Problem
After installing SCOM Linux Agent, the SCOM is properly monitoring Linux server, but detects no instance of Apache or MySQL, ie. no entry appears in SCOM either at following views:
Apache HTTP Server/Apache HTTP ServersMySQL/MySQL Servers
According to all guides, docs and step-by-steps, above entries should be filled with those Linux servers, in which the Apache and MySQL instances were detected. These entries should be available before any further configuration steps and should provide simple configuration tasks for configuring most default scenarios.
Linux instances themselves are monitored properly.
I have listed below all the relevant information and logs as well as list of steps performed.
Any idea, what did I miss?
Environment
- SCOM 2016 UR4 with most recent Management Packs of appropriate UNIX/Linux monitoring family (initial MP's from media upgraded with latest UR) and OSS (Apache, MySQL and common OSS MP)
- CentOS Linux release 7.4.1708 (Core) with default Apache and MariaDB installation (no changes in config files)
- Default SCOM Linux agent installed with following package versions:
scx-1.6.2-339.x86_64mysql-cimprov-1.0.1-5.x86_64apache-cimprov-1.0.1-9.x86_64omi-1.2.0-35.x86_64(this one manually upgraded from SCX-bundled 1.0.8 version that was not compatible with bundledApacheHttpdProvider, bug filed)
Installation history
- Configured users:
scom-maintandscom-monit, along with appropriate RunAs accounts and profiles on the SCOM side - Configured
/etc/sudoers.d/scom - SCX successfully installed via SCOM along with
apache-cimprovandmysql-cimprov - Apache and MySQL monitoring in vanilla state, not configured (eg. Apache module not loaded, MySQL credentials not configured), as all configuration tasks should be available via the appropriate SCOM tasks that should be available within
Apache/MySQL Serversviews.
Logs and files
/var/opt/omi/log/omiagent.root.root.log
Empty, excluding errors related toApacheHttpdProvidertoomiversion compatibility, which ceased to appear after upgradingomito 1.2.0/var/opt/omi/log/omiserver.log
Empty, excluding errors related to errorsFailed to execute PREEXEC programthat were related to this bug and ceased to appear after commenting out the default!includedirin/etc/my.cnf/var/opt/microsoft/mysql-cimprov/log/mysqllog.log
Logs few errors related to the unconfigured MySQL monitoring/var/opt/microsoft/mysql-cimprov/log/scom-monit/mysqllog.log
Quite similar to the previous file/var/opt/microsoft/apache-cimprovdirectory contains no logs or files, there is only an emptyrundirectory/var/opt/scx/scx.loggenerated with verbose option does not containapache/mysqlkeywords (checked withgrep -i)/var/opt/scx/scom-monit/scx.logcontains no errors (justSCX Provider Module loaded)
Update 1
Found and investigating following entry repeating along each discovery cycle (every 4 hours) at /var/log/secure:
sudo: pam_unix(sudo:auth): conversation failed
sudo: pam_unix(sudo:auth): auth could not identify password for [scom-monit]
sudo: scom-monit : command not allowed ; TTY=unknown ; PWD=/var/opt/microsoft/scx/tmp ; USER=root ; COMMAND=/etc/opt/microsoft/scx/conf/tmpdir/scxuFPgv1
Last 6 characters of the COMMAND file are random.
