in OCI Logging Analytics
Custom Metric collection using Prometheus Exporter YesYes
Continue reading “Guide to OCI Custom Metrics and Monitoring Options”

Certificate expiry monitoring in Oracle Cloud Infrastructure

I’m sure we’ve all experienced it, either as a user, or as a system administrator. You know, that important SSL certificate everyone forgot about so didn’t renew, and now has expired?

When an SSL/TLS certificate expires it can create a number of problems, including:

  • Users’ web browsers will display warning messages, indicating that the website’s connection is not secure. This can lead to a loss of trust and deter user engagement.
  • API clients will often refuse to establish a connection if an SSL certificate is not valid potentially disrupting crucial data exchanges and integrations.
  • Search engines may flag the site as unsafe, leading to a drop in rankings and reduced organic traffic.

Also regularly encountering certificate warnings conditions users to accept future certificate errors, which makes them more likely to accept an SSL certificate warning should they be targeted in a Man In The Middle Attack.

To avoid these issues, it’s important to have enough advance warning that a certificate is going to expire so you can obtain a new one, install, and test it thoroughly.

If you’re already using Domain Validated (DV) certificates, such as those issued by Let’s Encrypt you might want to consider my automated Let’s Encryption Solution. This solution automatically handles the entire certificate lifecycle using serverless functions inside OCI. For those who prefer to bring their own certificates, these can be imported into OCI’s certificate service.

As at June 2023, certificate expiry monitoring in OCI is primarily focused on certificates associated with Load Balancers. To improve monitoring, I’ve developed a serverless solution that examines all certificates expiration dates. The solution emits logs and sends email notifications, also allowing for customisable lead time to align with your organisation’s certificate procurement process. Logs can also be forwarded to your SIEM solution if required.

Continue reading “Certificate expiry monitoring in Oracle Cloud Infrastructure”

Stack Monitoring for EBS

The Stack Monitoring service is a recent addition to the OCI Observability & Management family.

If you are running Oracle E-Business Suite (EBS) application today you will now be able to perform an auto discovery of all related resources in OCI Stack Monitoring. It will collect metrics specific for your EBS resources as well as ability to perform correlation across the EBS application and infrastructure stack as well as enable proactive alerting.

Components that will be auto discovered includes:

  • Concurrent Processing Node
  • Workflow Manager
  • WebLogic
  • Forms

Today, Stack Monitoring service supports EBS version 12.1 and 12.2 deployments hosted on OCI, On-Premise or Third Party Cloud (eg. AWS, Azure). 

In the example, I will show you how you can configure Stack Monitoring for EBS version 12.2.

Continue reading “Stack Monitoring for EBS”

A Better Mechanism for Periodic Functions Invocation?

Update: There is now an even better way to do this, with first-class support from the OCI Resource Scheduler – just set it to ‘Start’ your Function, and it will be invoked based upon the configured schedule.

Functions in Oracle Cloud Infrastructure are great. As a serverless execution environment with pre-built logging, metrics, etc. it allows developers to simply focus on their code and not worry about all of the supporting infrastructure, while still providing a lot of flexibility through the use of container primitives. As great as Functions are, they are reactive, they can only be invoked and can’t natively be configured to be executed in a spontaneous or scheduled manner. Often this won’t matter, as Functions will be invoked directly or indirectly by users, or in response to events, but sometimes you simply need a bit of code to run periodically.

Continue reading “A Better Mechanism for Periodic Functions Invocation?”

OCI Observability & Management Platform (O&M) – Agent Based Monitoring

There are various ways you can bring telemetry and operational data into OCI Observability & Management (O&M) to proactively monitor and gain operational insights into your IT fleet.

Example of ways you can do this are:

  • Service Connector Hub – Route and move data from one OCI service to Another OCI Service (eg. OCI Logging to Logging Analytics)
  • API Call – Collect data from files stored on Object Storage or Upload Log data on demand
  • Agent Based – Deployment of Agent on Host

If you have targets you want to monitor on-premise or in the cloud (OCI, AWS, Azure etc…) and you have access to the VM or Compute instance (ie. you can SSH or Remote Desktop to the host), then an Agent based method will allow you to collect and bring that data into unified platform in O&M.

In this example we will show how you can deploy Agent based method (on Linux OS) so you can leverage the O&M services including:

  • Logging Analytics
  • DB Management
  • Operations Insights
  • Java Management Service

1 – NETWORK COMMUNICATION (For External Targets to OCI)

NOTE: The additional network communication setup is not required if the targets you are monitoring are within your OCI tenancy account.

2 – ADDITIONAL PRE-REQUISITES

For Setup Compartments, IAM Groups and Policies

Please also check the following tasks has been completed.
https://docs.oracle.com/en-us/iaas/management-agents/doc/perform-prerequisites-deploying-management-agents.html

NOTE: You may need to contact your OCI administrator to grant you the appropriate permissions.

3 – DOWNLOAD AND CREATE KEY

  1. From OCI Console navigate to:

OBSERVABILITY & MANAGEMENT > MANAGEMENT AGENTS > DOWNLOADS AND KEYS > CREATE KEY

2. Specify details and Click on CREATE

  • Key Name (eg. oci-reg-key)
  • Compartment (eg. shared_resources)

3. Review Key and Download Key to File (eg. oci-reg-key.txt)

NOTE: Your Key File will be in the format of <Key Name>.txt. Copy it to your target host.

4. Download Agent by clicking on the Agent for your OS (eg. Agent for LINUX) and copy to your target host

4 – INSTALL AGENT

1. Login to the host and locate the downloaded agent file oracle.mgmt_agent.rpm

$ sudo rpm -ivh oracle.mgmt_agent.<version>.Linux-x86_64.rpm
Preparing...                          ################################# [100%]
Checking pre-requisites
        Checking if any previous agent service exists
        Checking if OS has systemd or initd
        Checking available disk space for agent install
        Checking if /opt/oracle/mgmt_agent directory exists
        Checking if 'mgmt_agent' user exists
        Checking Java version
                JAVA_HOME is not set or not readable to root
                Trying default path /usr/bin/java
                Java version: 1.8.0_271 found at /usr/bin/java
Updating / installing...
   1:oracle.mgmt_agent-201113.1621-1  ################################# [100%]

Executing install
        Unpacking software zip
        Copying files to destination dir (/opt/oracle/mgmt_agent)
        Initializing software from template
        Creating 'mgmt_agent' daemon
        Agent Install Logs: /opt/oracle/mgmt_agent/installer-logs/installer.log.0

        Setup agent using input response file (run as any user with 'sudo' privileges)
        Usage:
                sudo /opt/oracle/mgmt_agent/agent_inst/bin/setup.sh opts=[FULL_PATH_TO_INPUT.RSP]

Agent install successful


2. Verify that the agent has been installed.

$ rpm -qa|grep mgmt_agent
oracle.mgmt_agent-201113.1621-1.x86_64

3. Copy the Downloaded key file (eg. oci-reg-key.txt) 

$ cp oci-demo-key.txt /tmp/input.rsp
$ chmod 755 /tmp/input.rsp

4. Update the parameter CredentialWalletPassword with your own password in the input.rsp file and then save file.

NOTE: This step is optional to set a wallet password

CredentialWalletPassword = YourP8ssW0rd123!

5. Then execute the setup script to install the agent

$ sudo /opt/oracle/mgmt_agent/agent_inst/bin/setup.sh opts=/tmp/input.rsp

6. When completed, check status of agent on host

For Oracle Linux 6: sudo /sbin/initctl status mgmt_agent
For Oracle Linux 7 or later: sudo systemctl status mgmt_agent

$ sudo systemctl status mgmt_agent
● mgmt_agent.service - mgmt_agent
   Loaded: loaded (/etc/systemd/system/mgmt_agent.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2020-12-03 05:20:43 GMT; 6min ago
  Process: 3072 ExecStart=/opt/oracle/mgmt_agent/agent_inst/bin/agentcore start sysd (code=exited, status=0/SUCCESS)
 Main PID: 3148 (wrapper)
   Memory: 248.5M
   CGroup: /system.slice/mgmt_agent.service
           ├─3148 /opt/oracle/mgmt_agent/agent_inst/bin/./wrapper /opt/oracle/mgmt_agent/agent_inst/bin/../config/wrapper.conf wrapper.syslog.ident=mgmt_agent wrapper.pidfile=/opt/oracle/mgmt_agent/agent_inst/bin/../log/mgmt_agent.pid wrapper.daemonize=TRU...
           └─3163 /usr/java/jre1.8.0_271-amd64/bin/java -Dorg.tanukisoftware.wrapper.WrapperSimpleApp.maxStartMainWait=5 -Djava.security.egd=file:///dev/./urandom -XX:+HeapDumpOnOutOfMemoryError -Xmx512m -Djava.library.path=../../201113.1621/lib -classpath...

Dec 03 05:20:31 oma-host systemd[1]: Starting mgmt_agent...
Dec 03 05:20:31 oma-host agentcore[3072]: Starting mgmt_agent...
Dec 03 05:20:38 oma-host agentcore[3072]: Waiting for mgmt_agent.........
Dec 03 05:20:43 oma-host systemd[1]: Started mgmt_agent.

5 – VERIFY AGENT IN CONSOLE AND DEPLOY PLUGIN

  1. In OCI Console, navigate to:
    OBSERVABILITY & MANAGEMENT > MANAGEMENT AGENTS > AGENTS

    Then click on the link to drill into the Agent (eg. Agent (snoopy))

2. Click on the Deploy Plug-Ins button

3. Choose the Plug-ins to deploy for your agent.

NOTE: If the plug-in is greyed out, then the plug-in is already enabled.

Now you should be ready to configure your service for:

For further details please visit:
https://docs.oracle.com/en-us/iaas/Content/services.htm

Setup Autonomous DB Monitoring in OMC

In this post I will show you how you can setup Autonomous DB monitoring in Oracle Management Cloud (OMC) in under 5 minutes.

NOTE: Make sure you have the appropriate policies setup before you start.

https://docs.oracle.com/en/cloud/paas/management-cloud/mcdbm/access-policies-assign-autonomous-database-related-privileges.html

STEP 1
You will need to obtain your OCI User Information associated with your Autonomous Database (ADB) instances from the OCI Console.

  1. Click on the user icon in top right hand corner of OCI console.
  2. Select User Settings
  3. On the User Details page, make a copy of the User OCID
  4. In addition to this, make a copy of the API Key Fingerprint.

STEP 2
You will need to obtain your OCI Tenant Information associated with your Autonomous Database instances from the OCI Console.

  1. Navigate to Administration > Tenancy Details
  2. On the Tenancy Information page, make a Copy of the Tenancy OCID.

HINT: If OCID is hidden, you can click on Show to display entire value if you wish.

STEP 3
In another browser session, launch the OMC Console.

HINT: If the side menu does not appear, click on menu icon

STEP 4
From the side menu, navigate to:

  1. Select Administration
  2. Select Discovery
  3. Select Cloud Discovery Profile

STEP 5
On the Cloud Discovery Profiles Page:
Click on + Add Profile

The Add Discovery Profile Page will appear.

  1. Specify a Profile Name (eg. ADWPROFILE1)
  2. Choose Cloud Service Provider Oracle Cloud Infrastructure
  3. Click + Add
  4. Select Region (eg. Frankfurt)
  5. Select Services (eg. Autonomous Data Warehouse)
  6. Enter Credential Name (eg. ADWCRED)
  7. Enter User OCID (eg. ocid1.user.oc1.xxxxx)
  8. Enter Tenancy OCID (eg. ocid1.tenancy.oc1.xxxxx)
  9. Enter the associated Private key with user API Key
  10. Enter the Fingerprint (eg. nn:nn:nn:nn:nn:nn:nn)
  11. Click on Start Discovery

STEP 6
On the Cloud Discovery Profiles Page, wait for discovery to complete. 

  1. Click on the Job Status Count
  2. Verify that the Service was completed successfully

This completes the setup. Now you are ready to start monitoring and managing your Autonomous Database in OMC.  Click here here for more.

Why Would you Monitor an Autonomous Database?

You probably heard that Oracle Autonomous Database (ADB) leverages machine learning to automate with traditional infrastructure related database administration tasks such as security, backups and patching.

No matter how well designed your database infrastructure is, performance and issues relating application or external components which make up the application ecosystem can still have an impact on end user response time or availability. Continue reading “Why Would you Monitor an Autonomous Database?”