This blog post is part of the Coretech Global Xmas blogging marathon. To find all cool content please take a look at http://blog.coretech.dk/
Recently I have been exploring OMS a lot and came across a cool user scenario which really showcases the benefits of having all data in one place. Using this big data to connect the dots between different systems and creating even more insights in your environment and the relationships between the different systems.
One demo which really had some eyes popping was in fact the calculation of the SCCM patch window with OMS. A lot of people already know that there’s a specific System Update Assessment solution which points out which machines are missing which updates. But there’s more to this solution that meets the eye on first sight.
You can use this solution, but also the data gathered by OMS for all your updates, to calculate very precisely how long it will take to patch a particular machine to create a patch window accordingly.
For this demo I presume you already have an active OMS subscription + workspace. For more info please refer to my OMS quick start guide to get you going fast: http://scug.be/dieter/2015/05/08/microsoft-operations-management-suite-quickstart-guide/
Log on to your workspace and make sure you have machines connected + the solution installed:
First click on Solutions Gallery:
Find System Update Assessment Solution and make sure it is added to your workspace. If it’s not yet added make sure to click the icon and add in the next screen
Make sure to add the Solution to your workspace
If you add the Solution for the first time it will perform an Assessment to gather the data for your environment:
When the Initial Assessment has been complete you will get your info on the tile which represents the System Update Assessment:
TIP: No worries my environment is not that badly patched but if you are looking into taking this solution for a test drive you can always install Azure VM’s with an earlier image (a couple of patch Tuesday’s ago) to have a machine which is in fact missing updates)
Click on the tile to open the detailed pane shown below:
Click on the Required Missing updates pane:
The next window will give you by default a graphical overview of the patches missing + the days ago the patches were released. This gives you a nice overview of how severe your machines are not patched. You also get a nice pie chart to give you an overview on how many patches are missing + the category of the patches.
Note on the right there’s an indication in minutes how long it will take on Average to install these missing updates:
This is not just a “Guesstimate” but OMS is actually using data out of the logs collected by all machines to give you an accurate time of install of this particular set of patches missing on this machine.
The number (in this case 81) is indicating that in fact they have data for all patches missing regarding the install time they will take to install.
At this time you can clearly state that the machine will probably be patched in approximately 14 minutes. You can build in some margin but definitely don’t need an hour to patch this machine.
This is just the pretty eye candy view of the Solution!
If you want to have the data by update you can dive into the big data gathered and create your own insights in your patch strategy. This can be achieved by using the “raw data” in the Search Query view and creating your own views. Let’s see how we can find out for example which patches will take more than 60 seconds to install so we can put them in a different patch group:
Click on “results” next to updates right underneath the search query window
At this point you get the 81 results with all their data but… no install time?
Click “Show More” on the bottom of the screen to unveil the InstallTimeAvailable / InstallTimePredictionSeconds / InstallTimeDeviationRangeSeconds properies
This is the data gathered for all the updates which are identified as missing on my systems.
InstallTimeAvailable: Will give you an indication whether enough data is gathered in the OMS system to give you an actual prediction of the install time. For new updates it can take some time to find the right data to be reliable to give you an accurate prediction of course.
InstallTimePredictionSeconds: This is the prediction based on all the data gathered through the OMS system (note this is not only based on your environment but across all environments connected to OMS showing the huge advantages of the Big Data approach of Microsoft Operations Management Suite.
InstallTimeDeviationRangeSeconds: Will give you an indication how much fluctuation is possible on the prediction. In this case the value is 0,83 meaning this can either be minus or plus.
Now to find out how many of the updates (81 of them) have an install time of more than 60 seconds we need to use the Search Query power:
Click in the Search Query window on the top of the screen and start typing Install at the end of the line:
OMS will give you suggestions on which parameter you want to search. In this case we are going to search on “InstallTimePredictionSeconds =”
So just click on it to get it into the Search query as shown below. At this point we can put “Greater than” 60 and run the search query by clicking the search Icon on the right or hitting Enter:
There we go… We have 6 patches will take longer than 60 seconds to install so we can take appropriate action regarding these patches in SCCM:
This is just a small example of the huge amount of insights you can create with OMS to help you further tune the management of your environment.