I want to "scan" and discover installed software on computers. That can be done by using a PowerShell script as this one:
Get-WmiObject -Class Win32_Product | select Vendor, Name, Version| Out-File Outputfile.txt -Append
But instead of doing this manually, I wondered if it's not something Azure could do automatically. Maybe not exactly this script but do Azure have a solution that can scan the end-user's computer for installed software and collect a log in a central place so you can get an overview.
Best regards
Azure Policy Guest Configuration allows you to monitor installed applications on Windows VMs by auditing the configurations inside the VMs.
As mentioned in the document linked by Rahul, you can also use the Azure Automation Change Tracking and Inventory feature to find out which software is installed on both Azure and non-Azure machines. It will provide you with a list with the software that has been found:
You can also check for this in the Azure Monitor inventory logs or under the Inventory for each individual VM's resource page.
Related
H All
I'm trying to get a full list of functionality the OMS agent for Linux provides in Azure. I understand it provides host level and guest level monitoring, but what other benefits are there for it? Also would anyone know if it makes any changes to the OS, apart from configuring the agent to gather the data\metrics.
Also are there any known issues with RedHat VMs?
Thanks in Advance
From the document,
The agent for Linux and Windows isn't only for connecting to Azure
Monitor, it also supports Azure Automation to host the Hybrid Runbook
worker role and other services such as Change Tracking, Update
Management, and Azure Security Center. For more information about the
Hybrid Runbook Worker role, see Azure Automation Hybrid Runbook
Worker.
Also, you can see the supported scenarios for more details.
note that, refer to https://learn.microsoft.com/en-us/azure/azure-monitor/platform/log-analytics-agent#agent-prerequisites
Either rsyslog or syslog-ng are required to collect syslog messages.
The default syslog daemon on version 5 of Red Hat Enterprise Linux,
CentOS, and Oracle Linux version (sysklog) is not supported for syslog
event collection. To collect syslog data from this version of these
distributions, the rsyslog daemon should be installed and configured
to replace sysklog.
I'm trying to follow the below Article(s) to configure Azure Log Analytics for on prem servers as well as Azure servers to get a list of installed software.
It works well on Azure VMs but not on non-Azure VMs. All servers are successfully sending Heartbeats but only the Azure VMs are showing a list of installed Software when running the below query:
ConfigurationData
| summarize arg_max(TimeGenerated, *) by SoftwareName, Computer
| where ConfigDataType == "Software"
| summarize count() by Computer
ref: https://learn.microsoft.com/en-us/azure/automation/automation-tutorial-installed-software
https://learn.microsoft.com/en-us/azure/log-analytics/
Anyone knows how to get the On-Prem to show a list of installed Software?
Ok, I've found the solution!!
For azure its being done automatically but for non azure we need to go manually in our automation account and check on "Enable Inventory" and here we have 3 options (see my screen shots).
From Home --> Automation Accounts --> Automate-%ID%-WEU --> Inventory
may be useful for the Documentation as its a must for non-azure vms
ref: https://learn.microsoft.com/en-us/azure/automation/automation-tutorial-installed-software
CHECK MY COMMENTS AT THE BOTTOM
As part of our development process we are required to certify our drivers against the Microsoft HLK/HCK test suites. As our testing infrastructure exists in Azure, I need a method to enable secure boot via ARM template (or other method) on the Azure Marketplace based VMs.
I have scoured the interwebs for references to this process, but was unable to find anything.
Is there an option anywhere in the latest ARM versions that would allow me to secure boot enable my Server 2016-Datacenter Azure VMs?
https://argonsys.com/learn-microsoft-cloud/library/secure-boot-on-virtual-machines/
This could be enabled on the Guest OS level if the powershell run upon the Guest OS goes through. If not it could be within the ARM GitHub Schema prior to being documented. If not Microsoft may need to intervene on a low severity task.
I am provisioning a new VM for Windows to run some samples using Python notebooks and sql server. The existing samples are using the classic portal. In the new portal, I have the options to add or provision one of two VMs:
Data Science Virtual Machine runs on Windows
Data Science Virtual Machine runs on Windows (CSP)
I want to know the difference; I might be misreading it, it seems one has license (CSP's description says "Bring Your Own License enabled.")? Also, When should one pick one over the other?
Thanks.
The CSP editions of the Data Science Virtual Machine (#DSVM) are only deployable in CSP (Cloud Solution Provider) based subscriptions. CSPs are Microsoft Partner companies that are certified to re-sell Microsoft cloud services and provide value added services on top.
Here's a comparison of the different licensing modes that are available:
Licensing Modes for Cloud Services
If you are not using a CSP subscription you deploy the non CSP offers. As the CSP offers require the licenses to be provided by a CSP and on a CSP Licensing Agreement.
Is it possible, using the Azure portal or some other means, to export the subscriptions configuration, for example as an XML file?
I mean things like details of web sites / roles, virtual machines, the size of the machines etc?
Then I could export every day and use a diff tool to check nothing has changed by mistake....
Just thought I'd ask before I write a giant PowerShell script.
I agree this would be a nice feature to have. It's often easier to build out the environment via the portal, but copying that from one tenant (dev) to another (prod) would be much faster and easier if it could be exported to JSON or XML and processed via PowerShell.
Azure Resource manager however does not support resources like Cloud Services, API Management, Mobile Services, Azure Scheduler, Azure Automation, Azure Active Directory, Recovery Services, Media Services, etc. ...
So the summary is - No, there is no such service yet to help you export all your subscriptions configurations.
If you just look for Virtual Machines and Web Sites, then Azure Resource Manager may be in help. But if you look for a complete backup - there is no way to easily achieve this today (2015-03-17).
Probably you could write some Powershell script combining the power of Azure Service Management + Azure Resource Manager, but frankly I am not really sure whether that would also help.