Lab Overview - HOL-2101-06-CMP - vRealize Operations Advanced Topics

Lab Guidance

Note: It will take more than 90 minutes to complete this lab. You should expect to only finish 2-3 of the modules during your time.  The modules are independent of each other so you can start at the beginning of any module and proceed from there. You can use the Table of Contents to access any module of your choosing.

The Table of Contents can be accessed in the upper right-hand corner of the Lab Manual.

This lab is a collection of feature-based modules that are designed to go into some depth in using several of the common components within vRealize Operations. The modules are all intended to be taken as stand-alone topics for people who want to become more familiar with using and getting value from vRealize Operations.

Lab Module List:

• Module 1 - Creating and Sharing Dashboards (30 minutes) (Intermediate) Learn how to create our own custom dashboards as well as how to share dashboards through various methods.
• Module 2 - Creating and Modifying Views and Reports (45 minutes) (Intermediate) Learn how to create and modify several different types of custom views and reports.
• Module 3 - Use Symptoms and Recommendations to Create Alerts (30 minutes) (Intermediate) Learn how to build a custom alert definition and how alerts can be used in our infrastructure.
• Module 4 - Create Super Metrics Using the Super Metric Editor (45 minutes) (Intermediate) Learn about creating super metrics and how to use the super metrics editor.
• Module 5 - Managing Users and Roles (30 minutes) (Intermediate) Learn how to configure users, user groups, user roles and user permissions and how to share dashboards so certain users can see targeted content.
• Module 6 - Managing vRealize Operations with PowerCLI (30 minutes) (Intermediate) Learn how to use PowerShell to list specific alerts for a chosen VM, find the recommendations for alerts and then apply the recommendations.
• Module 7 - Assess Your vSphere Configuration for Compliance With Industry or Custom Standards (30 minutes) (Intermediate) Learn how vRealize Operations will detect compliance issues and remediate via the Alert framework within vRealize Operations.

 Lab Captain: 

• Ian Smith, Sr. Cloud Management Specialist SE, USA

This lab manual can be downloaded from the Hands-on Labs Document site found here:

http://docs.hol.vmware.com

This lab may be available in other languages.  To set your language preference and have a localized manual deployed with your lab, you may utilize this document to help guide you through the process:

http://docs.hol.vmware.com/announcements/nee-default-language.pdf

Location of the Main Console

1. The area in the RED box contains the Main Console.  The Lab Manual is on the tab to the Right of the Main Console.
2. A particular lab may have additional consoles found on separate tabs in the upper left. You will be directed to open another specific console if needed.
3. Your lab starts with 90 minutes on the timer.  The lab can not be saved.  All your work must be done during the lab session.  But you can click the EXTEND to increase your time.  If you are at a VMware event, you can extend your lab time twice, for up to 30 minutes.  Each click gives you an additional 15 minutes.  Outside of VMware events, you can extend your lab time up to 9 hours and 30 minutes. Each click gives you an additional hour.

Alternate Methods of Keyboard Data Entry

During this module, you will input text into the Main Console. Besides directly typing it in, there are two very helpful methods of entering data which make it easier to enter complex data.

Click and Drag Lab Manual Content Into Console Active Window

You can also click and drag text and Command Line Interface (CLI) commands directly from the Lab Manual into the active window in the Main Console.  

Accessing the Online International Keyboard

You can also use the Online International Keyboard found in the Main Console.

1. Click on the Keyboard Icon found on the Windows Quick Launch Task Bar.

Click once in active console window

In this example, you will use the Online Keyboard to enter the "@" sign used in email addresses. The "@" sign is Shift-2 on US keyboard layouts.

1. Click once in the active console window.
2. Click on the Shift key.

Click on the @ key

1. Click on the "@ key".

Notice the @ sign entered in the active console window.

Activation Prompt or Watermark

When you first start your lab, you may notice a watermark on the desktop indicating that Windows is not activated.  

One of the major benefits of virtualization is that virtual machines can be moved and run on any platform.  The Hands-on Labs utilizes this benefit and we are able to run the labs out of multiple datacenters.  However, these datacenters may not have identical processors, which triggers a Microsoft activation check through the Internet.

Rest assured, VMware and the Hands-on Labs are in full compliance with Microsoft licensing requirements.  The lab that you are using is a self-contained pod and does not have full access to the Internet, which is required for Windows to verify the activation.  Without full access to the Internet, this automated process fails and you see this watermark.

This cosmetic issue has no effect on your lab.  

Look at the lower right portion of the screen

Please check to see that your lab is finished all the startup routines and is ready for you to start. If you see anything other than "Ready", please wait a few minutes.  If after 5 minutes your lab has not changed to "Ready", please ask for assistance.

Module 1 - Creating and Sharing Dashboards (30 minutes)

Introduction

This Module contains the following lessons:

• Cloning and Modifying Existing Dashboards
• Creating a New Custom Dashboard
• Sharing Dashboards

Log into the vRealize Operations Live Instance

This lab environment is running two different instances of vRealize Operations. We have the different vRealize Operations instances for different use cases. The lab instances are:

• Live Instance: Connected to the small running vSphere environment in the lab. There isn't a large inventory of objects in this instance but it allows us to interact with a live system including vCenter.
• Historical View Mode (HVM) Instance: Running a time loop of data that was captured in the past. This instance has a much larger inventory of objects but, since it is not currently connected to a vCenter Server, we cannot perform any actions here.

In this lesson we will be using the live Instance of vRealize Operations.

If you are not currently logged into any instance of vRealize Operations, continue to the next page, but if you are already logged into the live (not historical) instance of vRealize Operations, click here to skip ahead.

Open the Chrome Browser from Windows Quick Launch Task Bar

If your browser isn't already open, launch Google Chrome

1. Click the Chrome icon on the Windows Quick Launch Task Bar

The browser Bookmarks Bar has links to the different instances of vRealize Operations that are running in the lab.

1. The Live instance of vRealize Operations has already been started for you.  

Log in to vRealize Operations

vRealize Operations is integrated with VMware Identity Manager which we will use for user authentication in this lab.

VMware Identity Manager should be pre-selected as the identity source. However, if it is not you will choose it.

1. Click the drop-down arrow if VMware Identity Manager is not selected.
2. Click REDIRECT to be taken to the authentication page.

VMware Identity Manager Login

For the Live instance of vRealize Operations instance, the default username and password should already be entered.  However, if needed type them in.

username: holadmin

password: VMware1!

1. Click Sign in

vRealize Operations Home Screen

You should be at the vRealize Operations Home screen and ready to start the module.

Clone and Modify Existing Dashboards

In this lesson, we will learn how to clone an existing dashboard and modify it to make it our own.

vRealize Operations 8.1 has numerous out-of-the-box dashboards that were created by industry experts who have a deep understanding of vRealize Operations as well as the characteristics and behavior of the underlying objects being managed. However, personalizing a Dashboard to fit a specific role or consolidate other information into a single view is a common use case for most administrators.  

To start, we will clone and make some simple changes to create a custom Overview Dashboard for our administrators. For this example, we will clone the existing Operations Overview dashboard and add the Scoreboard Health, Object relationship and Top Alerts widgets. We will also minimize the three Top-15 widgets that are in the default dashboard so we will have more screen real estate in the dashboard.

Cloning the existing dashboards to create a new or modified dashboard is considered a best practice to ensure your custom content is not affected during an upgrade of vRealize Operations.

Dashboards

NOTE:  If we are already on the Dashboard tab, we can skip this step.

1. Click on Dashboards in the menu bar at the top of the user interface.

Operations Overview Dashboard

1. Click on the arrow next to DASHBOARDS to expand its drop-down menu.
2. Hover the mouse over Operations in the All Dashboards drop-down menu to expose its menu.
3. Then click on Operations Overview.

Operations Overview Dashboard Review

We can now see the Operations Overview dashboard, which will be the basis for our own customized version of this dashboard. In order to modify this existing dashboard, we will first want to "clone" it and then modify the cloned version. We do not want to edit the default out-of-the-box dashboard so we don't potentially break the content and flow. We ALWAYS want to clone a dashboard and edit the clone or just create a brand new custom dashboard from scratch as a best practice!

Manage Dashboards

1. Click on the arrow next to ACTIONS at the top of this dashboard to show the actions menu drop-down.
2. Then click on Manage Dashboards.

Filter for Operations Dashboard

1. Type operations into the Quick filter (Name) field and then hit the ENTER key on our keyboard to search for dashboards with the word operations in the title.

Clone Dashboard

1. Click on the 3 dots to the right of the checkbox on the Operations Overview Dashboard row to open the actions menu.
2. Then click Clone to start the cloning process.

Clone Dashboard - Name the New Dashboard

1. Type Operations Overview - Modified Dashboard into the name text field.
2. Then click on the OK button to save the name.

Manage Dashboards - Edit Dashboard

1. Click on the 3 dots next to the right of the checkbox on the Operations Overview - Modified Dashboard Dashboard row to open the actions menu.
2. Then click Edit.

Edit Dashboard - Minimize

In our custom dashboard, we want to minimize the three Top-15 widgets.

1. Drag the top scroll bar down until we can see the (3) Top-15 widgets.
2. Hover the mouse over the right-hand corner of the Top-15 VM Experiencing CPU Contention widget and click on the double arrow to minimize it.
3. Hover the mouse over the right-hand corner of the Top-15 VM Experiencing Memory Contention widget and click on the double arrow to minimize it. (Note: double arrow not shown in screenshot, but it will become visible when we hover over this widget.)
4. Hover the mouse over the right-hand corner of the Top-15 VM Experiencing Disk Latency (ms) widget and click on the double arrow to minimize it. (Note: double arrow not shown in screenshot, but it will become visible when we hover over this widget.)

Edit Dashboard - Add Widgets

1. Drag the bottom scroll bar down until we see the Object Relationship widget in the list. (should be the second row of new widgets)
2. Click on and drag the Object Relationship widget to the center column above where the Top-15 VM Experiencing Memory Contention widget is located.
3. Click on and drag the Top Alerts widget to the right-hand column above where the Top-15 VM Experiencing Disk Latency (ms) widget is located.

Edit Dashboard - Add Widgets (continued)

1. Drag the bottom scroll bar down until we see the Scoreboard Health widget in the list. (should be the third row of new widgets)
2. Click on and drag the Scoreboard Health widget to the left-most column above the Top-15 VM Experiencing Memory Contention widget.

Edit Dashboard - Show Interactions

1. Click on the Show Interactions text link at the top of the pop-up window.

Edit Dashboard - Connected Relationships

We see that since we cloned an existing dashboard, there are already relationships created from the "Select a Datacenter (DC)" object to the previous included objects (Cumulative Up-Time of all Clusters, Alert Volume and the (3) Top-15 widgets).

Now we need to connect the "Select a Datacenter (DC)" widget to the (3) widgets that we just added (Scoreboard Health, Object Relationship and Top Alerts). We'll do this in the next step.

Edit Dashboard - Connecting Relationships

Here is where we need to connect and create the relationships between the "Select a Datacenter (DC)" widget and the three new widgets we have added. We will do this by dragging and dropping from the "Select a Datacenter (DC)" icon to each of the three icons in the new widgets we added.

1. Click on the circle with an arrow icon in the Select a Datacenter (DC) widget and drag it on top of the circle with the dot icon in the Scoreboard Health widget.
2. Click on the circle with an arrow icon in the Select a Datacenter (DC) widget and drag it on top of the circle with the dot icon in the Object Relationship widget.
3. Click on the circle with an arrow icon in the Select a Datacenter (DC) widget and drag it on top of the circle with the dot icon in the Top Alerts widget.

Edit Dashboard - Completed Relationships

We should now see the lab environment match the screen capture.

As we see here, we have connecting relationship lines from the Select a Datacenter (DC) widget to each of the 3 new widgets we added.

Edit Dashboard - Save

1. Click on the SAVE button to save our changes to the dashboard.

Operations Overview - Modified Dashboard

1. Click on the Operations Overview - Modified Dashboard text link to go into our cloned/modified dashboard.

Completed Dashboard

We see that the top (2) rows of widgets are the original ones that were in the default Operations Overview Dashboard.

1. Drag the scroll bar down to the very bottom of the dashboard.

Review Modifications to Dashboard

1. We now see our (3) new widgets (Scoreboard Health, Object Relationship and Top Alerts) that we added. Because we configured the relationships, when we select a datacenter from the Select a Datacenter (DC) widget, it populates the associated data for the widget we added.
2. We also see the (3) Top-15 widgets are minimized, as previously configured.

Lesson End

Congratulations, we just completed the Clone and Modify Existing Dashboards lesson!

In this lesson, we started out by cloning the Operations Overview Dashboard and then customized the cloned dashboard. We minimized the three Top-15 columns and then added the Scoreboard Health, Object Relationship and Top Alerts widgets to our custom dashboard.

Up next, is the lesson on Creating a New Dashboard.

Creating a New Custom Dashboard

In this lesson, we will learn how to create a new dashboard from scratch.

We will create a brand new dashboard from scratch that will contain an Object List for a list of virtual machines. We will then add the following widgets to the dashboard as well:

• Object Relationship Topology
• Top Alerts
• Health Heat Map
• Top-N for CPU
• Top-N for Memory
• Top-N for Disk Space

Dashboards

NOTE:  If we are already on the Dashboard tab, we can skip this step.

1. Click on the Dashboards tab in the menu bar at the top of the user interface.

Create Dashboard

If you are starting with a blank Dashboard, you can the select the action from the Getting Started section.

1. Click on the arrow next to ACTIONS to expand its drop-down menu.
2. Then click on Create Dashboard.

Create Dashboard - Name

1. Replace the New Dashboard text with OPS Overview (New) in the name text field.

Create Dashboard - Object List

1. Click on and drag the Object List widget to the left side of the open space.
2. Click on the lower right-hand corner of the widget and drag it all the way to the right of the dashboard interface.

Create Dashboard - Object Relationship & Top Alerts

1. Drag the scroll bar down until we see the Object Relationship widget in the list. (should be the second row of new widgets)
2. Click on and drag the Object Relationship (Advanced) widget to the left most column in the open space below the Object List widget.
3. Click on and drag the Top Alerts widget to the middle column in the open space below the Object List widget.

Create Dashboard - Health

1. Drag the scroll bar down until we see the Health widget in the list. (should be the fifth row of new widgets)
2. Click on and drag the Health widget (not the Scoreboard Health widget) to the far right column in the open space below the Object List widget.

Create Dashboard - Top-N

1. Drag the scroll bar all the way down to the bottom.
2. Drag the widgets scroll bar up until we can see the Top-N widget in the second row of widgets.

Create Dashboard - Top-N

1. Click on the Top-N view and drag it to the left column.
2. Drag the scroll bar all the way down to the bottom so we can see the new Top-N view.
3. Click on the Top-N view and drag it to the middle column.
4. Click on the Top-N view and drag it to the right column.

Create Dashboard - Show Interactions

1. Click on SHOW INTERACTIONS text link at the top of the user interface.

Create Dashboard - Create Relationships

We now have to create the relationships between the widgets. We want to be able to click on a virtual machine in the Object List widget and have the rest of the widgets present the data associated with what we selected in the Object List.

1. Click on the circle and arrow icon in the Object List widget and drag it to the circle with a dot icon in the Object Relationship widget.
2. Click on the circle and arrow icon in the Object List widget and drag it to the circle with a dot icon in the Top Alerts widget.
3. Click on the circle and arrow icon in the Object List widget and drag it to the circle with a dot icon in the Health widget.

Create Dashboard - Create Relationships (continued)

After completing the previous steps, we should now see the connecting line from the Object List to the Object Relationship, Metric Chart and Health widgets. We will not be connecting the Object List to the (3) Top-N widgets since we want them to show the Top 10 virtual machines with contention for CPU, Memory and Disk Space. We will see this later once we are done configuring the entire dashboard.

Create Dashboard - Show Interactions

1. Click on HIDE INTERACTIONS text link at the top of the user interface.

Configure Top-N Widget - Menu

We now need to go into the settings of the widgets to make some configuration changes so that they will present the appropriate data in each of the widgets.

1. Hover the mouse over the top of the 1st Top-N (or any other widget) widget in the widget to expose the hidden menu.
2. Click on the Edit Widget (pencil) icon to edit the widget.

Configure Top-N Widget - Name

1. Click on the first Top-N in the left Navigation Pane to edit its properties.

Configure Top-N Widget - Change Name

1. Replace the text Top-N with Top-10 VMs with CPU Contention.
2. Click on the On radio button next to Refresh Content.
3. Click on the On radio button next to Self Provider.
4. Click on the Metric Analysis radio button next to Top-N Options.
5. We see that it automatically selected the Top Highest Utilization radio button for us.

Configure Top-N Widget - Object Types

1. Click on the Output Data selection to expand it.
2. Click on the Add Object Type (green plus sign) to add an object type.

Configure Top-N Widget - Virtual Machine

1. Type virtual machine into the Filter text field and hit the ENTER key on the keyboard.
2. Click on Virtual Machine in the list to select it.
3. Then click on the OK button.

Configure Top-N Widget - Widget

1. Click anywhere inside the Metric text field in order to expose the filter option.  

Configure Top-N Widget - CPU Contention (%)

1. Type CPU into the Metric text field and hit ENTER on the keyboard to filter for it.
2. Drag the scroll bar down until we can see Contention (%) (CPU > Contention) in the drop-down list.
3. Double-Click on Contention (%).

Configure Top-N Widget - Top-N

1. Click on the next Top-N in the Navigation bar on the left side of the pop-up window.

Configure Top-N Widget - Change Name

1. Replace the text Top-N with Top-10 VMs with Memory Contention.
2. Click on the On radio button next to Refresh Content.
3. Click on the On radio button next to Self Provider.
4. Click on the Metric Analysis radio button next to Top-N Options.
5. We see that it automatically selected the Top Highest Utilization radio button for us.

Configure Top-N Widget - Object Types

1. Click on the Output Data selection to expand it.
2. Click on the Add Object Type (green plus sign) to add an object type.

Configure Top-N Widget - Virtual Machine

1. Type virtual machine into the Filter text field and hit the ENTER key on the keyboard.
2. Click on Virtual Machine in the list to select it.
3. Then click on the OK button.

Configure Top-N Widget - Metric

1. Click anywhere inside the Metric text field in order to expose the filter option.  

Configure Top-N Widget - Memory

1. Type Memory into the filter text field and hit ENTER on the keyboard to filter for it.
2. Then click on the arrow next to Memory to expand its drop-down menu.

Configure Top-N Widget - Memory Contention (%)

1. Drag the scroll bar down until we can see Contention (%) in the drop-down list.
2. Double-Click on Contention (%).

Configure Top-N Widget - Top-N

1. Click on the last Top-N in the Navigation bar on the left side of the pop-up window.

Configure Top-N Widget - Change Name

1. Replace the text Top-N with Top-10 VMs with Disk Latency.
2. Click on the On radio button next to Refresh Content.
3. Click on the On radio button next to Self Provider.
4. Click on the Metric Analysis radio button next to Top-N Options.
5. We see that it automatically selected the Top Highest Utilization radio button for us.

Configure Top-N Widget - Object Types

1. Click on the Output Data selection to expand it.
2. Click on the Add Object Type (green plus sign) to add an object type.

Configure Top-N Widget - Virtual Machine

1. Type virtual machine into the Filter text field and hit the ENTER key on the keyboard.
2. Click on Virtual Machine in the list to select it.
3. Then click on the OK button.

Configure Top-N Widget - Metric

1. Click anywhere inside the Metric text field in order to expose the filter option.  

Configure Top-N Widget - Virtual Disk Total Latency (ms)

1. Type virtual disk: into the Metric text field and hit ENTER to filter for it.
2. Click on the Chevron beside Virtual Disk to expand it.
3. Click on the Chevron beside Aggregate of all Instances to expand it.
4. Double-Click on Total Latency (ms).

Configure Object List

1. Click on Object List in the left Navigation Pane of the pop-up window.

Configure Object List - Change Name

1. Type Virtual Machines into the Name text field.
2. Click on the On radio button to the right of Refresh Content.
3. Click on the On radio button to the right of Self Provider.
4. Click on the On radio button to the right of Auto Select First Row.

Configure Object List - Output Filter

1. Click on Output Filter.
2. Then click on the arrow next to Object Types to expand its menu.

Configure Object List - Virtual Machine (8)

1. Drag the scroll bar down until we can see Virtual Machine (13) in the drop-down list.
2. Then click on Virtual Machine (13).

Save Dashboard

1. Drag the scroll bar all the way to the bottom of the pop-up window.
2. Then click on the SAVE button to save our configuration settings.

Save Dashboard (continued)

1. Click on the SAVE button to save our configuration settings one more time.

Review Dashboard

1. Drag the scroll bar all the way to the top of the dashboard.
2. We see that the base-linux-web virtual machine is already selected for us since we set the first object to be selected automatically in the settings.
3. We now see that the three widgets (Object Relationship, Top Alerts and Health) now are populated with metrics related to the base-linux-web virtual machine.

Review Dashboard (continued)

1. Drag the scroll bar all the way to the bottom of the dashboard.
2. We see that we have the (3) Top-10 VMs widgets based on CPU Contention, Memory Contention and Disk Latency.

Lesson End

Congratulations, we have completed the lesson on Creating a New Custom Dashboard!

In this lesson, we created a brand new custom dashboard that contained an Object List of virtual machines that had relationships to all the other widgets. However, we did not create the relationship from the virtual machine in the Object List widget to the Top-N widgets. This ensures that no matter which virtual machine we selected from the Object List widget, the Top-N widgets will always show the Top-10 VMs with CPU contention, Memory contention and Disk latency.

Up next is the lesson on Sharing Dashboards.

Sharing Dashboards

In this lesson, we will learn how to share the numerous dashboards available in vRealize Operations 8.1.

There are several very useful options for administrators to share dashboards to other personnel in their company. Now we can share a dashboard using a URL that can be given to ANYONE in our organization and they don’t even need to be able to access our vRealize Operations environment. This is a super useful feature when we need to share performance or capacity information to others in the organization, but don’t want them logging into our vRealize Operations instance.

We will see that we can also set an expiration time frame for the shared dashboard to be available. This is also really useful when you just want to give someone a view into a specific portion of the infrastructure for a limited period of time.

We can also share a dashboard through an email just by selecting the correct SMTP instance we have already set up in vRealize Operations and entering the email of the recipient you want to have your new dashboard. Like with the other sharing options, we can also put an expiration time frame for the email as well.

We can even embed the dashboard into any other web page by simply copying the HTML code provided and pasting it into any system like Confluence or our own internal intranet portal.

Group sharing is simply giving dashboard access to any group that currently is set up through the authentication source we already have configured in vRealize Operations.

The final option gives us the ability to export the dashboard and move it to any other vRealize Operations environment. This is very useful when we have multiple vRealize Operations instances or we have a Development instance that we use to play with and make our custom content.

We also have a great new website to contribute cool dashboards we have made called the Dashboard Exchange. We can get to the dashboard exchange quickly by visiting this site at https://vrealize.vmware.com/sample-exchange/.

We have commonly seen the (NOC) Network Operations Center of an IT organization share the Operations Overview dashboard on their large monitors in their NOC. They have created web pages that contain various bits of information from various monitoring systems in order to minimize the amount of monitors they have to have in the NOC. We can easily give them what they need by providing them an embedded link to the dashboard in which they can embed into their existing web portal. That way they don't have to add an additional monitor to house the vRealize Operations dashboard. We will use this scenario in this lesson to learn how to share out the Operations Overview dashboard to them.

Dashboards

NOTE:  If we are already on the Dashboard tab, we can skip this step.

1. Click on the Dashboards tab in the menu bar at the top of the user interface.

Operations Overview Dashboard

In our example, we want to share the Operations Overview dashboard with the (NOC) Network Operations Center, so lets go to the Operations Overview dashboard.

1. Click on the arrow next to DASHBOARDS to expand its drop-down menu.
2. Hover the mouse over Operations in the All Dashboards drop-down menu.
3. Then click on Operations Overview.

Operations Overview Dashboard Review

To recap this scenario, the NOC personnel want to have the Operations Overview dashboard showing in the NOC at all times so they can monitor the virtual environment after hours. We need to share this dashboard with them, but remember they have a web portal that they use. Therefore, we will need to provide them the embedded link that they can simply add to their existing web portal.

Share Dashboard

1. Click on the Share Dashboard (three connected circles) icon in the upper right-hand side of the Operations Overview dashboard.

Share Dashboard - URL

In this example we can simply create a URL to provide to anyone so they can view the dashboard. For Link Expiry, we have the options to select (1) Day, (1) Week, (1) Month, (3) Months and Never Expire. We see that the link to the dashboard is already filled in. We would then click on the COPY LINK button to copy it to the computer's clipboard allowing us to copy it into a file, email, etc.

Share Dashboard - Email

In this example, we want to send the dashboard link to someone via an email address directly from the vRealize Operations interface. As a note, we won't actually be sending the link to the dashboard to an email address. We will just run through the steps as though we are going to.

1. Click on the EMAIL icon to select email as an option to send the link.

Again, we have the options to select (1) Day, (1) Week, (1) Month, (3) Months and Never Expire. In this lab environment, we do not have an SMTP instance configured. In a production environment, we would configure this with the company email server information by clicking on the CONFIGURE button if it wasn't already configured within vRealize Operations. Then we would type the email address of the individual we are sending the link to. Finally, we would click the SEND button to send the email with the link to the dashboard to the receiver.

Share Dashboard - Embed

In the introduction of this lesson, we discussed the scenario of the (NOC) Network Operations Center having a web page that they wanted to embed the Operation Overview dashboard in. We will now go through the steps associated to accomplish providing them the embedded dashboard.  

1. Click on the EMBED icon in the Share Dashboard pop-up window. We want this selection since they want the dashboard included in their existing web portal in the NOC.
2. Next click on the arrow next to Link Expiry: to expand its drop-down menu.
3. Click on Never Expire since we want this for the NOC and do not want their access to expire.

Share Dashboard - Copy to Clipboard

1. Click on the COPY button.
2. We see that by clicking the COPY button, that the embedded link has been successfully copied to the clipboard. It is now ready to be copied into an email or some other method in which we can provide the NOC the link to use in their web portal.

Share Dashboard - Groups

In this example, we need to authorize only a previously established security group in vRealize Operations access to this dashboard. Currently the Everyone group has access to this dashboard, but we want to limit it only to a specified group and remove the Everyone group.

1. Click on the GROUPS icon in the pop-up window.
2. Click on the arrow to the left of the INCLUDE button. We see that we only have two options configured in this environment. This list will vary from one environment to another based on what groups have been configured within vRealize Operations.

We would then click on the INCLUDE button to give this group(s) access to the dashboard.

Share Dashboard - Export

Lets pretend that the dashboard we are currently in is a custom dashboard that an administrator built and is not a default out-of-the-box dashboard. We want to export this dashboard because we have another instance of vRealize Operations in a (DR) Disaster Recovery datacenter and want to have the same dashboard in that instance as well. So we need to export the dashboard and then import it into the instance in the DR datacenter.  

1. Click on the EXPORT button in the pop-up window.
2. Then click on the GO button to export it into a ZIP file format.

Share Dashboard - Download File

We see that it will download the dashboard as a ZIP file. We could then copy this ZIP file over the DR site and then import it into that vRealize Operations instance.

1. Click on Cancel to close this window.

Share Dashboard - Exit

That's it, we have gone through all the options for sharing dashboards in vRealize Operations 8.1!

1. Click on the X in the upper right-hand corner of the Share Dashboard pop-up window to close it.

Lesson End

Congratulations, we have just completed the Sharing Dashboards lesson which is the last lesson of Module #1 - Creating and Sharing Dashboards!

In this lesson, we learned how to share vRealize Operations 8.1 dashboards through various methods. We can share them via a URL, Email, Embedded file, Groups or Export the dashboard to import into another instance of vRealize Operations.

Up next is Module #2 - Creating and Modifying Views and Reports.

Conclusion

In this module, we first looked at how to clone an existing dashboard and then modified it to our needs. We did this because it is never a good idea to modified one of the default dashboards in vRealize Operations. By cloning and modifying the cloned copy, it ensures that nothing happens to the default pre-built dashboards.

Next, we created a new custom dashboard that had all the specific widgets we wanted in it. We added various types of widgets, configured each of them and then created the relationships between them.

Lastly, we reviewed the various options on how to share dashboards which included copying the URL, sending via email, embedding the HTML, assigning specific groups and export the dashboard.

You've finished module 1

Congratulations on completing the lab module.

If you are looking for additional general information on vRealize Operations 8.1, try one of these:

• VMware Product Public Page - vRealize Operations:  https://www.vmware.com/products/vrealize-operations.html
• vRealize Operations 8.1 - Release Notes:   https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/rn/vRealize-Operations-Manager-81.html
• vRealize Operations 8.1 - Documentation:  https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/com.vmware.vcom.core.doc/GUID-7E6B5805-3D2F-41C4-ADFF-B7248386E7AC.html
• VMware Cloud Management Blog - What's New in vRealize Operations 8.1:  https://blogs.vmware.com/management/2020/03/whats-new-in-vrealize-operations-8-1.html

From here you can:

1. Click to advanced to the next page and continue with the next lab module
2. Open the TABLE OF CONTENTS to jump to any module or lesson in this lab manual
3. Click on the END button if you are done with the lab for now and want to exit

Module 2 - Creating and Modifying Views and Reports (45 minutes)

Introduction

This Module contains the following lessons: 

• Create Customized View
• Simple View showing VM list with Metrics and Properties
• Create a View with Variable data
• Create a View with Trends
• Create a View with Distribution data
• Create Reports from Views and Dashboards

Log into the vRealize Operations Live Instance

This lab environment is running two different instances of vRealize Operations. We have the different vRealize Operations instances for different use cases. The lab instances are:

• Live Instance: Connected to the small running vSphere environment in the lab. There isn't a large inventory of objects in this instance but it allows us to interact with a live system including vCenter.
• Historical View Mode (HVM) Instance: Running a time loop of data that was captured in the past. This instance has a much larger inventory of objects but, since it is not currently connected to a vCenter Server, we cannot perform any actions here.

In this lesson we will be using the live Instance of vRealize Operations.

If you are not currently logged into any instance of vRealize Operations, continue to the next page, but if you are already logged into the live (not historical) instance of vRealize Operations, click here to skip ahead.

Open the Chrome Browser from Windows Quick Launch Task Bar

If your browser isn't already open, launch Google Chrome

1. Click the Chrome icon on the Windows Quick Launch Task Bar

The browser Bookmarks Bar has links to the different instances of vRealize Operations that are running in the lab.

1. The Live instance of vRealize Operations has already been started for you.  

Log in to vRealize Operations

vRealize Operations is integrated with VMware Identity Manager which we will use for user authentication in this lab.

VMware Identity Manager should be pre-selected as the identity source. However, if it is not you will choose it.

1. Click the drop-down arrow if VMware Identity Manager is not selected.
2. Click REDIRECT to be taken to the authentication page.

VMware Identity Manager Login

For the Live instance of vRealize Operations instance, the default username and password should already be entered.  However, if needed type them in.

username: holadmin

password: VMware1!

1. Click Sign in

vRealize Operations Home Screen

You should be at the vRealize Operations Home screen and ready to start the module.

Create Simple View showing VM list with Metrics and Properties

In this lesson, we will create a view.  A view can be used in dashboards and reports.  A view is also viewable as its own content in the Details section of the vRealize Operations interface. 

The view for this lesson is a starting point and intended to be a simple example to create.  It will contain some basic metrics and properties for virtual machines.  

Go to Environment

1. Click on Environment.

Hosts and Clusters

1. Click on vSphere Hosts and Clusters.

Expand vSphere World

1. Expand vSphere World.
2. Select vCenter.
3. Click on more...

Create a View

1. Click on Details.
2. Click ADD to create a new view.

View Name

The view creation wizard starts.  Create a view with the following:

Name and Description

1. Enter the name Demo - Simple List of VMs with Metrics and Properties.

Presentation

1. Click on Presentation.
2. Select: List.

Subjects

1. Click on Subjects.
2. Enter virtual machine (Begin typing and the list will populate with matched options).
3. Click on Virtual Machine.

Data - Properties

1. Click on Data.
2. Switch from Metrics to Properties by clicking the chevron to show the drop-down options.

Selected Properties

1. Expand Summary (Note: you may need to scroll down to see Summary).
2. Double-click on Parent Cluster (drag and drop the data to the center will work also).
3. Double-click on Parent Host.
4. Double-click on Datastore(s).

Data - Metrics

We've been working with Virtual Machine Properties, now we need to select Virtual Machine metrics.

1. Switch from Properties back to Metrics.
2. Scroll back to the top of the list.

Select Metrics

1. Expand Configuration by clicking the chevron.
2. Expand Hardware.
3. Double-click Number of CPUs (vCPUs).

Memory Metrics

Scroll down and Expand Memory

1. Scroll down until you see the Memory category item.
2. Expand the Memory category by clicking the chevron.

Total Capacity

1. Scroll down to until you see the Total Capacity (KB) item.
2. Double-click on Total Capacity (KB) to add it to the view.

Summary

1. In the center of the screen, Click on Summary.
2. Click on the green plus sign to create a summary.

Aggregation

1. Change aggregation to Sum by using the drop-down menu.
2. Click show advanced settings.

Clear All

1. Deselect all by clearing the check box next to Data.

Clicking the box will toggle 'Select all' and 'De-select All'.

Make sure your screen matches the image.  Nothing should be selected at this point.

Selected Sum

Scroll down to find the following:

1. Scroll down to find the following items.
2. Select Configuration|Hardware|Number of CPU(s) (vCPUs).
3. Select Memory|Total Capacity.
4. Click SAVE.

Viewing the data

After clicking Save you will be in the view area again.  The data we just selected will be displayed.

You should see the three properties and two metrics we selected.  At this point, your view is created and saved.

View the Sums

1. Scroll Down to the bottom of the results to see the summary for the total vCPUs and Total Memory.

The sum is for all the Virtual Machines contained in the view.  

Because we used Virtual Machines as our subject matter, the view can be utilized for a single VM or anything that contains Virtual Machines like Hosts, Groups, Clusters, Datacenters, Applications, etc.

Feel free to navigate to a Host or any object that contains virtual machines to see the flexibility of a View.

Lesson End

This completes the Simple View creation.  In the next lesson, we will show how to create a view with variable data.

Create a View with Variable Data

In this lesson, we are going to create a custom view.  The view will concentrate on Virtual Machine data but can be applied to any resource collected in vRealize Operations.

Views can be used within reports and dashboards.  They also allow vRealize Operation Users to see data within vRealize Operations.

Go to Environment

1. Click on Environment.

Hosts and Clusters

1. Expand vSphere Environment if needed.
2. Click on vSphere Hosts and clusters.

Select a vCenter Server

1. Expand vSphere World.
2. Select vCenter Server vCenter.
3. Click on more...

Create a View

1. Click on Details.
2. Click the ADD to create a new view.

View Name

Create a view with the following data:

Section 1. Name

1. Enter Demo - Variable Data.

View Presentation

1. Click on 2. Presentation.
2. Click on List.

Subjects - Virtual Machine

1. Click on 3. Subjects.
2. Begin typing Virtual Machine (Start typing Virtual and the list will show available resources that match).
3. Click on Virtual Machine.

Data Metrics

1. Click on 4. Data.
2. Expand CPU by clicking on the chevron to the left of CPU.
3. Double-Click Demand (%).
4. Double-Click Demand (%)  again (It will be in the list on the right two times).

Metric Transformation

1. After Demand (%) is in the list a second time, select the second instance with a single click.
   • The screenshot was taken after the changes were made to the Metric label.  The Data column will reflect what you type into the Metric label.
2. For Metric label: Enter "CPU Max %" (This will be our column header name in the final view).
3. For Transformation, Select Maximum in the drop down list.

Note:  You may need to manipulate the screen by scrolling down in the configuration area.

CPU Ready

1. Put Ready (%) into the data  window with a double-click (or drag and drop). NOTE: You may need to scroll down a little to see the "Ready (%)" item.
2. Change Transformation to Metric Correlation in the drop down list.

Correlation

You may have to scroll down to see the metric correlation area. There will be a link to select the correlated metric.  

1. Scroll down in this Configuration window so you cna see the Correlated Metric Item .
2. Click select... beside Correlated Metric.

Correlated Metric

In the pop-up window:

1. Expand CPU
2. Select Demand (%)
3. Click OK

With this correlation, we are going to see the value of CPU Ready (%) when the CPU Demand (%) is at a maximum.

Time Settings

In the center of the screen:

1. Click on Time Settings.

Number of Days

1. Set the Relative Date Range to the Last 30 Days.

Date Range

In the center of the screen:

1. Click on Filter to create a virtual machine filter.

Filter

Switch from Metrics to Properties using the drop down lists for all of these properties.

1. Select Properties
2. Expand Summary and Expand Runtime, Double-click 'Power State'.
3. Select: is
   • Use the tab key to move into the property value field.  You should see the available options of Powered On and Powered Off.
4. Select: Powered On from Property Value Menu.
5. Click SAVE.

View Results

We now have a view that shows us the last CPU Demand collected for each Powered ON Virtual Machine.  We also show the Maximum CPU Demand as a percentage for the last 30 days.  The last value in our view shows us what the Ready % was when the demand was at maximum during the same 30 day period.

This is a very powerful feature of the product.  While we are showing the ready % when the CPU is highly demanded, you may wish to see what disk latency looks like when network transmissions are high.  You can correlate any two metrics that are being collected in vRealize Operations.

Lesson End

This completes this lesson.  In the next  lesson, we will create a view with trended data.

Create a View with Trends

In this lesson, we continue the concept of creating custom views.  This time, we will create a view with data that is trended over a period of time.

Go to Environment

1. Click on Environment.

Hosts and Clusters

1. Click on vSphere Hosts and Clusters.

Select a vCenter Server

1. Expand vSphere World.
2. Select vCenter Server vCenter.
3. Click on more...

Create a View

1. Click on Details.
2. Click ADD to create a new view.

View Name

1. Enter the name: Demo - Trend View.

Presentation Style

1. Click on  2. Presentation.
2. Select Trend.
3. When selecting a Trend presentation, notice the option to set The maximum plot lines.  The default is 25.  
   • Since we are using Virtual Machines as our subject, If we select a cluster that has 25 or more virtual machines, the view we are creating will attempt to display 25 trend lines.  It can be a crowded view.  Be aware of that constraint when you are selecting the metrics to trend.  You can always create multiple views to display different metrics trended.  

NOTE:  Be aware that properties cannot be trended, only metrics.

View Subjects

1. Click on 3. Subjects.
2. Type Virtual Machine in the search field and a filtered list will appear.  
3. Click on Virtual Machine.

View Data

1. Click on 4. Data.
2. Scroll down to the bottom of this page so you can see the Storage Item.
3. Expand Storage.
4. Double-click Read Latency (ms) (You may drag and drop the metric as well).

Transform the Data

Once the metric is in the view, single-click on it and change the following:

1. Scroll down the bottom of the Configuration window se we can see all the options.
2. Uncheck Trend of the historical data.
3. Uncheck Forecast data for the next.
4. In the center of the window, click on Time Settings.

Time Range

1. Change the Relative Date Range to Last 30 Days.
2. Click SAVE.

Summary

You now have a view that shows selected virtual machines read latency trended over the last 30 days.  While we unchecked the forecast data option, leaving it checked would have trended the forecast of the selected metrics for up to a year.

Lesson End

You have completed this lesson.  The next lesson will show how to create a view with distribution data.

Create a View that shows VM Growth

If you've completed the previous lessons in this module, we have created various views. In this lesson, we continue creating custom views with data transformation.  With data transformation, we can represent the maximum value as well as expressions to show datacenter VM growth.

Go to Dashboards

1. Select Dashboards.

Go to Views

1. Click Views.

Create a View

1. Select ADD to create a new view.

Add View Name

1. Input the name: VM Growth Detail.
2. Select 2. Presentation.

Presentation Type

1. Select List as the presentation type.
2. Select 3. Subjects.

Add View Subject

1. Click in the subject input field and type "data".
2. Select the auto populated Datacenter.
3. Select 4. Data.

Add Metrics to your View

1. Open Summary by clicking on the chevron to the left of Summary.

Add Data to your View

1. Scroll down to see the item Number of Running VMs.
2. Double-click Number of Running VMs 3 times.
3. Afterwards, you should see 3 items in the window on the right.

Modify Current Number of VMs

1. Select the 1st Number of Running VMs Metric.
2. In the Metric label field, Type VM Current as the label.

Add Max Transformation

1. Select the 2nd Number of Running VMs Metric.
2. In the Transformation field, select Maximum in the drop down list.
3. Type VM Running Max for the Metric Label.

Add Growth Transformation

1. Select the 3rd Data object.
2. Name this data Object VM Growth in the Metric label field.

Add Growth Transformation Expression

For this datapoint we are adding our own expression for growth.  To show growth of VM's per datacenter we will use this expression:  (((last-first)/first)*100). This will give use the percentage of growth in VM for the time period of this view.  

1. Change the Transformation field type from current to Expression.
2. Scroll all the way down in this window so we can see the Expression Formula.
3. Add the expression (((last-first)/first)*100)
4. Optional:  If you have many datacenters you can select to sort the list by growth - ascending or descending.

Select Preview Source

1. Select preview source.
2. If you do not see Select preview source, you may need to scroll up.

Select an Object

1. Open the vCenter Adapter.
2. Open Datacenter.
3. Select HOL Datacenter.
4. Select OK.

Preview Data

When we look at the preview data, it is always best to ensure the view is working correctly, and it is the right data we want to represent.  Notice that the VM current and Max are the same, and we have no VM growth.  Now we will make a change in the environment to make our new expression work!

Open vCenter in a new tab

1. Select a new Tab.
2. Click on the vSphere Client button.

Log into vCenter

1. Select Use Windows session authentication.
2. Select Login.

Power Off VM

1. Select the VM web-01a.
2. Select Power Off VM.

Confirm Power Off

1. Select YES to power off the VM.

Switch back to vRealize Operations

1. Select vRealize Operations Tab to return to vRealize Operations.

Refresh the View

1. Select the refresh button to preview the source again.

Note - this may take 1 minute for the next collection cycle to refresh content.

Preview Final Data

1. Now we can see that the amount of VM's running has decreased from the max value and the growth has decreased by 11.11%.
2. If you are comfortable with the data, you may select Save.

Make a Growth List Report

1. Click Reports.

Add New Report

1. Select ADD to create a new report.

Name the Report

1. Name the Report VM Growth Report.
2. Select 2. Views and Dashboard.

Add the VM Growth Detail view to the report

1. Click in the Filter area, and type VM Growth and press Enter.
2. Select the VM Growth Detail View and drag it to the right.
3. Select SAVE.

Locate the created report

You will now see your new report at the bottom of the report list.

1. Click the 3 dots beside the checkbox to open the actions menu.

Run the Report

1. Select Run to run the Growth Report.

Select Object to run the report

1. Expand vCenter Adapter by clicking on the chevron beside vCenter Adapter.

Select vSphere World

1. Scroll at the way to the bottom of this page so we can vSphere World.
2. Expand vSphere World by clicking the chevron to the left of the text.
3. Select vSphere World.
4. Click OK.

View the Report

1. Select Generated Reports Tab.
2. We have the option to download the report in either PDF or CSV format, for this exercise select the red PDF icon (note you may have to wait a moment for the report to finish).

Save the Report

1. Keep the default file name and select Save to save the new Report.

Open the Report

1. Click on the report to open it.

Review the Report

Now we have a report that includes detail about the growth of VM's in each DataCenter.  We can send this to leadership to identify the growth trends each month, each week, or every day!

Switch Back to vCenter

1. Return to the vCenter by clicking back to the open vCenter Tab. If you closed this tab, you will need to open a new tab and log back into vCenter.

Start the web-01a VM

Let's restart the web-01a VM that we shutdown earlier because this VM will be needed in future lessons.

1. Click on the VM web-01a.
2. Click Start icon to restart this VM (or right-click and select Power On).
3. You may now click the x on the vCenter tab to close it.

Lesson End

This concludes the Create a View that shows VM Growth Lesson.

Create a View with Distribution data

If you've completed the previous lessons in this module, we have created various views.  In this lesson, we continue creating custom views with the Distribution view.  The distribution view gives us the ability to create pie charts based on data from selected object type.

Go to Environment

1. Click on Environment.

Hosts and Clusters

1. Click on vSphere Hosts and Clusters.

Select a vCenter Server

1. Expand vSphere World by clicking the chevron to the left of the text.
2. Select vCenter Server vCenter.
3. Click on more...

Create a View

1. Click on Details.
2. Click ADD to create a new view.

Enter the View name

1. Enter the view name Demo - Distribution View.

View Presentation

1. Click on 2. Presentation.
2. Select Distribution.

Distribution Type

1. Scroll down in this window until you see Distribution Type.
2. Select Discrete distribution as the Distribution Type.

View Subjects

1. Click on 3. Subjects.
2. Type Virtual Machine.  The filter will display resources that match what is typed.  
3. Click on Virtual Machine.

Select Properties

1. Select 4. Data.
2. Switch from Metrics to Properties.

Expand Properties

1. Expand Summary by clicking the chevron to the left of the text.

Select a Property

1. Scroll down so we can see the Guest Operation System Item.
2. Expand Guest Operating System by clicking on the chevron to the left of the text.
3. Double-click on Tools Version to add it to the Data list on the right side of this window.
4. Click SAVE.

Find our Newly Created View

1. In the quick search filter, type Demo and hit Enter.
2. Click on our Demo - Distribution View to open it.

Select Preview Source

Our view is blank because we haven't selected a data source.

1. Click Select preview source... in the top right-hand corner of the window.

Select the vCenter Object

1. In the drop-down, select vSphere Hosts and Clusters.
2. Expand vSphere World by clicking the chevron.
3. Click vCenter to select that object as the preview source for our new view.
4. Click OK.

View Results

We will now have a distribution of the VMware Tools versions in the environment!

Lesson End

We have completed this lesson on Creating a View with Distribution Data!  In the next lesson, we take you through the process to put views and dashboards into reports.

Create Reports from Views and Dashboards

In this lesson, we show how to create custom reports using views and dashboards.

Go to Environment

1. Click on Environment.

Hosts and Clusters

1. Click on vSphere Hosts and Clusters.

Select a vCenter Server

1. Expand vSphere World by clicking the chevron to the left of the text.
2. Select vCenter Server vCenter.
3. Click on more...

Create a Report

1. Click on Reports.
2. Click ADD to create a new report.

Report Name

1. Name the report Demo - Report from Views and Dashboard.
2. Click 2. Views and Dashboards.

Selected Views

1. In the search box, type Size and hit Enter.
2. Double-click Oversized Virtual Machines.
3. Double-click Undersized Virtual Machines.

Select Dashboard

1. Change the Data Type from Views to Dashboards.
2. In the Quick Filter, type cost and hit Enter.
3. Double-click Assess Cost to add it to the Report.

Report Format

1. Select 3. Formats.
2. Since we are including a dashboard as part of this report, uncheck CSV.  A dashboard will not convert to CSV (comma separated values).

Layout Options

1. Select 4. Layout Options.

We have the ability to include the following:

• Cover Page
• Table of contents
• Footer

For a Cover Page:

• Can contain an image up to 5 MB.
• The default report size is 8.5 inches by 11 inches. The image is resized to fit the report front page.

Table of Contents

• Provides a list of the template parts, organized in the order of their appearance in the report

Footer

• Includes the date when the report is created, a note that the report is created by VMware vRealize Operations Manager, and page number.

 Don't make any changes here, we will use the default settings.

Portrait or Landscape

Each view and dashboard can be oriented to portrait or landscape mode.  For dashboards in a report, landscape will likely be a better choice to simulate the aspect ratio of a monitor.  Some dashboards require scrolling.  When a dashboard is too large to be displayed on the screen, it will not fit into a report very well either. Make sure Assess Cost is set to Landscape.  

1. Click the layout icon and select Landscape.

Save

1. Click SAVE in the bottom right corner of the window.

New Report has been Created

We can now see our new report in the Reports List.

1. Click the 3 dots to the left of the report name to open the actions menu.

Run the Report

1. Click Run the run the report.

Generated Reports

1. Click on Generated Reports to see the newly created report.

Select PDF

The report will be available as a PDF for viewing. Note, it may take a moment to complete before the PDF is available.

Clicking the PDF icon will allow you to save it to the local drive. Feel free to save and open the PDF to see the results.

Lesson End

You have completed the last lesson in this module.  You should now have an understanding in creating new views.  You also now have the tools to create reports from any view or dashboard.

Conclusion

In this module you explored a few approaches for creating new and customizing views and reports in vRealize Operations.

You've finished module 2

Congratulations on completing the lab module.

If you are looking for additional general information on vRealize Operations 8.1, try one of these:

• VMware Product Public Page - vRealize Operations:  https://www.vmware.com/products/vrealize-operations.html
• vRealize Operations 8.1 - Release Notes:   https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/rn/vRealize-Operations-Manager-81.html
• vRealize Operations 8.1 - Documentation:  https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/com.vmware.vcom.core.doc/GUID-7E6B5805-3D2F-41C4-ADFF-B7248386E7AC.html
• VMware Cloud Management Blog - What's New in vRealize Operations 8.1:  https://blogs.vmware.com/management/2020/03/whats-new-in-vrealize-operations-8-1.html

From here you can:

1. Click to advanced to the next page and continue with the next lab module
2. Open the TABLE OF CONTENTS to jump to any module or lesson in this lab manual
3. Click on the END button if you are done with the lab for now and want to exit

Module 3 - Use Symptoms and Recommendations to Create Alerts (30 minutes)

Introduction

vRealize Operations Alerts are similar to rules used for years in monitoring critical IT resources. However, previous rule-based systems tended to be static and difficult to build, deploy, and maintain. vRealize Operations leverages built-in analytics and pre-defined content to provide a dynamic, effective, and scalable approach for identifying and resolving issues in your environment. 

Alert Definitions consist of the following components that raise alerts, provide recommendations, and take automated actions to resolve the issues: 

Symptoms 

Symptoms define conditions that trigger if a condition becomes true; they are based on metrics or super metrics, message events, or fault events. A symptom set combines one or more symptom definitions by applying an Any or All condition that can trigger the alert.

Recommendations 

Recommendations are the remediation options provided to resolve the issues.  Recommendations are provided by domain experts and can be extended to include tribal knowledge, local procedures, etc. 

Actions 

Actions are accessible in several places inside of vRealize Operations. They can link to recommendations for the user to execute after review, or be fully automated to execute when the alert is triggered.

This Lab 

Upon completing this lab, you will be able to:

• Build a custom Alert Definition
• Simulate issues in the environment to demonstrate how to customize the alerts
• Utilize the different ways alerts can be used based on the critical nature or other characteristics of the monitored infrastructure

Log into the vRealize Operations Live Instance

This lab environment is running two different instances of vRealize Operations. We have the different vRealize Operations instances for different use cases. The lab instances are:

• Live Instance: Connected to the small running vSphere environment in the lab. There isn't a large inventory of objects in this instance but it allows us to interact with a live system including vCenter.
• Historical View Mode (HVM) Instance: Running a time loop of data that was captured in the past. This instance has a much larger inventory of objects but, since it is not currently connected to a vCenter Server, we cannot perform any actions here.

In this lesson we will be using the live Instance of vRealize Operations.

If you are not currently logged into any instance of vRealize Operations, continue to the next page, but if you are already logged into the live (not historical) instance of vRealize Operations, click here to skip ahead.

Open the Chrome Browser from Windows Quick Launch Task Bar

If your browser isn't already open, launch Google Chrome

1. Click the Chrome icon on the Windows Quick Launch Task Bar

The browser Bookmarks Bar has links to the different instances of vRealize Operations that are running in the lab.

1. The Live instance of vRealize Operations has already been started for you.  

Log in to vRealize Operations

vRealize Operations is integrated with VMware Identity Manager which we will use for user authentication in this lab.

VMware Identity Manager should be pre-selected as the identity source. However, if it is not you will choose it.

1. Click the drop-down arrow if VMware Identity Manager is not selected.
2. Click REDIRECT to be taken to the authentication page.

VMware Identity Manager Login

For the Live instance of vRealize Operations instance, the default username and password should already be entered.  However, if needed type them in.

username: holadmin

password: VMware1!

1. Click Sign in

vRealize Operations Home Screen

You should be at the vRealize Operations Home screen and ready to start the module.

Using Symptoms and Alerts to Trigger Recommendations and Actions

For this lesson, we will start by creating a Symptom Definition.  Symptom Definitions enable the vRealize Operations to identify problems with objects in your environment.  These Symptom Definitions will then trigger Alerts when conditions qualify as problems.  In this scenario, the condition to monitor is the high CPU workload on the virtual machine "app-01a".  Creating one or more of the Symptoms enables them to be added to an Alert Definition.  When a symptom is triggered, vRealize Operations will then issue an alert.  In this lesson, we'll go through this in more detail.

Creating Custom Alerts

Alert, Symptom and Recommendation definitions are all managed under the Alerts tab.

1. Click the Alerts tab.
2. Click the chevron to expand Configuration if needed to show the configuration options.
3. Click Symptom Definitions.
4. Click ADD to create a new Symptom Definition.

Select vCenter Object

1. Click the chevron to show the list of Base Object Types.
2. Scroll down until you see vCenter Adapter.
3. Click vCenter Adapter.

Select Virtual Machine

1. Scroll down until you see Virtual Machine.
2. Select Virtual Machine.

CPU Usage Definition

Configure the Symptom Definition with the following parameters.

1. Type a metric filter of CPU|USAGE and hit Enter. 
2. Double-click Usage (%).
3. Type High CPU for the symptom name.
4. Set the definition to Critical.
5. Type 95 as the value the symptom must exceed to be triggered.
6. Click to expand the Advanced section.
7. Modify the Wait Cycle to 1.  
   • The Wait Cycle field shows that the trigger condition should remain true for this number of collection cycles before the symptom is triggered. This means that the symptom is triggered in the same collection cycle when the condition became true.
8. Modify the Cancel Cycle to 2.  
   • The Cancel Cycle field shows that the symptom after the trigger condition is false for this number of collection cycles, after which the symptom is canceled. This means that the symptom is canceled in the same cycle when the condition becomes false.
9. Click SAVE.

Alert Definition

Alert Definitions are a combination of symptoms and recommendations you can use to identify problem areas in your environment and generate alerts.

To create Alert Definitions:

1. Click Alert Definitions.
2. Click ADD to create a new Alert Definition.

Alert Name and Base Object Type

1. Type High CPU Alert for the alert name.
2. Click in the Base Object Type search field and type Virtual Machine.
3. Click Virtual Machine.

Alert Impact Settings

Alert Impact

Alert Impact settings and their definitions are shown below.  These settings determine how your alert will be classified and triggered.  
Note: The default settings will be used in this scenario.  

• The Impact field will categorize the alert as a health, risk, or efficiency problem
• The Criticality field shows how serious the problem is

For Criticality, you can select one of the following values:

• Info (informational purposes only; does not affect badge colors)
• Warning (lowest level; displays yellow)
• Immediate (medium level; displays orange)
• Critical (highest level; displays red)
• The Alert Type and Subtype fields can be used to classify the alert; an example would be using these fields' information to route the alert to the appropriate personnel in your organization

Finally, choose settings for your cycle, which are data collection intervals.  

• Wait Cycle indicates how many cycles should pass before triggering the alert 
• Cancel Cycle indicates how many cycles without symptoms should pass before the alert is canceled

1. Click the chevron to show the Advanced Settings.
2. Review the Alert Impact Settings. We will be using the default settings, so no changes are needed.
3. Click NEXT.

Add Symptom Definition

1. Type high cpu and press the Enter key to filter the Symptom Definitions to what we created in a previous step.
2. Drag High CPU to the Symptom Definition section on the left to the workspace as shown above.
3. Click NEXT.

Add Recommendation

Now, we will define a new Recommendation for our custom alert based on our organization's policies.

1. Click + Create New Recommendation.

Custom Recommendation

For Production Virtual Machines, please assess the trend and add CPU Resources if trend is high. 
All development machines are shut down and the developer is notified.

1. Paste the text shown above into the Recommendation Text area.
2. Click Adapter Type to show the adapter type options. 
3. From the list shown, select vCenter Adapter.

Set Recommendation Action

1. Click the down arrow on the Action Menu to show the action options.
2. Select Power Off VM.
3. Click CREATE.

Save New Alert Definition

1. Type production in the filter field and hit Enter.
2. Drag your newly created custom recommendation onto the Alert Definition.
3. Click NEXT to go to the Polices tab.

Set Effective Policy

1. Click the checkbox to select HOL Policy.
2. Click CREATE to create the new Alert Definition.

Alert List

Verify that the Alert exists.

1. Type High CPU in the Alert Definitions quick filter and then press the Enter key to reduce the Alert Definition list.
2. We can verify that our new High CPU Alert has been created.

Now that our symptoms and alert has been configured, we're ready to test it out!

PuTTY to app-01a VM

1. Click on the PuTTY icon in System tray.

Start PuTTY Session

1. Click on app-01a.corp.local.
2. Click Open to start the PuTTY session.  

Run CPU Load

We will now redirect dev/zero to dev/null to generate CPU load so that we can see the impact on the VM in vRealize Operations.

1. Type cat /dev/zero > /dev/null and press the Enter key to start the CPU load.

Leave this putty window open, we'll come back to this later in the lesson.

Return to vRealize Operations

1. Back in vRealize Operations, click the Magnifying Glass Icon to start a search.

Search for VM

1. Type app- to search for objects beginning with "app-".
2. Click app-01a to go to the Summary page of this VM.

Metrics Graphs

Set up the CPU graphs by completing the following:

1. Click Metrics.
2. Click app-01a so we can explore the Metrics on this object.
3. Click Utilization to expand the Utilization section.  
4. Double-click CPU/Usage (%) to create a chart on the lower right hand side of the window.
5. In our example, the color of the VM Health badge will turn red once the alert we configured has been activated due to the high CPU Usage.  However, the color can be green, yellow, orange, or red, depending on the severity of the alert.

Refresh Metric Graphs

1. If the VM Health Badge is not yet red, then we may need to click Refresh.  
   • The graph will eventually show the increase in CPU usage on the Metric chart.  Once CPU usage is above 95%, an alert will be generated. (NOTE: It may take up to 5 minutes for the VM Health Badge to turn red).
2. Notice the increased CPU usage on the graph.
3. Click Summary to move to the Summary page.

Summary Page

As shown here, we can see quite a bit of information about this particular object that we've selected. Under Active Alerts, we see we have 2 Critical Alerts.

1. Click Critical here to open the Alerts Tab.

View Critical Alerts

In the Alerts Tab, we see all of the alerts related to this vm app-01a.

1. Click the chevron beside 1 Hour to open the recent alerts for app-01a.
2. Click High CPU Alert in the Alert column for more details about the alert.

Note: You may see additional alerts for this VM as there are other alerts active within our environment. If it does not show as Critical, you may need to hit Refresh in the top right corner.

Alert Details

From this Alerts screen we can see details about the alert. We can see our Recommendation text we entered earlier, and again we see the POWER OFF VM ACTION button where we could manually kick off the action we configured earlier which was the shut down the VM.

1. Click Symptoms.

Alert Symptom Details

1. Click on High CPU.

From here we can see the CPU chart and we see the timing and details of this alert. We will now stop the CPU load so that we can complete some additional configuration to enable the automation of our configured recommendation for this High CPU alert.   

Stop CPU Load

We've seen how we can manually create Alerts and Recommended Actions based on Symptom Definitions. Now let's end this part of the lesson and look at how we can automate these Recommended Actions by using the vRealize Operations Policies.

Return to your open PuTTY window. Closing this PuTTY session will end the CPU load, and the alert will clear.

1. Click the X in the upper-right corner to close the PuTTY session.

Fully Automated Actions

Here, we will create a custom policy for test VMs to enable the system to act based on the VM's policy assignment. In this case, we will automatically power off test VMs that spike CPU usage to prevent them from causing resource constraints in the virtual environment. By using the HOL Policy, all settings in that policy will be applied if they are not explicitly set in our new policy.  

1. Click Administration.
2. Click Policies.
3. Click Policy Library.
4. Click HOL Policy to highlight, this will enable this policy to be our beginning baseline.
5. Click ADD to create a new policy.

Name the Policy

1. Enter HOL Test Policy in the Name field.  

Edit Alert Definition Settings

The policy allows us to set the action to be run at the time of an alert. In this case, we are adding resources, so it is important to know that the OS must support hot add for the changes to take effect. The critical VM in our lab does, so the change should take effect and the alert should clear.  In cases where the OS does not support the change, the action would run but not take effect until the system is rebooted.

1. Click Alert / Symptom Definitions.
2. Type high cpu in the filter box and hit Enter.
3. In the Alert Definitions Window, select our High CPU Alert
4. Click on Local (with the green checkmark to the left of it) in the drop-down list under the Automate column. Note that the action we assign in the alert is linked in the policy.
5. Click SAVE.

Confirm Policy Was Created

1. Now we can confirm that our new Policy "HOL Test Policy" was created, under the "HOL Policy". This indicates that our new policy will use the "HOL Policy" as its base Policy.

Add VM to Test Group

We will now create a new group for test VMs and apply our HOL Test Policy to it.  In this lab, we only have one test VM, but we will be able to configure the group to add additional machines dynamically and apply our policy.  

1. Click on Environment.
2. Click ADD to create a new group.

Define the New Group

1. Enter  Test VMs in the Name field.
2. Select Function for group type.
3. Select HOL Test Policy.
4. Click the check box to select Keep group membership up to date.
5. Select Virtual Machine under the vCenter Adapter for object type.
6. Under Object Name, select contains and then enter app-01a for the selection criteria.
7. Click PREVIEW to preview the machines that fit this search criteria and make sure only the VM app-01a shows up.
   • Click CLOSE on the Preview Screen (not shown above).
8. Click OK.

Check Policy

Verify our critical VM has the newly assigned policy.

1. Click the search magnifying glass at the top right corner of the screen and enter app-
2. Click the VM app-01a.

Confirm HOL Test Policy

1. Verify that HOL Test Policy is assigned.

Open PuTTY Session

1. Click on PuTTY icon in System tray to view the PuTTY Configuration options.

Open PuTTY Session

1. Click on app-01a.corp.local.
2. Click Open to start the PuTTY session.

Run CPU Load

Redirect dev/zero to dev/null to generate CPU load again; this will trigger the alert and show how it behaves with the new policy. 

1. Type cat /dev/zero > /dev/null and press the Enter key to start the CPU load.

Again, leave this PuTTY window open.

Check for the Alert

Let the CPU load command run for a couple minutes, and then return to vRealize Operations and check the alerts from the Alerts screen.

Note, you may need to hit refresh in the upper right hand corner. The High CPU Alert will not show until the next collection cycle runs.

1. Click Alerts.
2. Click the chevron beside the High CPU Alert to expand the details and verify when it was triggered.

We looked at the alert previously, so now we'll check the recent tasks and check the status of the action.

Recent Task List

1. Click Administration.
2. Click History to expand that menu item.
3. Click Recent Tasks.

Inspect Power Off VM Task

1. Click the Power Off VM task.  Additional details regarding the completed operations are displayed below.

Let's take a look at the VM in the vSphere Client to ensure that the action has turned off our app-01a VM.

Open vSphere Client - Open a new Browser Tab

After completing the last lessons, you may still have vCenter open in a separate tab. If not, we need to open it now.

1. Click the + to open a new Chrome Tab.
2. Click on the vSphere Client link in the bookmarks bar.

Login to vCenter

1. Click the checkbox to select Use Windows session authentication.
2. Click Login.

VM Status

1. In vCenter we can see that the app-01a VM has indeed been turned off by out automated action in vRealize Operations.

Automating actions in vRealize Operations is a key part of creating a Self Driving Datacenter!

Restart the app-01a VM

Let's restart the app-01a VM as it may be needed in later lessons.

1. Click the VM app-01a.
2. Click the start icon at the top of the VM summary page (or right-click and select Power On).

Power On Recommendations

Let's keep the default Power On Recommendation.

1. Click OK to complete the restart of the VM.

Stop CPU Load

Return to your open PuTTY window. Closing this PuTTY session will end the CPU load.

1. Click the X in the upper-right corner to close the PuTTY session.

Lesson End

This concludes the Using Symptoms and Alerts to Trigger Recommendations and Actions Lesson.

Thank You.

Conclusion

Self-driving operations by VMware vRealize Operations automates and simplifies IT operations management and provides unified visibility from applications to infrastructure across physical, virtual and cloud environments. We hope in this module you learned how Intelligent Remediation helps predict, prevent and even take actions to resolve issues upon detection.  VMware vRealize Operations allows for faster troubleshoot with actionable insights correlating metrics and logs and unified visibility from applications to infrastructure.

You've finished module 3

Congratulations on completing the lab module.

If you are looking for additional general information on vRealize Operations 8.1, try one of these:

• VMware Product Public Page - vRealize Operations:  https://www.vmware.com/products/vrealize-operations.html
• vRealize Operations 8.1 - Release Notes:   https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/rn/vRealize-Operations-Manager-81.html
• vRealize Operations 8.1 - Documentation:  https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/com.vmware.vcom.core.doc/GUID-7E6B5805-3D2F-41C4-ADFF-B7248386E7AC.html
• VMware Cloud Management Blog - What's New in vRealize Operations 8.1:  https://blogs.vmware.com/management/2020/03/whats-new-in-vrealize-operations-8-1.html

From here you can:

1. Click to advanced to the next page and continue with the next lab module
2. Open the TABLE OF CONTENTS to jump to any module or lesson in this lab manual
3. Click on the END button if you are done with the lab for now and want to exit

Module 4 - Create Super Metrics Using the Super Metric Editor (45 minutes)

Introduction

In this module you will learn about super metrics in vRealize Operations - how to create them and how to choose where they are calculated.

Super metrics have been available in vRealize Operations since the first version of the product. However, in newer versions VMware introduced a new way in the user interface to create, edit and apply super metrics to object types.

What is a Super Metric?

In vRealize Operations a super metric is a mathematical formula that contains one or more metrics or properties. It is a custom metric that you design to help track combinations of metrics or properties, either from a single object or from multiple objects. If a single metric does not inform you about the behavior of your environment, you can define a super metric.

After you define it, you assign the super metric to one or more object types. This action calculates the super metric for the objects of that object type and simplifies the metrics display. For example, you define a super metric that calculates the average CPU usage on all virtual machines, and you assign it to a cluster. The average CPU usage on all virtual machines in that cluster is reported as a super metric for the cluster.

You can define whether or not super metrics are calculated for a given group of objects by enabling or disabling them in the policy that is applied to that group of objects.

Because super metric formulas can be complex, plan your super metric before you build it. The key to creating a super metric that alerts you to the expected behavior of your objects is knowing your own enterprise and data.

Log into the vRealize Operations Live Instance

This lab environment is running two different instances of vRealize Operations. We have the different vRealize Operations instances for different use cases. The lab instances are:

• Live Instance: Connected to the small running vSphere environment in the lab. There isn't a large inventory of objects in this instance but it allows us to interact with a live system including vCenter.
• Historical View Mode (HVM) Instance: Running a time loop of data that was captured in the past. This instance has a much larger inventory of objects but, since it is not currently connected to a vCenter Server, we cannot perform any actions here.

In this lesson we will be using the live Instance of vRealize Operations.

If you are not currently logged into any instance of vRealize Operations, continue to the next page, but if you are already logged into the live (not historical) instance of vRealize Operations, click here to skip ahead.

Open the Chrome Browser from Windows Quick Launch Task Bar

If your browser isn't already open, launch Google Chrome

1. Click the Chrome icon on the Windows Quick Launch Task Bar

The browser Bookmarks Bar has links to the different instances of vRealize Operations that are running in the lab.

1. The Live instance of vRealize Operations has already been started for you.  

Log in to vRealize Operations

vRealize Operations is integrated with VMware Identity Manager which we will use for user authentication in this lab.

VMware Identity Manager should be pre-selected as the identity source. However, if it is not you will choose it.

1. Click the drop-down arrow if VMware Identity Manager is not selected.
2. Click REDIRECT to be taken to the authentication page.

VMware Identity Manager Login

For the Live instance of vRealize Operations instance, the default username and password should already be entered.  However, if needed type them in.

username: holadmin

password: VMware1!

1. Click Sign in

vRealize Operations Home Screen

You should be at the vRealize Operations Home screen and ready to start the module.

Understanding Hierarchical Relationships in vRealize Operations

Before we jump into creating super metrics, it is first important to understand that vRealize Operations maintains several hierarchical relationship trees. And whenever you install additional management packs for extensibility, each management pack will add at least one additional hierarchy in vRealize Operations.

This is important to understand in the context of super metrics because unless you are creating a new metric on an object or object type that is based only on metrics from that same object/object type you will need to know where in the hierarchy the related object types are. For example, in the vSphere Hosts and Clusters hierarchy, a virtual machine is a child of a host. If you want to create a super metric for hosts that shows the average CPU usage across all virtual machines that are running on a given host, you need to write your super metric formula with the proper syntax to look one level down from the host to the virtual machines for the metric inputs to the super metric.

vSphere Hosts and Clusters Hierarchy

We will focus here on the vSphere Hosts and Clusters hierarchy because that's the one we will be using for the examples in this lab module. The hierarchy is shown in the graphic. There would also be other object types in the hierarchy if they existed in our lab vCenter server (for example, resource pools).

For this hierarchy you can see that virtual machines are two levels below clusters. And that vSphere hosts are one or two levels above datastores (this dual relationship can be found in other places as well). In the super metric formulas, the relationship distance (number of hops) is represented by the depth parameter and we will use that parameter in some examples later in this module.

Environment Tab

To see another way of looking at the vSphere Hosts and Clusters hierarchy within vRealize Operations:

1. Click Environment on the main navigation bar
2. Expand the vSphere Hosts and Clusters hierarchy by clicking the > arrows

The levels of indentation in this view indicate the relative depth of each object type.

Object Hierarchies

To see the available hierarchies within vRealize Operations:

1. Click the v to expand the list of hierarchies
2. Note all of the available hierarchies in this vRealize Operations instance

As stated earlier, if additional management packs were installed for extensibility (for example, NetApp or Dell EMC storage) hierarchies for those objects would also be here.

Create Your First Super Metric

In this first example, we will create a simple super metric and explore the depth parameter in a super metric formula.

Your first assignment is to create a super metric that will calculate the average memory utilization across all virtual machines running on a vSphere host or in a vSphere cluster. This is an example of creating a metric on an object (host or cluster) that is based on metrics from related objects (virtual machines).

The Hierarchical Relationship

If you recall from a previous lesson, we learned that virtual machines are children of hosts and "grandchildren" of clusters in the vSphere Hosts and Clusters hierarchy. So if we create a super metric on the cluster object type and on the host object type and have it look one or two levels down the hierarchy to create the sum of the metric representing memory usage on virtual machines, we will have completed the assignment for this lesson.

Which Metric Will We Be Using?

Before we get started with the super metric, let's understand which virtual machine metric we will be using for this lesson. Since we want to average a vm metric (memory utilization), let's go find a vm to see what metrics are available. We will take a look at the web-01a virtual machine.

1. Click the global search magnifying glass icon in the navigation bar.
2. In the search box, type web-01.
3. Click the web-01a link under the Virtual Machine object type.

Expand the All Metrics Tree

1. On the Web-01a object page, click the Metrics tab.
2. Click the > to expand the All Metrics section.

Expand the Memory Metric

1. Use the scroll bar to scroll the window down until you see the Memory metric.
2. Click the > to expand the Memory section.

Find the Memory|Utilization Metric

1. Use the scroll bar to scroll down more until you see the Utilization (KB) metric.
2. The metric Utilization (KB) is the metric we will be using to create our super metric.

Create The Super Metric

Now that we know which virtual machine metric we will be using, let's navigate to the new super metric editor window. The new super metric workspace can be found in the Administration section of vRealize Operations.

1. Click Administration in the main navigation bar.
2. Expand the Configuration group.
3. Click Super Metrics.

 You will note that there are already some super metrics defined here. They are used in a different lab and can be ignored for this lesson.

Create a New Super Metric

1. Click ADD to create a new super metric.

Basic Info

Let's enter some basic information about the super metric. You want to create a name that is descriptive enough so you or others will understand what it is calculating when you use it later in dashboards or reports or alert definitions. It is also a good idea to include the unit of measure in the metric name - in this case we will calculate the value in gigabytes (GB).

1. In the Name field, type Average Mem Usage Across All Descendant VMs (GB)
2. In the Description field, type Calculates the average memory usage of all VMs that are descendants of this object.
3. Click either the next step in the wizard, Create a formula, or click the NEXT button (not shown) in the lower right corner of the wizard.

The vRealize Operations Super Metric Formula Editor

If you haven't used a recent version of vRealize Operations this screen may look a little different. We'll cover some of newer features and differences as we build out our super metric.

The previous editor workspace had buttons above for Show Formula Description and for Preview.

1. You will see that Preview is now it's own expandable section that we will use later in this lesson.
2. If you are familiar with the legacy editor and want to use it to create your formula, you can expand the Legacy section and the UI will revert to that legacy editor.

Note that if you do expand the Legacy section and want to get back to the new editor, just click the arrow on the Legacy header to minimize it.

Formula Functions

1. Click the Functions drop-down to see a list of all available functions

The list includes looping functions (avg, combine, count, max, min and sum) that work on more than one input value and can return either a single value or a set of values depending on the formula syntax. The remainder of the functions are single functions. They work on only a single value or a single pair of values.

To better understand the concept of looping functions, think about the example metric we are going to create in this lesson. We want to look for all descendant virtual machines (could be one or could be many), get the value for memory usage for each of those virtual machines, and then calculate an average of those values which we will then store a single super metric on our object (in this case a vSphere host or cluster). In the process, we will use a looping function to "loop through" all of the descendant virtual machines to get the memory usage metric value for each one.

Note: The product documentation for super metric functions and operators can be found here.

Formula Operators

Operators are mathematical symbols and text to enclose or insert between functions. There are numerical operators and string operators

1. Click the Operators  drop-down to see a list of all available operators.

Note that string operators are only valid in 'Where' condition clauses. We will take a look at some different operators in the upcoming pages.

New Way To Interact With The Formula Editor

The editor is context sensitive and has hints to help guide you when creating a formula. To see some helpful hints,

1. Hover your mouse over the information icon.
2. Note the hint that you can use the ctrl+space keyboard combination (hold the Ctrl key then press the Space key) to show options whenever you are creating a super metric formula. Also note that various components will be color-coded according to the legend shown.
3. In the formula workspace, you see the tip that you can either start typing your formula or use the ctrl+space key combination for hints.

We will be making use of the ctrl+space combination in the following steps.

Start Creating the Super Metric Formula

Recall that we want to create an average of the memory usage across all virtual machines on hour host or in our datacenter so let's start by adding the avg function to our formula.

1. You can either click the drop-down list and select your function or you can start typing the function. Type av (avg will be presented as a match to what you typed).
2. Click on avg to add it to your formula line below.
3. Note that the function is added to your formula line, it includes the parentheses and your cursor is placed between the two parenthesis.

Continue Creating the Formula

1. Let's get a hint about what we can do next. Use the ctrl+space key combination on the keyboard.

Note you are presented with three choices here:

• Adapter Type. Use this if you aren't sure what object type (for example virtual machine, host, etc.) to use but you know what adapter type (for example vCenter, NetApp, MS SQL, etc.) is it defined by. Once you select the adapter type you can drill from there to the object type an ultimately to the attribute, property or metric.
• Object Type. Use this if you know the object type.
• Object. Use this if you want to get an attribute from a specific object (for example the web-01a virtual machine).

2. In this case, we know we want to average the memory usage metric across one or more virtual machines (an object type) so click Object Type

Select the Virtual Machine Object Type

You could scroll down the list of object types until you see Virtual Machine but let's make use of some filtering to make things easier.

1. Type the first few letters of the object type: vir
2. Click to select Virtual Machine

Add the Attribute

1. Let's once again get a hint about what to do next. Use the ctrl+space key combination on the keyboard.
2. Since we want to average a specific metric from all of the virtual machines, click Metric

Select the Metric

Recall that we want to create an average of the memory utilization across all virtual machines on our host or in our datacenter.

You could scroll down the list of metrics until you see Memory|Utilization but let's make use of some filtering to make things easier.

1. Start typing some text from the metric name if you know it. Type util
2. Click Memory|Utilization (KB). You should remember this metric from the beginning of the lesson.

Note that the the units of memory utilization are in KB but we want our super metric value to be in GB. That's OK because we can just add the additional math to the formula to do the conversion from KB to GB.

Convert from KB to GB

In order to convert our resulting value in kilobytes (KB) to gigabytes (GB), we need to divide the resultant average by 1024 to get to megabytes (MB) and then divide again by 1024 to get to GB.

1. Note the super metric formula that you have created so far using the wizard.
2. To convert from MB to GB, move your cursor to the end of the text and type / 1024 / 1024 at the end of the formula. Note that you could have selected the divisor (/) from the Operator drop-down list but it's quicker to type it.
3. You may have noticed that the depth parameter was automatically added to your formula. We will explain more about that in a bit.

It Is Time to Preview The Metric

Here you can see your super metric definition. Now we want to see if it calculates as expected.  Luckily, the wizard allows you to preview the metric applied to any object.

1. Click > Preview to expand the preview section.

Select The esx-02a Host

Let's test our metric on the esx-02a.corp.local vSphere host. There are two VMs running on that host so we should see the average memory utilization across the two VMs.

1. Type the first few letters of your host: esx
2. Scroll down until we see the Host System list.
3. Select the esx-02a.corp.local host. Note that the order of hosts in the list in your lab might be different.

View the Host Preview

You should see a preview of your super metric on the esx-02a.corp.local host. Note that your values will likely be different and you may or may not see the graph cover the entire time period depending on how long your lab environment has been running before you started this lesson.

1. You can change the time period of the preview if desired. Click the calendar icon.
2. Click the Range drop-down and change the option from Last 6 hours to Last hour.
3. Click GO to apply the changes.

Select the Cluster-02 Cluster For Preview

Since we wanted our super metric to show the average vm memory utilization for hosts and clusters, let's test our metric on the Compute Cluster A vSphere cluster. There are five VMs running in that cluster so we should see the average memory utilization across the five VMs, right?

1. Delete the esx-02a entry, and type the first few letters of your cluster: compu
2. Select the Compute Cluster A cluster.

View the Cluster Preview

1. Now our preview shows zero. What's going on? That cluster has five VMs running and certainly the average memory utilization is not 0 GB per vm.
2. It's time to discuss the depth parameter.

The depth parameter in a super metric formula is used to tell vRealize Operations how far down (or up) the object hierarchy to look for the objects and their metrics when performing the calculation. As mentioned earlier, within vRealize Operations there are multiple hierarchies (or traversal specs). Each adapter type will usually have at least one hierarchy. For example, the vCenter adapter creates vSphere Hosts and Clusters, vSphere Networking and vSphere Storage hierarchies.

If we look at the vSphere Hosts and Clusters hierarchy, it goes (from top to bottom): vSphere World --> vCenter Server(s) --> vSphere Datacenter(s) --> vSphere Cluster(s) --> vSphere Host(s) --> Virtual Machines --> Datastores. So in our case we want to calculate our super metric based on one (host --> vm) or two (cluster --> host --> vm) levels down the hierarchy. If you look at our super metric formula, you see that depth=1 was added automatically which is why the preview worked on the esx-02a host (the vms were one level below the host) but not for the Cluster-02 cluster (the vms were two levels below the cluster).

Something else you might notice about the depth parameter is that a positive value (1 in this case) will look down the hierarchy. If we wanted to look up the hierarchy, we would need to use a negative value for the depth parameter. That might seem opposite from what you would expect but you just need to remember that rule: positive depth = look down, negative depth = look up.

Fix the Super Metric Formula

So let's update our formula to get it to look two levels down the hierarchy.

1. Delete the '1' and replace it with a 2 for the depth parameter.
2. Click the refresh icon to update the graph.

Now the formula is calculating the average VM memory utilization for our cluster. But does that mean it won't work for hosts any longer? Since it is looking down two levels down in the hierarchy for vms will it look past the vms when applied to a host? The good news is that it will still work for hosts. In fact, a depth of 2 means it will look down one level and two levels. A depth of 5 would look down one, two, three, four and five levels for vms (or whatever object type is in the formula).

Advance The Wizard

1. Click NEXT to advance (you may need to scroll down to see the button).

Assign to Object Types

Next we need to tell vRealize Operations what are the valid object types that our new super metric can be assigned to. This will limit the scope of available object types where the super metric can be calculated.

You can click the Select an Object Type drop-down and traverse through the hierarchies to find your object types or to save time, filter the list of object types and then select what you want.

1. Type host
2. Click Host System to select it.
3. Type cluster co
4. Click Cluster Compute Resource to select it.

Confirm Your Object Types

1. Verify that both Host System and Cluster Compute Resource object types are shown.
2. Now in the bottom right corner of the window, click NEXT to advance to the final step in the wizard.

Assign The Super Metric To One or More Policies

The final (optional) step is to enable the super metric for the object types in one or more policies. If you don't enable the metric calculation in a policy here, you will have to go edit the policy(ies) where you want to enable the calculation later in the policy editor.

In our lab we only have one policy that is being used (the Hands On Lab Policy).  In a production environment you might have several or more policies active in vRealize Operations. If you have multiple active policies you will see all of them listed on this screen and you can select which policies you want to activate the super metric calculation in for each object type.

1. Check the box to enable the metric on hosts in the policy.
2. Check the box to enable the metric on clusters in the policy.
3. Click FINISH to save your super metric.

Congratulations! You have created your first super metric and applied to to two object types in the active policy in your lab environment. There are a few more lessons ahead where we will explore creating other super metrics to learn about some additional super metric features. If you want to skip ahead and see the results of your work, use the Table of Contents at the top of the lab manual to jump past the other super metric creation lessons.

Using 'This' and Negative Depth Parameters in Super Metric Formulas

Let's create another super metric. For this example, the assignment is to use a super metric to calculate the percentage of a datastore's capacity that is being used to store virtual machine snapshots.

The Hierarchical Relationship

If you recall from a previous lesson, we learned that a datastore is a child of hosts and of virtual machines in the vSphere Hosts and Clusters hierarchy. In this case, we will be using the VM <--> datastore relationship. Note in the graphic (and in our lab environment) that the RegionA01-ISCSI0 datastore supports seven virtual machines and four hosts (4 objects in the Host System graphic). So if we create a super metric on the datastore object type and have it look one level up the hierarchy to create the sum of the metric representing snapshot space on virtual machines, we will have completed the assignment for this lesson.

Which Metric Will We Be Using?

Before we get started with the super metric, let's understand which virtual machine metric we will be using for this lesson. Since we want to average a vm metric (disk snapshot space), let's go find a vm to see what metrics are available. We will again take a look at the web-01a virtual machine.

1. Click the global search magnifying glass icon in the navigation bar.
2. In the search box, type web-
3. Click the web-01a link under the Virtual Machine object type.

Expand the All Metrics Tree

1. On the Web-01a object page, click the All Metrics tab.
2. In the filter field, type snap and press the Enter key to filter the metric results.
3. All Metrics --> Disk Space --> Snapshot Space (GB) is the metric that represents the total space on the disk consumed by snapshots on this virtual machine.

Create the Super Metric

Repeat the process to launch the wizard for creating a new super metric. From Administration --> Configuration --> Super Metrics:

1. Click ADD to create a new super metric.

Basic info

1. Type the super metric Name: Percentage of Datastore Capacity Used by Snapshots (%)
2. Type a description for the metric (optional).
3. Click Create a formula or the NEXT button (not shown) to advance the wizard.

Start the Formula

The formula will be: The sum of the snapshot space from all VMs on the datastore divided by the total capacity of the datastore.

Start typing your formula - let's find the sum of the snapshot space from all VMs on the datastore that this super metric will be calculated on. Or you can select the function from the Functions drop-down.

1. Type sum
2. Click sum in the resulting list of suggestions.

Add the Virtual Machine Object Type

We need the virtual machine object type.

1. With the cursor between the parenthesis, type virtual
2. Click Virtual Machine from the resulting list of suggestions.

Remember if you need hints during the formula creation, use the ctrl+space key combination.

Add the Metric

Let's select the metric. Remember from earlier in this lesson that we will be using the Disk Space|Snapshot Space (GB) metric

1. Type snap

Note that the metric we want to use shows up both in the Metric Type category and the Metric category. Metric Type is a general attribute and should be used any time there might be more than one instance of the metric on an object (for example a CPU core's usage where there are multiple cores in the host. Or the space used by individual snapshots when there are multiple snapshots on the virtual machine). In this case, the Disk Space|Snapshot Space is just a single metric that represents the total snapshot space used by the VM across all snapshots (if there are more than one).

2. Click Disk Space|Snapshot Space (GB) under the Metric section.

Continue Creating the Formula

We have the numerator of our formula (the sum of the snapshot space from all VMs on the datastore). Let's add the division operator and get ready to add the denominator.

1. Move your cursor to the end of the formula and type a space followed by a / and then another space (note that the spaces are optional but they make the formula easier to read).

Specifying 'This Object'

What happens when depth=0?

Let's take the example we are working on from the perspective of the datastore. The metric will be applied to datastore objects and we want to know for each datastore, what is the sum of the disk snapshot space from all of the VMs attached to that datastore (VMs are the parents) and then divide the sum by a metric on the datastore itself (the total capacity of the datastore). So if we are going to create a metric that will be attached to datastore objects and one of the calculation inputs is a metric from the datastore object itself, can we just say object type = datastore and depth = 0 in the super metric formula? Actually, there is special syntax for this type of situation ... instead of saying depth=0, it entails prefacing the metric or metric attribute with 'This Resource' and there is a special way of building that into the metric definition  - the THIS button in the editor.

Let's see how it works.

1. Click the THIS button - you won't see anything on the metric formula line yet but the THIS button will have a box around it.
2. With your cursor at the end of the formula, use the ctrl+space key combination to bring up the hints.
3. Click Object Type - we are going to want to select the datastore object type on the next page.

Select the Datastore Object Type

We know we want the object type to be Datastore.

1. Type datast to filter the list.
2. Select Datastore from the list of hints.

Select the Total Capacity Metric

Select the Total Capacity metric.

1. Type total to filter the list.
2. Click Capacity|Total Capacity (GB) to select the metric.

Finish the Formula

The result at this point will be a ratio of the sum of the snapshot space metric for all of the VMs on a datastore divided by the total capacity of that datastore. To convert it to a percentage, we just need to multiply by 100.

1. With your cursor at the end of the formula, type space then * then space then 100
2. Click > Preview to open that section.

Preview the Super Metric

Let's see how our super metric looks.

1. In the search field, type region
2. Scroll down so you can see the list of Datastores
3. Click the RegionA01-ISCSI01-COMP-01 datastore object as the preview source.

View the Preview

1. The preview shows zero percent of the datastore is used by snapshot storage. In this lab environment that is not the case. So why doesn't our formula work?

Do you remember the relationship hierarchy between datastores and VMs? Do you remember how the depth parameter works in a super metric formula?

In this case, virtual machines are parents of datastores. Our depth parameter on the datastore object is 1. Remember that a depth of 1 means one level down the hierarchy. But here we need to look up the hierarchy one level - from the datastore to the VM. So instead of depth=1, we need to have depth=-1. 

Remember? Positive depth means look down the hierarchy. Negative depth means look up the hierarchy.

Fix the Formula

Let's fix the depth parameter and try the preview again.

1. Place your cursor just to the left of the 1 in the depth parameter and type a minus sign (-) to make the depth=-1
2. Click the refresh button to recalculate the metric preview.
3. Now we see the percentage of datastore space that is used by snapshots.
4. Click the NEXT button to advance the wizard.

Assign the Metric to the Datastore Object Type

Assign the super metric to the datastore object type.

1. Type datas to filter the list.
2. Click Datastore under vCenter Adapter to select the object type.

Verify the Object Type Assignment

1. Verify that the Datastore object type has been selected.
2. Click Enable in a Policy or click the NEXT button (not shown) to advance the wizard.

Select the Policy and Finish

Just like in the last lesson, we need to enable the super metric in one or more policies if we want it to actually be calculated and then we can finish the process.

1. Check the box to enable the metric on Datastore object types in the HOL Policy .
2. Click the FINISH button to complete the wizard.

Handling Sets of Data Points in a Super Metric Formula

This topic confounds many people when they first start creating super metric formulas so it's worth spending some time to understand when you might run into this issue and how you can work around it. If you remember back in the lesson where we created our first super metric, there was a discussion about super metric functions and it was stated that the list of available functions includes looping functions (avg, combine, count, max, min and sum) that work on more than one input value and can return either a single value or a set of values depending on the formula syntax. The topic of this lesson centers on that notion of "either a single value or a set of values" depending on the syntax.

If you think back to the discussion about hierarchies in vRealize Operations, you will recall for example that in the vSphere Hosts and Clusters hierarchy, virtual machines are children of hosts and that a virtual machine's parent is a host. We understand that a host can have one or more VMs as children but that a VM can only have a single host as its parent. But if we think about the relationship between hosts and datastores, we realize that a host can have one or more datastores as descendants and a datastore can have one or more hosts as ascendants. We know this because we understand vSphere enough to realize that. However, vRealize Operations really has no way to know whether relationships between particular objects or object types are one-to-one or one-to-many. This is the thing that can cause confusion when creating a super metric formula until you understand the concept and how to work with it.

In this lesson we will explore this concept by creating a super metric that can be applied to virtual machine. It will calculate the percentage of a vSphere cluster's usable memory that the VM is using. For example, if a cluster has 200 GB of usable memory and a VM in that cluster was demanding 4 GB of memory, our value should be 4/200*100 (to make the ratio into a percentage). The assignment will require us to use some concepts that we covered in the previous lessons and will address the issue discussed above.

Launch the Super Metric Wizard

Click ADD to create a new super metric (not shown this time but follow the same procedure as the previous lessons).

1. In the Name field, type VM Memory Usage As a Percentage of Cluster Memory (%)
2. In the Description field, type VM's percentage of usable cluster memory
3. Click either the next step in the wizard, Create a formula or click the NEXT button (not shown) in the lower right corner of the wizard.

Start the Formula

Since the super metric will be applied to virtual machines and the first metric (the numerator) in the formula is the vm's memory demand we will again use the THIS button here.

1. Click the THIS button.
2. Start typing the object type, virtu
3. Click Virtual Machine to add it to the formula.

Add the Metric

Since we want the VM's memory utilization metric,

1. Type util
2. Use the scroll bar to scroll to the bottom of the list.
3. Ensure that you are looking at the Metric attributes and not the Metric Type attributes.
4. Click Memory|Utilization (KB) to add it to the formula.

Choose the vSphere Cluster Object Type

Before continuing, notice that the THIS button is still depressed. If we leave that toggled on and end up with "This Resource: ..." for the cluster metric then the formula isn't going to work because we will be applying it to virtual machines. So we need to remember to toggle that button off when we are done with it.

1. Click THIS to toggle it off.
2. At the end of the formula line, type a space then / then another space then clus (the spaces are not necessary but make the formula easier to read).
3. Click Cluster Compute Resource to select the object type.

Select the Metric

Be sure to select the correct metric here. There are a lot of similarly named that are returned by the filter.

1. On the formula line, type usable
2. Click Memory|Usable Memory (KB) in the Metric section to add it to the formula.

Adjust the Formula Depth

Remembering what we learned earlier about the depth parameter and knowing that vSphere clusters are two levels above VMs in the hierarchy, we need to adjust the value. Remember for the depth parameter, a positive number means look down the hierarchy while a negative number means look up.

1. On the formula line, delete the "1" and in its place, type -2

Preview the Super Metric

OK. We're done, right? Let's preview the super metric by selecting a virtual machine in our inventory. In the Preview section,

1. Click Preview
2. Type web in the filter field.
3. Click web-01a under Virtual Machine to select this VM as our preview object.

Uh Oh!

Uh oh. We got an error - Cannot convert aggregated result to number. This is the issue that was discussed at the beginning of the lesson. Remember that while we know there can only be one cluster as an ascendant (2 levels up) from the VM, vRealize Operations doesn't have any way of knowing that. As far as vRealize Operations knows, there could be a set of cluster objects that are two levels above the VM.

So how do we handle this? We need to modify the formula using a looping function. If you recall from the beginning of the lesson, it was reiterated that looping functions (avg, combine, count, max, min and sum) work on more than one input value and can return either a single value or set of values depending on the formula syntax. What does that mean in this context? It means we can use many of those looping functions to convert the results of the cluster portion of the formula to a single value. Essentially we can tell vRealize Operations to take the avg or min or max or sum of the values from all clusters above the VM and return a single number representing the calculation. What is the average or minimum or maximum or sum of a single number? It's that number.

In this case, we will use the max function (to find the maximum value from a set of one).

Revise the Formula

To add the function to the formula,

1. Place your cursor just before "{Cluster..." in the formula and type max(  (don't click max in the list of suggestions or it will add both parenthesis there).
2. Press the End key on your keyboard to move to the end of the line and type a closing parentheses ).
3. Click the refresh icon in the Preview section.
4. Note that a preview is now rendered and the error message is gone.

For reference, there is the completed formula so far: {This Resource: Memory|Utilization} / max({Cluster Compute Resource: Memory|Usable Memory, depth=-2})

There is only one thing left to do to complete this formula.

Convert the Ratio to a Percentage

The formula is returning the ratio of vm memory utilization to cluster memory capacity. But the assignment was to calculate the value as a percentage.

1. At the end of the formula type space then * then space then 100

You can refresh the preview below again to see the value as a percentage now.

Assign to an Object Type

1. Click the NEXT button at the bottom right of the window to advance the wizard.

Assign the Metric to the Datastore Object Type

Assign the super metric to the virtual machine object type.

1. Type virt to filter the list.
2. Click Virtual Machine under vCenter Adapter to select the object type.

Verify the Object Type Assignments

1. Verify that the Virtual Machine object type has been selected.
2. Click Enable in a Policy or click the NEXT button (not shown) to advance the wizard.

Select the Policy and Finish

Just like in the previous lessons, we need to enable the super metric in one or more policies if we want it to actually be calculated and then we can finish the process.

1. Check the box to enable the metric on Datastore object types in the HOL Policy.
2. Click the FINISH button to complete the wizard.

Using String Operators and the "Where" Clause in a Super Metric Formula

Super metrics can also include some logic in the formula. In this lesson we will look at using the "where" clause and a string operator to evaluate a VM property (the guest OS).

The task this time is to determine the total number of VMs in our datacenter that are running some variant of the CentOS operating system.

The following string operators are available for use in a super metric formula. Note that string operators are valid only when used in a "where" clause to evaluate whether or not the specified text does or does not exist in the string.

Examine the Guest OS Full Name Property

Let's first take a look at the VM property we are going to use in this super metric formula.

1. Click the global search magnifying glass in the top bar.
2. In the search box, type app-
3. Click to select the app-01a Virtual Machine.

Select the OS Name Property

The guest operating system name is contained in the Guest OS Full Name property for a vm that is running VMtools.

On the app-01a object page:

1. Click the Metrics tab.
2. In the filter box, type guest os from tools and press the Enter key.
3. Double-click the property Guest OS from Tools.
4. Note the OS name of this VM.

We will create a super metric that counts all of the VMs with the text "CentOS" in that property field and then we can apply the super metric to our datacenter object type.

Create the Super Metric

Let's go create the super metric using that Guest OS Full Name vm property.

1. Click Administration.
2. Expand the Configuration section.
3. Click Super Metrics.
4. Click ADD to create a new super metric.

Name the Super Metric

1. Type the name: Count of CentOS VMs
2. Type a description.
3. Click Create a formula or the NEXT button (not shown) in the wizard.

Start the Formula

Remember that we want to count the number of VMs running the CentOS operating system so we will use the count looping function.

1. Type count to see a list of matching options.
2. Click the count function.

Select the Virtual Machine Object Type

At the cursor position (between the parenthesis):

1. Type virtual
2. From the match list, click the Virtual Machine object type to select it.

Select the Guest OS From Tools Property

At the cursor position:

1. Type guest os from
2. From the match list, click the Summary|Guest Operating System|Guest OS from Tools property (not property type).

Adjust the Depth Parameter

Remember that we are going to want to apply this metric at the vSphere Datacenter object level. Going back to our discussion earlier about depth, we will need to set the depth to Datacenter --> Cluster --> Host --> VM or three levels down. Traversing down the hierarchy means a positive depth parameter so:

1. Use the left-arrow key on the keyboard to move back one character in the formula so the cursor is just to the right of the 1. Use the Backspace key to delete the 1 and then type 3 in its place.

Add the Where Clause

At the cursor position (just to the right of the 3 you typed), type the following. Note the leading comma, the quotation marks and the exact case. The syntax may not seem intuitive but that is the way it needs to be written. It might be easiest to just highlight the text below and drag it to the HOL console.

1. , where = "contains CentOS"
2. Click Preview.

Select the Regional Datacenter Preview Source

Let's see how this super metric works for our vSphere datacenter.

1. In the Preview Objects filter, type HOL
2. Click to select the HOL Datacenter datacenter object.

View The Super Metric Preview

Here you can see:

1. Here we see the number of VMs in our datacenter that are running the CentOS operating system.
2. Click NEXT to advance the widget.

Assign the super metric to the Datacenter object type and enable it in the HOL Policy (not shown but follow the same process as our previous lessons).

Note that you can also assign the super metric to Host System and Cluster Compute Resource object types with good results since this formula will look down 1, 2 and 3 levels to find Virtual Machine object types and check the operating system property for CentOS.

Using The Ternary Operator (if/then/else) in a Super Metric Formula - Fix the broken Import

Super metric formulas also support the use of the ternary operator, also known as if/then/else conditional logic. The format for the ternary operator here is expression_condition ? expression_if_true : expression_if_false

For this lesson, the assignment will be to define a super metric for host objects that has a value of zero when the sum of allocated memory for all VMs on that host is less than the total memory capacity of the host and one when the sum is greater than total memory capacity. In other words, zero if memory is not over-allocated. One if it is.

Instead of building this super metric formula from scratch, we will look at how the formulas can be imported and exported for portability between different vRealize Operations instances. The super metric for this assignment has already been created and exported in json format. You are going to import it then we will take a look at the syntax of the formula.

Import the Super Metric

To import a saved or downloaded super metric:

1. Click the 3 dots icon to open the action menu.
2. Click Import.

Note that you could also export a super metric here that you have defined if you want to use it in a different vRealize Operations Instance.

Browse For the Metric Definition

1. Click the BROWSE... button.

Select the File

The dialog box should open in the correct directory. If not, you will have to browse to the directory.

1. Desktop.
2. Lab Files directory.
3. Click the Host Memory Allocation Super Metric.json file to select it.
4. Click Open.

Complete the Import

1. You should see that the Super Metric imported successfully.
2. Click DONE.

Edit the Super Metric

Notice that there is now a new super metric - Host Memory is Overallocated. Let's take a look at it.

1. Click the 3 dots to the left of the Host Memory is Overallocated metric name.
2. Click Edit to edit the super metric.

View the Metric Formula

As noted in the lesson introduction, the format for the ternary operator here is expression_condition ? expression_if_true : expression_if_false. In this case:

expression_condition evaluates whether the ratio of the total memory allocated to all VMs divided by the physical memory on the host is greater than 1

1. The ? operator delineates the expression condition from the value/expression returned if the condition is true

expression_if_true is the number 1 in this case. We want the super metric value to be 1 if the allocated VM memory is greater than the physical host memory.

2. The : operator delineates the value/expression returned if the condition is true from the value/expression returned if the condition is false

expression_if_false is the number 0 in this case. We want the super metric value to be 0 if the allocated VM memory is not greater than the physical host memory.

In our lab environment, none of the four hosts has memory overallocated so the super metric will evaluate to zero for all of them. If you want to, you can open the vSphere client and change the memory allocation on one of the VMs to something that makes the total VM allocated memory on a host greater than 10 GB since that's the configured memory on our hosts. If you do try this, you will need to wait at least one collection/analytics cycle (set at one minute in the HOL pod) before you will see the  super metric value change from zero to one.

3. Click NEXT in the wizard and then click NEXT again (not shown) to get to the Enable in a Policy step.

Enable In the Policy and Save

All that's needed now is to enable the super metric in our policy and save it.

1. Check the box to enable the metric in our HOL Policy and any other policies that are under HOL Policy.
2. Click FINISH to save and close the wizard.

Verifying Super Metric Calculation

We just created several super metrics. Let's check to make sure they are being calculated on the appropriate objects in our environment.

Search for a Cluster

Let's first take a look at the Compute Cluster A vSphere cluster's metrics.

1. Click the global search magnifying glass in the top bar.
2. In the search box, type computer
3. Click to select the Compute Cluster A vSphere cluster.

View the Compute Cluster A Super Metric

To see the calculated value of the cluster super metric:

1. Click the Metrics tab.
2. In the search box, enter Super and hit Enter.
3. Note that there is a metric category Super Metrics. This will only exist when there are one or more super metrics calculated for the object. Click to expand it.
4. Double-click Average Mem Usage Across All Descendant VMs (GB).
5. Since the metric is new, let's change the time scale. Click the calendar icon.
6. Click Last Hour to change the time scale.
7. Click GO.

Super Metric Graph

1. Click the calendar icon again to collapse the calendar window.
2. Note that in this case the super metric has been calculated and stored in the database for several minutes. In your lab environment, the value and number of metric points will vary.

It is important to understand that super metric values will only be stored in the database from the time you create the metric and enable it in the appropriate policy.

Visualize Historical Super Metric Values

We also have the ability to visualize what a super metric value would have been for time frames prior to when the metric was created.

1. Let's minimize the Object Relationship window to give us more room, click the 2 arrows to minimize this.
2. Click the Show previewable supermetrics button.
3. Note that there is now a Super Metric Previews category now. Click to expand it if you need to.
4. Double-click the super metric name.
5. You can see that a historical view of the super metric is available.
6. It may help to look further back, so use the calendar icon to select a different time range. In. this case, I've set my range to the Last 12 hours.

Note that the historical super metric calculation will be limited to the time range available for the metric(s) that are used in the super metric formula. In this lab environment, you may see large gaps in the data because of when the environment was created and the fact that the lab pod sits dormant (powered off) until shortly before you logged in and took this lab. Also note that while we have set a non-standard data collection interval of one minute in this lab pod (see frequency of data points in the top graph), the historical preview uses the standard 5-minute interval for calculations.

If you are interested, you can select VM, host, datacenter and datastore objects in this environment and confirm that the super metrics we created and enabled for each of those object types is also being calculated.

Conclusion

In this module we discovered how to use the super metrics editor. We also walked through creating several super metrics in order to show many concepts that are important to understand when working with super metrics. Finally, we saw how to import and export super metrics and then verified that the metrics we created were being calculated as expected.

You've finished module 4

Congratulations on completing the lab module.

If you are looking for additional general information on vRealize Operations 8.1, try one of these:

• VMware Product Public Page - vRealize Operations:  https://www.vmware.com/products/vrealize-operations.html
• vRealize Operations 8.1 - Release Notes:   https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/rn/vRealize-Operations-Manager-81.html
• vRealize Operations 8.1 - Documentation:  https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/com.vmware.vcom.core.doc/GUID-7E6B5805-3D2F-41C4-ADFF-B7248386E7AC.html
• VMware Cloud Management Blog - What's New in vRealize Operations 8.1:  https://blogs.vmware.com/management/2020/03/whats-new-in-vrealize-operations-8-1.html

From here you can:

1. Click to advanced to the next page and continue with the next lab module
2. Open the TABLE OF CONTENTS to jump to any module or lesson in this lab manual
3. Click on the END button if you are done with the lab for now and want to exit

Module 5 - Managing Users and Roles (30 minutes)

Introduction

In this module we will take a deeper look at the part that users and roles play in vRealize Operations. We will look at the built-in role based access controls, and how you can create additional roles with extremely granular control. We look at how to grant access to objects within the environment, and will also review dashboard sharing between user groups and how to manage content that is orphaned when the owner of that content is removed from vRealize Operations.

Log into the vRealize Operations Live Instance as Local Admin

This lab environment is running two different instances of vRealize Operations. We have the different vRealize Operations instances for different use cases. The lab instances are:

• Live Instance: Connected to the small running vSphere environment in the lab. There isn't a large inventory of objects in this instance but it allows us to interact with a live system including vCenter.
• Historical View Mode (HVM) Instance: Running a time loop of data that was captured in the past. This instance has a much larger inventory of objects but, since it is not currently connected to a vCenter Server, we cannot perform any actions here.

In this lesson we will be using the live Instance of vRealize Operations, but we will need to login with the Local Admin account to modify the roles and permissions.

If you are already logged into the live (not historical) instance of vRealize Operations, please log out and follow the below instructions to log in as Local Admin.

Open the Chrome Browser from Windows Quick Launch Task Bar

If your browser isn't already open, launch Google Chrome

1. Click the Chrome icon on the Windows Quick Launch Task Bar

The browser Bookmarks Bar has links to the different instances of vRealize Operations that are running in the lab.

1. The Live instance of vRealize Operations has already been started for you.  

Log in to vRealize Operations

VMware Identity Manager should be pre-selected as the identity source. However,we will be changing that so we can login as a Local Admin.

1. Click the drop-down chevron to show the authentication options.
2. Select Local Users.
3. Fill in the Credentials:
   • UserName: admin
   • Password: VMware1!
4. Click LOG IN.

vRealize Operations Home Screen

You should be at the vRealize Operations Home screen and ready to start the module.

User and Group Access

To ensure security of the objects in your vRealize Operations Manager instance, as a system administrator you can manage all aspects of user access control. You create user accounts, assign each user to be a member of one or more user groups, and assign roles to each user or user group to set their privileges.

One of the more requested features of vRealize Operations Manager is how to create user specific content, for example a dashboard for leadership, where the user can see that content but no other information. This module will walk you through assigning content to a user, using the example of a user or group specific dashboard. We will create a user that has access to a single dashboard.

User Access Control

You can authenticate users in vRealize Operations Manager in several ways:

• Create local user accounts in vRealize Operations Manager.
• Use VMware vCenter Server users.
• Add an authentication source to authenticate imported users and user group information that resides on another machine.
  • Use LDAP to import users or user groups from an LDAP server.
  • Create a single sign-on source and import users and user groups from a single sign-on server.

Most customers use VMware Identity Manager - this is the preferred single sign-on (SSO) source for VMware solutions, and enables simple SSO configuration and management between the vRealize solutions.

VMware Identity Manager

VMware Identity Manager (vIDM) is a service that extends on-premises directory infrastructure to provide a seamless Single Sign-On (SSO) experience. It is supported for all vRealize solutions, as well as many other VMware and non-VMware products.

VMware Identity Manager does not replace Active Directory, it integrates with it. Microsoft Active Directory integration will be configured in VMware Identity Manager instead of in the individual products.

Why not go directly to AD? Active Directory is an identity provider. vIDM is an identity service, which can connect to multiple identity providers, including AD.

Authentication Sources

To configure or view authentication sources within vRealize Operations Manager:

1. Click on Administration, in the title bar.
2. Select Authentication Sources (under Access).
3. Highlight VMware Identity Manager in the list of configured Authentication Sources in the main pane.
4. Click on the 3 dots to show the actions menu.

Additional sources can be added here, but this lab has only one - a vIDM identity source.

Edit Authentication Source

1. Click Edit to bring up the edit dialog for this Authentication Source.

Configuration Options

Here you can see the configuration settings that have been set up for the vIDM identity source in the lab. Further configuration is done on the vIDM appliance itself, including the AD or LDAP sources and users, groups and application entitlements. Once you have reviewed the options, cancel out of this screen:

1. Click CANCEL.

Access Control

Once the identity source is added, users and groups from that source can be granted access to vRealize Operation Manager. You are logged into vRealize Operations as holuser@corp.local. Let's take a quick look at this configuration:

1. Select Access Control.
2. Note the holuser user.

holuser is an Active Directory (AD) user that has access to vRealize Operations Manager via the following configurations:

• There is an AD server for this lab environment.
  • The domain is corp.local
  • In the corp.local domain is a security group called vidm group
  • In the corp.local domain is a user called holuser - this user a member of the vidm group
• The corp.local domain was added as an Identity source in VMware Identity Manager (standalone virtual appliance).
• vIDM was configured as an identity provider in vRealize Operations.
• The AD vidm group and users were imported into vRealize Operations Manager, and permissions were configured.

Group-Based Security

vRealize Operations Manager provides user group-based security. With group-based security, you control the access privileges for each user group. You add users to user groups, and assign access privileges to user groups. For example, one user group might be able to view only dashboards and another user group might be able to configure objects. This simplifies privilege management significantly.

You must have privileges to access specific features in the vRealize Operations Manager user interface. The roles associated with your user account determine the features you can access and the actions you can perform. Roles are covered in the next lesson.

Lab Work

In this module we are going to create a user with access to a single dashboard and no other area in the tool. Let's pretend we have a summer intern, who's role it will be to check the Operations Overview dashboard each day to check the number of running VMs in the environment.

The steps for this lesson will be:

1. Create a new local user group.
2. Create a new local user (the intern).

Add the Interns Group

Now we will create a User Group. Again, for simplicity sake, we will create a local group. This could have been done in in Active Directory and then imported into vRealize Operations.

1. Select the User Groups tab in the main pane.
2. Click ADD to add a new Group.

Group Details

Create the new user with the following properties:

1. Group Details:
   • Group Name: interns
   • Description: You can leave blank or you can type a description for the group
2. Click NEXT.

Group Members

From the Members tab, we could select local or directory-based users. However, we have not yet created our new intern user so we will skip this for now.

1. Click the Objects tab to assign a role and objects to this group.

Group Objects Tab

The objects tab is where we assign roles and objects to the group. There are a number of pre-defined roles in vRealize Operations. You can edit, clone or delete these roles or you can create new roles from scratch. For now we will use the pre-defined ReadOnly role for this group.

1. Click the drop-down for Select Role.
2. Click to select the ReadOnly role.

Assign the Role to the User Group

1. Check the box to assign the selected ReadOnly role to the group.

Explore Object Assignment

This is where you can assign permissions for this user group to have access to objects in vRealize Operations.

Notice in the left pane you will see all of the different hierarchies that are defined within vRealize Operations. If the environment had additional management packs installed (such as the Dell EMC storage management pack or the Blue Medora management pack for Microsoft SQL) you would see hierarchies for the objects that were discovered and imported into vRealize Operations from those management packs.

1. Scroll down to the bottom of this object list.
2. Click the vSphere Hosts and Clusters hierarchy.
3. Use the > icons to expand out this hierarchy a bit. Notice that you can select any object or objects that you want to allow this user group to have access to in vRealize Operations.
4. In this case, we are going to let this group have access to all objects in the system so Click the box to Allow access to all objects in the system.
5. Click FINISH to complete the user group creation.

Note that if you are using vCenter as the authentication source for your vRealize Operations users, the object-level permissions set in vCenter for those users will override any object-level permissions set here for the vSphere hierarchies.

Verify the Group Creation

Here you can see that there is now an "interns" group. It has no members. It is a Local group. It has access to all objects in the inventory.

Add the intern1 User

Now that we have a user group defined, let's add the user. Note that you could have defined the user first and assigned the user to a group at the time of group creation. In this case we have already created the group so we will assign this user to that group as part of the user creation process.

1. Click the User Accounts tab.
2. Click ADD to add a new user.

User Details

Create the new user with the following properties:

1. User Details:
   • User Name: intern1
   • Password: VMware1!
   • First Name: Summer
   • Last Name: Intern
   • Email Address: intern@acme.com
   • Description: Summer intern working on rightsizing project
   • Do not disable or require password at next login
2. Click NEXT.

Assign the User to a Group

Since we have already created a user group for this user, we just need to make the group assignment here.

Note that we could directly assign a role and object-level access on the Objects tab of this wizard but you will typically want to do that a a group level and then just assign the user to a group like we are doing here.

1. Check the box in front of the interns group.
2. Click FINISH.

What you don't see here is that the user (and all users) is also assigned to a local group called "Everyone". That is important from a dashboard sharing perspective as we will see later.

User Warning

Because you didn't assign any object permissions directly to this user, you will get a warning message about that. However, since you added them to the group that we created earlier, the user will inherit the role and object permissions from that group so you can ignore this warning.

1. Proceed anyway by clicking YES.

User Details

1. Click to select the new intern1 user.
2. Note that the user is a member of two groups - the interns group that you created and the built-in Everyone group.
3. If you want, you can click the Permissions tab to see which role and objects the user is associated with.

Verify The Permissions

An incognito window in the Chrome browser allows us to create a new session that does not have any browser session cookies from the existing login. We want to test logging in as the new user without having to log out of our main session.

1. In the top-right corner of the Chrome browser, click the 3-dot icon.
2. Click New incognito window.

Log In as "intern1"

In the new private browser window, log in as the user we just created.

1. Click the vRealize Operations Manager bookmark.
2. For the user name type intern1
3. For the password type VMware1!
4. Click LOG IN.

Explore the User Permissions

The new user is able to log in with read-only access. You will find that the user can't create or edit content or do many of the things on the Administration page. Feel free to explore the UI and see what this user can and cannot do. We will look at further restricting this user's access in a little while.

When you are ready to proceed,

1. Click the X in the browser tab to close the incognito session.

Lesson Conclusion

In this lesson we touched on the different authentication sources that are supported in vRealize Operations Manager. We also created a new user group and a new user then added the user to the group.

In the next lesson, to illustrate the power of role based access in vRealize Operations Manager, we will look at modifying some of the permissions for this group and user. We will also look at dashboard management, and how to share dashboards with users.

Roles and Privileges

You must have privileges to access specific features in the vRealize Operations user interface. The roles associated with your user account determines the features you can access and the actions you can perform.

vRealize Operations provides several predefined roles to assign privileges to users. You can also create your own roles.

Each predefined role includes a set of privileges for users to perform create, read, update, or delete actions on components such as dashboards, reports, administration, capacity, policies, problems, symptoms, alerts, user account management, and adapters.

When we created the interns user group, we chose the pre-defined ReadOnly role. Here we will explore roles a bit more.

Predefined Roles

There are several pre-defined roles in vRealize Operations. In addition, you can create your own roles. Roles are an efficient way to configure a standard set of privileges to a user or group of users.

Predefined Roles:

• Super user administrator
• Administrator
• ReadOnly
• PowerUser
• PowerUserMinusRemediation
• ContentAdmin
• GeneralUser-1 through GeneralUser-4

For more detailed information on these roles and the privileges assigned to them, refer to the documentation for vRealize Operations.

Access Control

To configure or view User Accounts and Roles within vRealize Operations:

1. Click on Administration, in the title bar.
2. Select Access Control (under Access).

Explore Permissions

We will use one of the pre-defined roles to explore how permissions are managed in vRealize Operations.

1. Select the Roles tab.
2. Click the ContentAdmin role.
3. Note that there are no user accounts that have been assigned to this role, either directly or through user group membership.
4. Note that there are no user groups that have been assigned to this role.
5. This is where the permissions for the role are managed. In this case we can see that the role includes all of the permissions for Dashboards (check mark) but only some of the permissions for the other categories (dash).

View the ReadOnly Role

Now let's look at the ReadOnly role:

1. Highlight the ReadOnly role in the list (you might have to scroll down).
2. We can see the intern1 user that we just created in the previous lesson.
3. We can see that the interns user groups is assigned to this role.
4. Note that this ReadOnly role has some permissions in each of the permission categories.
5. Click the EDIT icon to explore the assigned permissions.

View the ReadOnly Role Permissions

In the Assign Permissions To Role window,

1. Click to Expand All permissions.
2. Use the scroll bar to scroll through all of the possible permissions.
3. Click CANCEL since we don't want to modify these default ReadOnly permissions.

Lab Work

In the last lesson, User Access and Privileges, we created the user group interns and assigned it the ReadOnly role, added the user intern1 and added the user to the group. Now we are going to create a new role that only has permissions to view dashboards within vRealize Operations and then change the interns user group to have this new role.

Create A New Role

First we create a role and assign permissions to it. Make sure you are still on the Roles tab in Access control.

1. Click on ADD to add a role.

Configure Role

1. Name: InternRole.
2. Description: Role with access to dashboards only.
3. Click OK.

Edit The New Role

Your new role should be visible in the list of roles now. To see the Users, Groups and Permissions assigned to a role, highlight the role. The information in the bottom pane "Details for Role" will change to the context of the the highlighted role. Let's assign permissions to your new role.

1. Highlight the InternRole from the list of configured roles.
2. Click on the EDIT icon to edit the role's permissions. There will be no permissions assigned to the role initially.

Login Interactively

First, we must configure this role to be able to log into vRealize Operations Manager interactively. This permission is under Administration >  Login Interactively.

1. Expand Administration.
2. Check the box for Login Interactively.
3. Click Collapse All. Do you see the line by "Administration" to indicate one or more sub-permissions are checked?

Stay in this pane for the next step.

View Dashboards

Now, we must configure this role to be able to see dashboards. This permissions is under Dashboard > Dashboard Management > View Dashboards List.

1. Expand Dashboards.
2. Expand Dashboard Management.
3. Check the box for View Dashboards List (you may need to scroll down to see it).
4. Click Collapse All.

Stay in this pane for the next step.

Render

Next, we must allow this role to render views, or the user will not be able to see widgets in the dashboards. This permission is under Dashboards > Views Management > Render.

1. Expand Dashboards.
2. Expand Views Management .
3. Check the box for Render.
4. Check the box for View Dashboards Page.
5. Click Collapse All.

Stay in this pane for the next step.

Environment

Finally, we must allow this role to have access to the environment, in this case we only want the interns to have access to the vCenter Adapter Inventory Tree. This permission is under Environment > Inventory Trees > vCenter Adapter.

1. Expand Environment.
2. Expand Inventory Trees.
3. Check the box for vCenter Adapter (you may need to scroll down to see it).
4. Click UPDATE.

Review Updates to Role Permissions

1. Verify that there are now permissions assigned to the role.

Overview of Updates

It may seem like there were a lot of steps here, but in reality we assigned only 5 permissions:

Login Interactively:

• Administration > Login Interactively

View Dashboards:

• Dashboards > Dashboard Management > View Dashboards List
• Dashboards > Views Management > Render
• Dashboards > View Dashboards Page

Search inventory tree:

• Environment > Inventory trees > vCenter Adapter

Assign Role to Group

We are now going to assign the new role to the group that we created earlier.

1. Return to the User Groups tab.
2. Highlight the interns group.
3. Click on the 3 dots on the interns line to open the actions menu.
4. Click Edit.

Group Information

Verify that you are editing the correct group. We are not going to make any changes to the user information, so we can click Next to move to Assign Members and Permissions:

1. Click NEXT.

Edit Groups

We are not going to make any changes to the Members of this group, but you can verify that intern1 is checked. Select the Objects tab to assign the new role:

1. Click Objects.

Remove the ReadOnly Role

Groups and users can be assigned to multiple roles. When that happens, the effective permissions will be the union of all selected role permission. In this case, we don't want the group to keep the permissions from the ReadOnly role, we only want it to have the permissions from our new InternRole.

1. Click to uncheck the ReadOnly role assignment.
2. Click the Select Roll dropdown.

Assign The Intern Role

Now it all comes together! On the Objects tab, we are going to assign the role (the what) and objects (the where) to the user:

1. Select the InternRole from the dropdown.
2. Check the box Assign this role to the group.
3. Click the vSphere Hosts and Clusters hierarchy (you will need to scroll to the bottom of the Object Hierarchy list to see it).
4. Check the box for vSphere World (the root of the hierarchy).
5. Check the box to propagate the selection to descendant objects in the hierarchy.
6. Click FINISH.

Verify Permissions

While still on the User Groups tab, select the interns user and verify that the Intern Role was applied and that the group now has permissions to objects:

1. Verify you are on the User Groups tab.
2. Highlight the interns group.
3. Select the Permissions tab from the Details pane.
4. Verify that the interns group now has Permissions associated, inherited from the InternRole.

Verify The Permissions

An incognito window in the Chrome browser allows us to create a new session that does not have any browser session cookies from the existing login. We want to test logging in as the new user without having to log out of our main session.

1. In the top-right corner of the Chrome browser, click the 3-dot icon.
2. Click New incognito window.

Log In as "intern1"

In the new private browser window, log in as the user we just created.

1. Click the vRealize Operations Manager bookmark.
2. For the user name type intern1
3. For the password type VMware1!
4. Click LOG IN.

Dashboard only access

If we configured the role correctly, the intern1 user should only see dashboards.

1. Note that now the intern1 user can only see the Dashboard main menu.
2. Click Dashboards.
3. Hover your mouse over the Operations category.
4. Click Operations Overview to verify that the user can view dashboards related to vSphere Hosts and Clusters objects.

Close the Incognito Session

When you are ready to proceed,

1. Click the X in the browser tab to close the incognito session.

Lesson Conclusion

In this lesson we discovered how granular we can get with the vRealize Operations permissions, using roles to determine which content and objects a user can access.

In the next lesson we will look at dashboard sharing, and how it can be used to target specific content to user groups.

Ensuring That Users In A Group Only See Specific Dashboards

In vRealize Operations you can share a dashboard with one or more user groups. When you share a dashboard, it becomes available to all of the users in that group. This is very useful when creating custom content for specific groups. 

Most out-of-the-box dashboards are shared to the Everyone user group so all users see them when they log in to vRealize Operations. A very common use case, however, is that a vRealize Operations administrator will want some users to only see some dashboards but not others. Maybe they want to share high-level operational dashboards with the management team but not allow that team to see the detailed infrastructure troubleshooting dashboards. Another scenario might be to share application-specific dashboards with a line of business team but not give that team visibility to the infrastructure or to dashboards for other lines of business.

To share dashboards with all users, they should be shared to the Everyone group. To restrict access to dashboards, they should not be shared to the Everyone group. Out of the box, vRealize Operations has dozens of dashboards that are shared with the Everyone group so the first step if you decide to have some logged in users not see all dashboards is to first unshare all dashboards from the Everyone group. You will then need to selectively share various dashboards with different user groups. This is the process we will follow in this lesson.

Note: Some content packs will share their dashboards to the Everyone group on install. If you do decide to limit content to certain users, you will need to keep track of what you expect to be shared and to whom, and verify those sharing settings after adding additional content or upgrading vRealize Operations. 

Sharing Dashboards Without Requiring User Login

Before going down the path of configuring dashboard sharing, it is worth noting that in vRealize Operations versions 7 and later, you can share dashboards via direct link without requiring users to have an account or log into vRealize Operations. This makes for an easy way to give access to dashboards either via a URL or an iframe for embedding in a web page outside of vRealize Operations.

Let's take a quick look at how you can do that.

1. Click Dashboards in the main navigation bar.
2. Click on Getting Started.
3. Click the Operations tile.
4. Click the OPERATIONS OVERVIEW button to open that dashboard.

Dashboard Sharing

In the upper-right corner of the dashboard,

1. Click the share icon.

Share Dashboard Dialog

From this Share Dashboard pop-up you can:

• Generate a URL with or without an expiration date, copy it to your computer's clipboard and unshare or invalidate existing URLs.
• Have vRealize Operations directly email a link to someone.
• Generate iframe code that can be used within a web page outside of the vRealize Operations UI such as a team intranet site.
• Share the dashboard with one or more vRealize Operations user groups (we will return to this later).
• Export the dashboard configuration as a .zip file so that it can be imported into another vRealize Operations instance.

For now we are not going to use this feature but it's worth knowing about to provide options other than having users log into vRealize Operations to see dashboards.

1. Click the X to close this window.

Lab Work

Before unsharing all of the dashboards from the Everyone group, you will first want to make sure that those dashboards are shared with your infrastructure team. Typically this would be an already-imported AD group but for simplicity, we are going to use the local user group called HOL Admin Group. Our holuser@corp.local and holadmin@corp.local users are members of this group already.

We are going to use our already logged in local admin user and assign all relevant dashboards to our HOL Admin Group and then remove all dashboards from the Everyone group. Finally, we will share a dashboard with the interns group and then verify that when the intern1 user logs in they will only see the dashboard that has been shared with their group.

Manage Dashboards

Select the Dashboards tab and then select the Actions dropdown, and the Manage Dashboards menu item:

1. Select Dashboards.
2. Click the ACTIONS down chevron to open the options.
3. Select Manage Dashboards.

Share Dashboards Menu

1. From the Manage Dashboards content pane, click on the 3 dots to open the action menu.
2. Select Dashboard Sharing.

Share Dashboards with the HOL Admin Group

As mentioned above, if you just unshare all of the dashboards from the Everyone group, then nobody will see any dashboards when they log in. So you will first want to share the dashboards at least with your own team (HOL Admin Group in this case).

1. Click the Everyone group to list all of the dashboards that are currently shared with that group.
2. Click the first dashboard in the page to select it.
3. Holding down the Shift key on the keyboard, click the last dashboard on the page to select it and all dashboards between the two.
4. Click on the highlighted list of dashboards and while holding down the mouse button, drag the list to the HOL Admin Group.

You should now have about the first 10 dashboards shared with the HOL Admin Group. Note that you can select more than 10 dashboards and attempt to share them but there is a limitation in the UI that won't let you share too many dashboards at a time this way. For the purposes of this exercise, you can just share that first group of dashboards with the HOL Admin Group. In a real-world environment you would want to scroll down and repeat the process of selecting about 10 dashboards at a time and dragging them to the group you want to share with until you have shared all of them.

Unshare from Everyone Group

Now that you have shared some (or all) of those dashboards with your infrastructure team's group, it's time to unshare all of them from the Everyone group.

1. Note that the HOL Admin Group now has 10 (or however many you did) shared dashboards.
2. Be sure the Everyone group is still selected/highlighted. If not, click it again.
3. Click again on the first (or any) dashboard in the list then select all dashboards in the list either by using the Ctrl-A keyboard combination or by scrolling to the bottom of the list and clicking the last dashboard in the list while holding down the Shift key.
4. Click the Unshare button.

Verify That Everyone Group Has No Dashboards

Verify your work.

1. Verify that the Everyone group has 0 dashboards assigned - note the small red triangle in the corner by the zero - this means that the changes have not yet been saved.
2. Verify that the HOL Admin Group has some dashboards assigned.
3. If you want to de-select the group name to see all available dashboards you can do that by clicking the icon.
4. Click SAVE to save your changes.

Note that we could have used this same Share Dashboards dialog box to share the individual dashboard(s) with our interns group but unless you are sharing multiple dashboards at the same time, it is much easier to do that sharing from the dashboards themselves.

Share a Dashboard With the Interns Group

Let's find a dashboard to share.

1. Click Dashboards to return to the main dashboards page.
2. Click Getting Started.
3. Click the Operations tile.
4. Click OPERATIONS OVERVIEW to open that dashboard.

Share

1. Click the share icon in the top-right corner of the dashboard.

Share With Groups

As we saw earlier, the first three options here allow you to share the dashboard with people without requiring them to log in to the vRealize Operations UI. In this case we want to share the dashboard with a user group in vRealize Operations so when an associated users logs in, the dashboard will be visible to them.

1. Click the GROUPS tile.
2. From the drop-down, click the interns group.
3. Click INCLUDE.

Verify the Sharing Configuration

1. Verify that the interns group has been allowed access.
2. Click the X to close the sharing box.

Test It Out

Log out as the admin user so we can test shared dashboards:

1. Click the 3 dots in the top right corner of Chrome.
2. Click New incognito window.

Log in as intern1

Log into vRealize Operations as intern1:

1. Click the vRealize Operations Manager link in the bookmark bar.
2. Enter the credentials for intern1:
   • User Name: intern1
   • Password: VMware1!
3. Click on LOG IN.

Validate intern1 User Dashboard

Now when the intern1 user logs in, they only see the one dashboard that has been shared with them.

1. Select DASHBOARDS.
2. Hover your cursor over Operations and it will show the Operations Overview Dashboard. Note that there are no other dashboards available to this user.

Close incognito Browser Window

Log out as the intern1 user:

1. Click the x in the Chrome incognito tab to close this window.

Conclusion

In this lesson we touched on dashboard sharing - how to share or unshare dashboards to a user group. Most customers use the sharing feature to share new, custom created content with groups of users. We are also starting to see more administrators using the feature to restrict content to users.

Recovering Orphaned Content When A User is Removed

Dashboards and report schedules that are created by a user are owned by that user object in vRealize Operations. If a user leaves the organization or is otherwise removed from vRealize Operations that content becomes orphaned and can't be managed until it is assigned a new owner.

Orphaned content can only be managed by the local admin user.

Log in as local admin user

If you are already logged in as the local admin, you can skip this step.

1. Verify the Local Users authentication source is selected.
2. Enter the credentials for the local admin account:
   • User name: admin
   • Password: VMware1!
3. Click on LOG IN.

Orphaned Content Page

Let's view the orphaned content page.

1. On the Administration page,
2. Expand the Management section by clicking the chevron.
3. Click Orphaned Content.
4. Note that there is currently no orphaned content in this environment.

Delete A User

Let's delete a user. The user Jason has left the company. As the vRealize Operations administrator you want to delete his account.

1. Expand the Access section.
2. Click Access Control.
3. Click the jason user to select it.
4. Click the 3 dots to open the user action menu.
5. Click Delete to delete the user jason.

Confirm the Deletion

Confirm the user deletion by,

1. Click YES.

View the Orphaned Content

1. Return to Orphaned Content and we now see our deleted user jason in the list.
2. Click on the deleted user jason.
3. Click on the dashboard VM KPIs. This was a dashboard that was created and owned by jason.
4. Click Actions above the dashboard name and let's reassign that dashboard to another user.

Assign ownership

Let's assign Jason's dashboard ownership to our intern1 user.

1. Click Assign ownership.

Note that you can also take ownership of the dashboard as the admin user or you can discard (delete) the dashboard.

Transfer Dashboard Ownership

To assign ownership to the intern1 user:

1. Click the New Owner drop-down and select intern1 (Local User) from the list of users.
2. Click SAVE CHANGES.

Confirm Change of Ownership

1. Confirm the transfer by clicking YES.

View Report Schedules

The jason user’s dashboard no longer shows up as orphaned content and that dashboard has been reassigned to the user intern1. However, Jason also had scheduled a report to be run monthly.

1. Click Report Schedules.
2. Click Actions.

Delete the Report Schedule

Let's assume that we don't need to keep any of jason's report schedules.

1. Go ahead and click Discard to delete the report schedule.

Confirm Deletion

1. Click YES to confirm the deletion.

Lesson Conclusion

You just went through the process of deleting a user in vRealize Operations. Since that user owned some content when the account was deleted (a dashboard and a report schedule), the content was "orphaned". You learned how to manage that orphaned content.

Auditing Users and the Environment

At times you might need to provide documentation as evidence of the sequence of activities that took place in your vRealize Operations Manager environment. Auditing allows you to view the users, objects, and information that is collected. To meet audit requirements, such as for business critical applications that contain sensitive data that must be protected, you can generate reports on the activities of your users, the privileges assigned to users to access objects, and the counts of objects and applications in your environment. 

Auditing reports provide traceability of the objects and users in your environment.

Audit Reports

There are 4 preconfigured audit reports in vRealize Operations Manager to provide documentation to support traceability of objects and users in your environment:

1. System Audit
2. Users Permissions Audit
3. User Activity Audit
4. System Component Audit

They can all be found under Administration > History > Audit. We are going to look at each of these reports in this lesson.

User Activity Audit

The User Activity Audit report shows user related logging activity such as login, actions run, changes made and log out.

1. Click Administration
2. Select History > Audit from the navigation pane.
3. Select the User Activity Audit tab.

Report Options

The options available from the options bar (from left to right) are:

• Download - download report to PDF or XLS
• Configure -  Output log to external syslog server
• Data range - Configure the start and end dates for the report
• Starting Line - Start the report at the specified line
• Number of Lines - Truncate the report to the specified number of lines

Filter

You can filter the log entries by various fields, including User ID, User Name, Auth Source, Session, Category and Message. The filter is in the top right of the window.

User Permissions Audit

The User Permissions Audit report shows permissions assigned to a user.  

1. Select the User Permissions Audit tab

The only option for this report is to download it, to PDF or XLS format.

The report will show the following information about a user:

• Username
• Role
• Access Group(s)
• Access Right(s)

Scroll down to see the bottom of the report to see the user the we created in the last lesson, intern1. Do the permissions look correct?

System Audit

The System Audit report shows object types, metrics, super metrics, applications and custom groups in your environment, including counts of each. This report can help you to understand the scale of your environment.

1. Select the System Audit tab

The only option for this report is to download it, to PDF or XLS format.

System Component Audit

The System Component Audit report shows every component installed in the system, including version information.

1. Select the System Component Audit tab

The only option for this report is to download it in plain text format.

Lesson Conclusion

Is this lesson we looked at the different audit reports included with vRealize Operations Manager, and looked at them in the context of our new user. These reports provide an easy way to provide documentation of activities that have taken place in your environment and user permission levels. Auditing reports provide traceability of the objects and users in your environment.

Conclusion

In this module we walked through the Users and Roles in vRealize Operations. Access Control is an important part of a robust operational environment, and you should now be comfortable using users, groups, roles and object permissions to make sure users only have access to the content and objects needed.

We then looked at dashboard sharing- how to control which users see which dashboards.

We saw how you can manage content that is orphaned when the owner of the content is removed from vRealize Operations.

Finally, we reviewed how to audit user actions and configured permissions as well as some system configurations.

You've finished module 5

Congratulations on completing the lab module.

If you are looking for additional general information on vRealize Operations 8.1, try one of these:

• VMware Product Public Page - vRealize Operations:  https://www.vmware.com/products/vrealize-operations.html
• vRealize Operations 8.1 - Release Notes:   https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/rn/vRealize-Operations-Manager-81.html
• vRealize Operations 8.1 - Documentation:  https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/com.vmware.vcom.core.doc/GUID-7E6B5805-3D2F-41C4-ADFF-B7248386E7AC.html
• VMware Cloud Management Blog - What's New in vRealize Operations 8.1:  https://blogs.vmware.com/management/2020/03/whats-new-in-vrealize-operations-8-1.html

From here you can:

1. Click to advanced to the next page and continue with the next lab module
2. Open the TABLE OF CONTENTS to jump to any module or lesson in this lab manual
3. Click on the END button if you are done with the lab for now and want to exit

Module 6 - Managing vRealize Operations with PowerCLI (30 minutes)

Introduction

VMware PowerCLI contains modules of cmdlets based on Microsoft PowerShell for automating vSphere, VMware Site Recovery Manager, vSphere Automation SDK, vRealize Automation, vRealize Operations, and VMware Horizon administration. VMware PowerCLI provides a PowerShell interface to the VMware product APIs.

• PowerCLI is based on Microsoft PowerShell and uses the PowerShell basic syntax and concepts.
• PowerCLI cmdlets are created to automate VMware environments administration and to introduce some specific features in addition to the PowerShell concepts.

The module contains the following lessons:

• Lesson 1: Basic Windows PowerShell usage and VMware PowerCLI for vRealize Operations cmdlets
• Lesson 2: Connecting to vRealize Operations with VMware PowerCLI
• Lesson 3: Using VMware PowerCLI to work with vRealize Operations Alerts
• Lesson 4: Using VMware PowerCLI to work with vRealize Operations Statistics
• Lesson 5: Using VMware PowerCLI to work with vRealize Operations Recommendations
• Lesson 6: Conclusion

Microsoft PowerShell Basics:

PowerCLI is based on Microsoft PowerShell and uses the PowerShell basic syntax and concepts.

Microsoft PowerShell is both a command-line and scripting environment, designed for Windows. It uses the .NET object model and provides administrators with system administration and automation capabilities. To work with PowerShell, you run commands, named cmdlets.

• PowerShell Command-Line Syntax - PowerShell cmdlets use a consistent verb-noun structure, where the verb represents the action and the noun represents the object to operate on.
• PowerShell Pipelines - A pipeline is a series of commands separated by the pipe operator |.
• PowerShell Wildcards - PowerShell has a number of pattern-matching operators named wildcards that you can use to substitute one or more characters in a string, or substitute the complete string.
• PowerShell Common Parameters - The Windows PowerShell engine retains a set of parameter names, referred to as common parameters. All PowerShell cmdlets, including the PowerCLI cmdlets, support them.

PowerCLI Concepts:

PowerCLI cmdlets are created to automate VMware environments administration and to introduce some specific features in addition to the PowerShell concepts.

• PowerCLI Modules - VMware PowerCLI 12.0 consists of multiple modules that you can install and use according to your needs and environments.
• Interoperability Between the PowerCLI and vCloud Director PowerCLI Modules - With the RelatedObject parameter of PowerCLI cmdlets, you can retrieve vSphere inventory objects from cloud resources. This interoperability between the PowerCLI and vCloud Director PowerCLI modules expands cloud administration, automation, reporting, and troubleshooting options for provider administrators.
• Selecting Objects in PowerCLI - In PowerCLI, you can pass strings and wildcards to all parameters that take inventory objects, datastores, OSCustomizationSpec objects, and VIServer objects as arguments. This PowerCLI approach is named Object-by-Name (OBN) selection.
• Providing Login Credentials - When you provide login credentials in the command prompt or in a script, a PowerShell limitation might prevent PowerCLI from processing non-alphanumeric characters correctly. To prevent login problems, escape the non-alphanumeric characters in your credentials.
• Running PowerCLI Cmdlets Asynchronously - By default, PowerCLI cmdlets return an output only after completion of the requested tasks. If you want a cmdlet to return to the command line immediately, without waiting for the tasks to complete, you can use the RunAsync parameter.
• Managing Default Server Connections - By default, PowerCLI and PowerCLI cmdlets run on the vCenter Server systems or vCloud Director servers you are connected to, if no target servers can be determined from the provided parameters.
• Customization Specification Objects in PowerCLI - PowerCLI provides two types of objects for customization specification: persistent and non-persistent.
• Using ESXCLI with PowerCLI - PowerCLI provides you the capability to use ESXCLI through its console.
• PowerCLI Inventory Provider - The Inventory Provider is designed to expose an unfiltered inventory view of the inventory items from a server.
• PowerCLI Datastore Provider - The Datastore Provider is designed to provide access to the contents of one or more datastores.
• PowerCLI About Articles - You can learn more about some PowerCLI concepts and features from the built-in help articles named about articles. You can access them through a running PowerCLI process.
• PowerShell ISE - The PowerShell Integrated Scripting Environment (ISE) is a host application for Windows PowerShell. The ISE provides a Windows-based GUI for PowerShell script development. Primary ISE features include multiline editing, selective execution, and storing functions/variables.

Launching VMware Modules:

Before executing commands in a script or interacting at the PowerShell command prompt, we must load the VMware modules. The new preferred method to import these modules is to simply execute a 'Connect-..' command. By connecting to a VMware Infrastructure (VI) server, PowerShell now understands to automatically import the relevant PowerCLI modules for that VI provider.

Optional Areas to Execute Commands:

When executing PowerCLI commands, the user has a number of options of where they might want to execute the command(s) to affect the environment. The user may opt to execute a single command in an ad-hoc PowerShell window, use the ISE to execute commands so that variables may be stored, or they may choose to execute commands in an automated approach using scripts. Before scripts can be automated, it's important to first test and validate all commands in your environment to ensure proper compatibility and functionality. In this module we will help you through various steps of testing PowerCLI commands in both the native PowerShell window and with the ISE. We will only use the ISE when we expect to store a value in a variable that we plan to use in a subsequent command.

Basic Windows PowerShell usage and VMware PowerCLI for vRealize Operations cmdlets

In this lesson you will learn:

• The basics of Windows PowerShell and VMware PowerCLI
• How to start the Windows PowerShell command prompt and Windows PowerShell ISE and get basic version information
• How to use Windows PowerShell ISE interface
• How to execute VMware PowerCLI cmdlets and get help on using them
• What can be done with the VMware PowerCLI module for vRealize Operations

Starting Windows PowerShell and checking VMware PowerCLI version information

In vSphere 6.7 you can install PowerCLI by running a Windows PowerShell command. You can install all official modules with a single command, or install modules individually.

The PowerCLI modules are available on the PowerShell Gallery website. When you run Install-Module from the Windows PowerShell prompt, the command downloads and installs the specified module. For a list of available PowerCLI modules, see the PowerShell Gallery website.

There is no need to follow this procedure since it was already done in the lab for you.

1. Click on the Windows PowerShell icon on your desktop taskbar.

Getting help on using VMware PowerCLI cmdlets

It is possible to get help on how to use any cmdlet and their respective parameters in Windows PowerShell using a cmdlet called "Get-Help". Since our focus is on VMware PowerCLI let's do this using the cmdlet "Get-VM" as parameter.

1. Type Get-Help Get-VM and hit enter.

Check PowerCLI Versions

1. Type get-module to check what modules are loaded and their respective versions.

What can be done with the VMware PowerCLI module for vRealize Operations

VMware PowerCLI includes a module for interacting with vRealize Operations. Let's see what are the available cmdlets to manage a vRealize Operations environment.

Checking the available cmdlets in the vRealize Operations module

1. Type Get-Command -Module VMware.VimAutomation.vROps and hit enter.
2. The command returns a list of all the available cmdlets within the module.

You can see that there is a function called "Get-vROpsCommand" in the listed cmdlets. That function has the same effect as the previous command and simplifies the listing of available vRealize Operations cmdlets so you can use it at anytime without having to write the whole syntax over and over.

Listing the available cmdlets

The VMware PowerCLI snap-ins provide more than 500 cmdlets for managing vSphere, SRM, vRA, and vROps. You can view the available PowerCLI cmdlets by typing "Get-VICommand". This will list all PowerCLI commands. As the list is quite large, you may want to narrow it down to something more specific, for example to list the commands related to VMs:

1. Type Get-VICommand *VM and hit enter.
2. As a result, you will see all the cmdlets containing the word "VM"

Please note, all of the Windows PowerShell Commands and Parameters can be auto-completed with the TAB key. Just start typing the first letters of the command and/or parameter and press the TAB key for auto-completion.  Also note, when there is more than one possible command you can press TAB again and cycle through the available commands.

Executing Windows PowerShell command prompt or the ISE

Up to this point you have been using the basic PowerShell command prompt.  There is also the PowerShell ISE Script Pane. The advantage of using the ISE Script Pane is the ability to store variables and run multiple commands, this is an important capability when testing and validating a script for automation purposes. When using the ISE, a script can be executed by pressing the F5 key or by clicking on "Run Script (F5)" icon.

1. Right-click the PowerShell Task to bring up the menu.
2. Click Windows PowerShell ISE to start a ISE session.

Using Windows PowerShell ISE

Once the Windows PowerShell ISE is launched you will see two panes by default, the Script Pane on the top and the Command Pane on the bottom. You can choose whether to show the Command Add-on window or not.

1. The Script Pane is for viewing/editing script files in the text form;
2. The Command Pane which is the actual Windows PowerShell command prompt is for running individual cmdlets and displaying their output;
3. Click on the Show Command Add-on icon to display it;
4. In the Command Add-on window you can search for a specific module, their commands and their respective parameters.

You can change how the panes are displayed in the Windows PowerShell ISE interface. You can resize the panes as well as hide the Command Add-on window to make the interface look a bit cleaner. Feel free to customize it as much as you want until you are comfortable with it.

Connecting to vRealize Operations with VMware PowerCLI

In this lesson you will learn how to connect to a vRealize Operations server using VMware PowerCLI.

You will be using a vRealize Operations server with a database containing historical data on it, also known as vROps "HVM" mode.

Connect to vRealize Operations server

You might want to increase the size of the PowerShell ISE by dragging the corners of the window or click the maximize button in the upper left hand corner of the ISE window.

1. Start typing connect-o. As you type you get a list of options based on what has been typed.
   •  If you press the Enter key with the Connect-OMServer choice highlighted that is the beginning of our command we want. The entire string is on the next page if you want to cut and paste the command.

Connect-OMServer Command

1. Type Connect-OMServer -Server 192.168.110.71 -User admin -Password VMware1! to connect to the historical instance of vRealize Operations.
2. The result of the command returns the name and user of the instance as shown in the image.

Using VMware PowerCLI to work with vRealize Operation Alerts

In this lesson you will learn:

• How to list the active critical alerts that are impacting Health
• How to list the existing alert types and subtypes
• How to list the available alert definitions for a specific type and subtype
• How to show detailed information about a specific alert definition
• How to show alert definitions from a specific resource kind
• Finding Snapshots and taking action on the snapshot.

Listing active critical alerts impacting health

1. Type Get-OMAlert -Status Active -Criticality Critical -Impact Health and hit enter. NOTE, it will take a few seconds to populate the full list after hitting Enter.
2. The results is a list of active critical alerts occurring in the system.  

Listing existing alert types and subtypes

If you take a detailed look on the previous command result you will see that there are columns for Type and Subtype which can be used as input parameters for the Get-OMAlert cmdlet (when developing a script), there are also cmdlets provided for those specific parameters (Get-OMAlertType and Get-OMAlertSubtype).  Using these cmdlets without input parameters returns a list of all valid types and subtypes on the server.

1. Type Get-OMAlertType and press enter.
2. The output shows the list of alert types.  Also shown in the output, you can see in the column "Name" that there are five types: Application Alerts, Virtualization/Hypervisor Alerts, Hardware (OSI) Alerts, Storage Alerts and Network Alerts.

List the available subtypes of a specific alert type

There are subtypes of alerts for the type Virtualization/Hypervisor Alerts.  Let's get that list.

1. Type Get-OMAlertSubType -AlertType 'Virtualization/Hypervisor Alerts' and hit enter.
2. From the list of alert subtypes in the output you can see in the column "Name" that there are also five subtypes: Availability, Performance, Capacity, Compliance and Configuration.

Connect to vRealize Operations Live

For the remaining of this lesson you will work with the Live Instance of vRealize Operations.  Let's connect to that server.

1. Type Connect-OMServer -Server vr-operations -User admin -Password VMware1!

Searching for a specific VM to use as parameter for the alert variable

Let's do a search on active alerts that contain snapshot in the name.  This is a quick method to find all the old snapshots so we can then decide if we need to delete them.

1. In the Command pane type Get-OMAlert -Status Active -Criticality Warning -Name *snapshot* -Resource *moad* to get the snapshot list for all vm's with 'moad' in their name.
2. From the listed alerts in the Command Pane we see there are 2 virtual machines with old snapshots.  We will focus on the Moad-Web for our example of finding out how to identify and then remove the snapshot(s).

Snapshot Details

1. In the Command pane type:

Get-OMAlert -Status Active -Criticality Warning -Name *snapshot* -Resource Moad-Web | Format-List 

Notice we have all the details on the Alert.  The next step is to connect to vCenter and then review the Snapshot information.

Connect to vCenter

1. To connect to vCenter type in the Command pane:

Connect-VIServer -Server vcsa-01a -User administrator@corp.local -Password VMware1!

Get Snapshot Information on moad-web

1. In the Command pane type: Get-Snapshot -VM moad-web 
2. Notice there are actually 2 snapshots here.  Let's get more details on the snapshot named 'Before Upgrade'.

Get Snapshot Details

1. In the Command Pane type: Get-Snapshot -VM moad-web -Name Before* | Format-list  

Now we have all the details on the snapshot and could use the Remove-Snapshot with this data to remove it but using stored variables it is much simpler.

Store a SnapShot Variable

Now let's write a script that stores the Snapshot we want to Remove and then show its details in formated list.

1. In the Script Pane you will have 2 lines of text as shown in the image.

$snapshot = Get-Snapshot -VM moad-web -Name Before*
$snapshot | Format-list 

2. Click on Run Script (F5) icon or press the F5 key to execute the script;
3. Check the details of the alert in the Command Pane.

Note that we used the "Format-List" parameter after a pipe to indicate to PowerShell that we want to see the list of all properties of this particular alert.

Remove Snapshot

1. Now to add a third line to the script. Type: Remove-Snapshot $snapshot
2. Click on Run Script (F5) icon or press the F5 key to execute the script.
3. Click No.  We may need the snapshot in another part of the lab so we wont delete it here.

Lesson End

That concludes this lesson on how to use PowerCLI to work with vRealize Operations Alerts. In the next lesson we'll look at how to work with vRealize Operations Statistics.

Using VMware PowerCLI to work with vRealize Operations Statistics

In this lesson you will learn how to retrieve metric data (or statistics) from vRealize Operations using VMware PowerCLI

Until now we were only working with the cmdlets from the vRealize Operations module. We are now going to work with PowerCLI VI  module cmdlets to perform operations on a VM. We will use the Live version of vRealize Operations so we will need to connect to vCenter which exists in the lab environment.

Connect to vRealize Operations server

We will now connect to the live instance of vRealize Operations Manager. NOTE, make sure to delete anything that you may still have in the Script Pane from the previous lesson.

1. In the Script Pane type Connect-OMServer -Server vr-operations -User admin -Password VMware1!
2. Click on Run Script (F5) icon or press the F5 key to execute the script.
3. Check for any errors in the Command Pane to see if the connection was successful.

Retrieving metric data from vRealize Operations using VMware PowerCLI

Many times customers will ask if they can export metric data from vRealize Operations for usage in other analytical tools or reports. While there are other methods, the PowerCLI module offers a really elegant way to extract that data.

The cmdlet Get-OMStat will provide the metric data output but it is useful to review the cmdlet Get-OMStatKey first. vRealize Operations stores hundreds of metrics for CPU, memory, disk, networking and other items. Each of these metrics is contained in a construct called statKeys. To retrieve these statKeys programmatically you need to use the cmdlet Get-OMStatKey.

Storing VM resource object in a PowerShell variable and listing its CPU metrics

For the remaining steps in this lesson we will still be using the VM named "web-01a".

1. In the Script Pane type the following 2 lines as shown:

(note that the VM name must be between double quotes since it is a string)

$vmresource = "web-01a"

Get-OMStatKey -Name cpu* -Resource $vmresource and press ENTER

2. Click on Run Script (F5) icon or press the F5 key to execute the script
3. Look at the Command Pane and you should see the CPU related metrics.

Storing a specific metric in a PowerShell variable and listing its details

1. In the Script Pane type the following 2 lines as shown:

$statkey = Get-OMStatKey -Name "cpu|workload" -Resource $vmresource

$statkey | Format-List  and press ENTER

2. Click on Run Script (F5) icon or press the F5 key to execute the script
3. Look at the Command Pane and you should see the details about the "cpu|workload" metric.

Getting statistics on a metric for a period of time

In this example we are going to list the "cpu|workload" metric average by minute for the last hour. Since this is a live instance of the vRealize Operations we dont have much data to work with a broader time range.

1. In the Script Pane type the following and press ENTER.

Get-OMStat -Resource $vmresource -Key $statkey -From ([DateTime]::Now).AddHours(-1) -IntervalType Minutes -IntervalCount 1 -RollupType Avg

2. Click on Run Script (F5) icon or press the F5 key to execute the script.
3. Look at the Command Pane and you should see the "cpu|workload" metric average by minute for the last hour for the "web-01a" VM.

Lesson End

There is a lot more capability than we have seen here, but hopefully this gives you a good start. For customers who have deep expertise in PowerShell and PowerCLI the vRealize Operations integration can be a huge help.

Log into the vRealize Operations Live Instance

This lab environment is running two different instances of vRealize Operations. We have the different vRealize Operations instances for different use cases. The lab instances are:

• Live Instance: Connected to the small running vSphere environment in the lab. There isn't a large inventory of objects in this instance but it allows us to interact with a live system including vCenter.
• Historical View Mode (HVM) Instance: Running a time loop of data that was captured in the past. This instance has a much larger inventory of objects but, since it is not currently connected to a vCenter Server, we cannot perform any actions here.

In this lesson we will be using the live Instance of vRealize Operations.

If you are not currently logged into any instance of vRealize Operations, continue to the next page, but if you are already logged into the live (not historical) instance of vRealize Operations, click here to skip ahead.

Open the Chrome Browser from Windows Quick Launch Task Bar

If your browser isn't already open, launch Google Chrome

1. Click the Chrome icon on the Windows Quick Launch Task Bar

The browser Bookmarks Bar has links to the different instances of vRealize Operations that are running in the lab.

1. The Live instance of vRealize Operations has already been started for you.  

Log in to vRealize Operations

vRealize Operations is integrated with VMware Identity Manager which we will use for user authentication in this lab.

VMware Identity Manager should be pre-selected as the identity source. However, if it is not you will choose it.

1. Click the drop-down arrow if VMware Identity Manager is not selected.
2. Click REDIRECT to be taken to the authentication page.

VMware Identity Manager Login

For the Live instance of vRealize Operations instance, the default username and password should already be entered.  However, if needed type them in.

username: holadmin

password: VMware1!

1. Click Sign in

vRealize Operations Home Screen

You should be at the vRealize Operations Home screen and ready to start the module.

Using VMware PowerCLI to work with vRealize Operations Recommendations

In this lesson you will learn:

• Listing specific alerts for a chosen VM
• How to list recommendations for a specific alert
• How to apply recommendations for a specific VM
• List the current alerts of the VM after applying the recommendation

To assist with the process of identifying and interacting with Operations Manager alerts via PowerShell, we will modify a alert symptom definition for a 70% CPU load and add a recommendation which will be included when the alert is generated.  In order to trigger the alert there is a CPU load script on the server 'app-01a'. We will connect to this server using Putty and issue the commands to start the load script after modifying the symptom and the alert.

Alert Settings

1. Click Alerts
2. Click Symptom Definitions to modify a definition from 50% CPU usage to 70% CPU usage.

Choose the CPU threshold Symptom Definition

1. Click _CPU-threshold definition to highlight it.  Notice it is currently set to greater than 50% setting.  We will be changing the setting to 70% for this use case.

Edit Symptom Definitions

1. Click the 3 dots to the left of _CPU-threshold to open the actions menu.
2. Click Edit to edit this definition.

Change Symptom Definition

1. Change the metric value from 50 to 70.  This metric is a CPU usage percentage.  When you initiate the CPU load on app-01a later in this lesson and it exceeds 70% usage an alert will be triggered.
2. Click SAVE

View Alert Definition

1. Click Alert Definitions.
2. Click the definition _App Server CPU Usage to highlight it.  This will be the first Alert Definition in the list.
3. Click the 3 dots to open the actions menu.
4. Click Edit.

Alert Definition

1. Click section 3 - Recommendations
2. Notice we have a Set CPU Count For VM recommendation already here that will provide us with the recommendation to add more CPU Capacity to this VM when the CPU Usage goes above the 70% threshold that we set in the previous steps.
   • Note, we could easily add more recommendations to this alert definition buy simply dragging and dropping the recommendations from the right-hand side of the screen to the left-hand side. Also to note is that recommendations at the top of the list will have a higher priority than the ones under it.

Exit Edit Alert Definition

Quick Start

1. Click Home to return to the Quick Start Dashboard
2. Click Virtual Machine for the virtual machine troubleshooting dashboard.

Troubleshoot a VM

1. Click app-01a and you will notice the other widgets update with information about app-01a.
2. Notice in widget #3 for active alerts there are currently no CPU usage alerts.  You will see this updated once you start the CPU load script.

Start a Putty Session

1. Click the Putty icon found on the taskbar as shown

app-01a Putty Session

1. Double-Click app-01a to start a Putty session.  You will automatically be logged in as the root user.

Generating a CPU Load Alert

We will now redirect dev/zero to dev/null to generate CPU load on this VM.

1. Type cat /dev/zero > /dev/null and press the Enter key to start the CPU load.

Leave this putty window open, we'll come back and stop this script later in the lesson.

Listing Specific Alerts for a Chosen VM

 There are 2 lines to type into the script pane.  The first to login to the vRealize Operations server just in case the connection is not active.  The second line is for look for critical active alerts on web-01a.

1. For line 1 type: Connect-OMserver -server vr-operations -user admin -password VMware1!

     For line 2 type: Get-OMAlert -Status Active -Criticality critical -Resource app-01a

2. Click on Run Script (F5) icon or press the F5 key to execute the script;
3. Notice there is one active alert and it is from the _App Server CPU Usage alert definition.

Note: It takes a couple minutes for the alert to appear so you may have to rerun the script and then it should appear as expected.  Now to review the recommendations.

Listing Recommendations for a Specific Alert

Included with the vRealize Operations alerts are recommendations that guide you to possible solutions. Earlier in the lesson you added an second recommendation to "Add more CPU".  To see the recommendations you need to retrieve them from the alert you found in the last page.

1. In the Command Pane type Get-OMRecommendation -Alert "_App Server CPU Usage" | Format-List and press Enter
2. From the Command Pane you can see there are 2 recommendations and one the first one is to add more CPU capacity.  Let's add more CPU using PowerShell.

Add More CPU

There are two lines of script needed to change the number of CPUs for app-01a.  The first is to connect to the vCenter server and the second is the PowerShell command to make the change.

1. Type the following in the Script Pane or Copy and Paste:

Connect-VIServer -Server vcsa-01a -User administrator@corp.local -Password VMware1!

Get-VM -name app-01a | set-VM -NumCpu 2

2. Click on Run Script (F5) icon or press the F5 key to execute the script
3. Click Yes to execute the command on vCenter.

CPU Change Result

1. Notice the number of CPU's is now set to 2.  You may have to scroll up in the Command Pane to see the NumCPU.  Let's verify in vCenter.

Open vCenter

1. Click the + to open a new browser tab.
2. Open the vSphere Client from the Bookmarks bar
3. Click to Use Windows session authentication.
4. Click Login.

vCenter

1. Click app-01a after expanding the object tree as shown.
2. Click the Down Symbol to expand the VM Hardware section if you need to.
3. Notice the number of CPU(s) is set to 2.

Stop CPU Load

Now we need to stop the CPU load script we have running on the app-01a VM. Return to your open PuTTY window. Closing this PuTTY session will end the CPU load script.

1. Click the X in the upper-right corner to close the PuTTY session.

Now let's return to the PowerShell ISE to check for alerts.

Check for alerts

Lesson End

This completes this lesson and module. We hope that you were able to learn some new skills around script writing and automation of vRealize Operations alerts, definitions, and recommendations.

Conclusion

In this module we learned the basics of the Windows PowerShell and VMware PowerCLI and also:

• How to connect to a vRealize Operations instance using VMware PowerCLI
• How to use VMware PowerCLI to work with vRealize Operations alerts
• How to use VMware PowerCLI to work with vRealize Operations recommendations
• How to use VMware PowerCLI to work with vRealize Operations statistics

You've finished module 6

Congratulations on completing the lab module.

If you are looking for additional general information on vRealize Operations 8.1, try one of these:

• VMware Product Public Page - vRealize Operations:  https://www.vmware.com/products/vrealize-operations.html
• vRealize Operations 8.1 - Release Notes:   https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/rn/vRealize-Operations-Manager-81.html
• vRealize Operations 8.1 - Documentation:  https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/com.vmware.vcom.core.doc/GUID-7E6B5805-3D2F-41C4-ADFF-B7248386E7AC.html
• VMware Cloud Management Blog - What's New in vRealize Operations 8.1:  https://blogs.vmware.com/management/2020/03/whats-new-in-vrealize-operations-8-1.html

From here you can:

1. Click to advanced to the next page and continue with the next lab module
2. Open the TABLE OF CONTENTS to jump to any module or lesson in this lab manual
3. Click on the END button if you are done with the lab for now and want to exit

Module 7 - Assess Your vSphere Configuration for Compliance With Industry or Custom Standards (30 minutes)

Introduction

Compliance is about ensuring that objects in your environment meet industrial, governmental, regulatory, or internal standards. The standards are made up of rules about how objects should be configured to comply with best practices and to avoid security threats.

In this Module we will step through the complete configuration and use-cases to ensure your VMware environment is always compliant.

Log into the vRealize Operations Live Instance

This lab environment is running two different instances of vRealize Operations. We have the different vRealize Operations instances for different use cases. The lab instances are:

• Live Instance: Connected to the small running vSphere environment in the lab. There isn't a large inventory of objects in this instance but it allows us to interact with a live system including vCenter.
• Historical View Mode (HVM) Instance: Running a time loop of data that was captured in the past. This instance has a much larger inventory of objects but, since it is not currently connected to a vCenter Server, we cannot perform any actions here.

In this lesson we will be using the live Instance of vRealize Operations.

If you are not currently logged into any instance of vRealize Operations, continue to the next page, but if you are already logged into the live (not historical) instance of vRealize Operations, click here to skip ahead.

Open the Chrome Browser from Windows Quick Launch Task Bar

If your browser isn't already open, launch Google Chrome

1. Click the Chrome icon on the Windows Quick Launch Task Bar

The browser Bookmarks Bar has links to the different instances of vRealize Operations that are running in the lab.

1. The Live instance of vRealize Operations has already been started for you.  

Log in to vRealize Operations

vRealize Operations is integrated with VMware Identity Manager which we will use for user authentication in this lab.

VMware Identity Manager should be pre-selected as the identity source. However, if it is not you will choose it.

1. Click the drop-down arrow if VMware Identity Manager is not selected.
2. Click REDIRECT to be taken to the authentication page.

VMware Identity Manager Login

For the Live instance of vRealize Operations instance, the default username and password should already be entered.  However, if needed type them in.

username: holadmin

password: VMware1!

1. Click Sign in

vRealize Operations Home Screen

You should be at the vRealize Operations Home screen and ready to start the module.

Apply vSphere Security Configuration Guides

In this module we will turn on vSphere hardening guidelines that can be enabled with your instance of vRealize Operations for free!  We will step you through a scenario of a company first turning on vSphere level compliance and understanding the impact of misconfiguration(s) inside their environment.

Go to Home / Quick Start Screen

1. Click Home to go to Home / Quick Start screen.

Select Compliance

1. Select Compliance.

Enable vSphere Security Configuration

1. ENABLE vSphere Security Configuration Guide.

Enable Policies

1. Enable this in the HOL Policy by clicking the check box. NOTE if you have other policies built on the HOL Policy, they will automatically get checked as well.
2. Click ENABLE.

Running Initial assessment

Notice we now get a message saying the initial assessment is running. This may take a few minutes to run and will depend on the size of your environment. We're going to go make a few changes to this policy, so we'll come back to this later in the lesson.

Edit the current vRealize Operations Policy

1. To get to the Policy manager, click Administration.
2. Click Policies.
3. Now we can highlight the current active policy HOL Policy.
4. Click the 3 dots to the right of the HOL Policy to open the action menu.
5. Click Edit.

Select Alert / Symptom Definitions

1. Select Alert / Symptom Definitions.

Filter the Alert Definitions

1. Select the filter area, type security configuration and hit Enter to filter the alert definitions.
2. Notice that the State for the first 3 ESXi Host System Security Configuration alert definitions are set to Local and have a green checkmark. These Alerts can be enabled as indicated by Local, disabled as indicated by not Local, or inherited. Alerts that are inherited with a green checkmark means that they are enabled.

Browse all Policies

1. Scroll down in the alert definition window to see the other policies related to Compliance and the security configuration.
2. Notice we have also have policy definitions for the virtual machines, vCenter and other objects that we can enable or disable as needed.

Close the Policy Editor

1. Select CANCEL to close this window and exit the policy editor.

Return to Compliance Screen

1. Select BACK to return to the compliance screen.

Review Compliance

Notice now our initial assessment has completed and we have 26 items in our HOL environment that are flagged as non-compliant. NOTE: Assessment takes about 5 minutes to run, if it still says 'Running initial assessment', you may have to wait a few minutes for it to finish. Hit refresh in the top right corner of the vRealize Operations screen to refresh the compliance status.

1. Click in the vSphere Security Configuration Guide window box to open the details page for this policy.

Review Compliance Details

We can again see that we have 26 assets that do not meet the vSphere Security Configuration Guide. The red number is the number that are out of compliance, and the other number is the total number of objects.

Scroll down to see the Object Breakdown

1. On the right-hand side of the screen, scroll all the way down to the bottom of the page.

Review Object Breakdown

1. In the Object Breakdown, we can see more detail about which objects are in and out of compliance.

Review Compliance Alerts

1. In the Compliance Alerts List on the right-hand side of the screen, Click the chevron to the expand the Alerts for the last  1 Hour. Now you can see the specific Security Configuration Guide alerts for all of the individual objects in our HOL Environment.
2. Click on one the "ESXi Host..." warnings so we can look at the details of the alert.

Review Alert Details

1. In the alert details screen, click Symptoms and let's see the why this warning was triggered.
2. Here we can see each symptom that was invalid and more details of why each failed.

How to modify the Host Security Configuration Template

By using the vRealize Operations Management pack for vRealize Orchestrator, we're actually able to modify the configuration templates. We can then modify the items we want to check as part of this vSphere Host Security Configuration Guide.

We won't make changes to the policy in this lab, but let's take a look at how to modify it.

Open a new browser Tab

1. Open a new Browser tab by clicking the +
2. In the address bar, type https://vr-automation.corp.local/orchestration-ui and hit Enter.

Go to Workflows

1. We are now in the vRealize Orchestrator Client. Under Library on the left side of the screen, click Workflows.

Run Configure Host Security Config Data Workflow

1. On this workflow screen, we see 2 workflows related to our vRealize Operations Compliance Policies. Configure Host Security Data is what we can use to modify which settings we want to check, and Apply Host Security Configuration Rules is what we can link to vRealize Operations to help us automate the process of correcting any settings errors that we may find.
   • Let's look at the first Configure... workflow, we'll revisit the Apply... workflow later in the lesson.
2. On the tile for the Configure Host Security Config Data workflow, click RUN.

Enforce Workflow Options

1. From this workflow, we can toggle off or on which items we want to include in our security check.
2. Scroll all the way to the bottom of the screen to see more.

Cancel the Workflow

1. Here we see more changes we can make to this Policy.
2. We won't be making any changes in our lab environment, so click CANCEL to exit this workflow run.

Return to vRealize Operations

1. Click vRealize Operations tab to return to vRealize Operations.
2. Click Alerts to view the details on the alert.

View Alert Details and Recommendations

Now notice we have a recommendation and an action on this alert to APPLY HOST SECURITY CONFIGURATION RULES.

• This calls the 2nd workflow we saw in vRealize Orchestrator that we can use to automatically fix any errors or incorrect host settings that were flagged by our security check. Also note that just like other recommendations/actions in vRealize Operations we could choose to automate this action to help us achieve a self healing datacenter by automatically fixing any incorrect settings as soon as they are found!

Lesson End

This concludes this lesson on applying vSphere security configuration guides.

In the next lesson we'll walk through creating a custom Security Policy.

Custom and Regulatory Benchmarks

We are continuing to enhance the config management and regulatory compliance capabilities within vRealize Operations that were introduced in the previous releases. We can now manage the configuration of the entire SDDC stack including vSphere, NSX-T and vSAN. In addition to common compliance templates like PCI, HIPAA, DISA, ISO, CIS, and FISMA, we will also be able to create our own custom compliance standards and activate automated drift remediation with out-of-the-box workflows using the VMware vRealize Orchestrator integration. We will also be able to monitor the compliance for VMs in VMware Cloud on AWS. We can import and now will be able to also export custom compliance standards. In this module we'll walk through some of these compliance capabilities and create a new custom compliance standard.

Go to Home/Quick Start Page

1. Click Home to open the Quick Start / Home Screen.

Select Compliance under Manage Configuration

1. Select Compliance.

View All Benchmarks

1. If you are still in the vSphere Security Configuration Guide Windows that we looked at in the last lesson, click ALL BENCHMARKS to return to the main compliance page.

VMware Security Configuration Guides

1. At the top of the page can see that we are currently looking at the standard VMware SDDC Benchmarks which we talked about in detail in the previous lesson.
   • These currently include vSphere, vSAN and NSX-T and/or NSX-V depending on which you are using. NOTE: In this case NSX-V doesn't show up on our page because we don't have the NSX-V management pack installed.
2. We also have an option to look at compliance in our VMC SDDC, in this lab we do not have access to VMC so that option is grayed out.

Custom Compliance Policies

Next on the compliance page we have Custom Benchmarks. This section allows us to create our own custom compliance policies.

1. Click Add Custom Compliance to create a new policy.

Create a New Custom Benchmark

1. Click CREATE A NEW CUSTOM BENCHMARK.

Name the Policy

1. Name the policy ESXi Hosts Only.
2. Click NEXT.

Select Alert Definitions

1. Click the column name Object Type to sort the by Object Type so we can select all of the host related items.
2. Click the check boxes to select all 4 of the ESXi Host System Policies.
3. Click NEXT.

Select Policy to enable Custom Compliance

1. Select the check box to enable the compliance policy on 'HOL Policy'. (NOTE: 'HOL Test Policy' shown above comes from an earlier lesson that was part of this Lab, if you didn't complete that lesson you may not see this on your screen)
2. Click FINISH.

Running Initial assessment

1. Now we can see our new ESXi Hosts Only policy and see that it's running it's initial assessment. It will take a few minutes to run this assessment so we'll come back to this later in the lesson.

Regulatory Benchmarks

1. Scroll all the way down on this page to see the Regulatory Benchmarks. We can see we have built-in policies for CIS, DISA, FISMA, HIPAA, ISO and PCI Standards.
2. Click on ACTIVATE FROM REPOSITORY under PCI Security Standards.

Activate from Repository

1. In our repository we can see our VMware vRealize Compliance Pack for PCI. Click ACTIVATE to Activate this compliance pack.

Activate Management Pack

1. We won't actually activate this in our lab, so select NO to cancel the activation of this management pack.
   • As we've seen through this exercise, activating these Regulatory Bechmark Policies to use in vRealize Operations 8.1 is a very easy process.

Return to Compliance Screen

1. Click BACK to return to the compliance page.

Review Compliance

Now our ESXi Hosts Only Policy should be done with it's initial assessment. If it's not, you may need to click refresh in the top corner to update the status.

1. Click on the ESXi Hosts Only Policy to open it.

View Custom Policy Details

Now we can see the details of our policy and we see that all 5 of our hosts are non-compliant.

1. Click the chevron to open the Alert List to see the 5 individual alerts on the 5 hosts that we have in our lab environment.

Lesson End

This concludes the lesson on custom and regulatory benchmarks.

Conclusion

In this module we walked through compliance remediation that you can automate inside your organization on your VMware infrastructure. This is a key component of turning your vRealize Operations environment from a Read-Only solution, to taking automation remediation to ensure you are compliant and without issues.

You've finished module 7

Congratulations on completing the lab module.

If you are looking for additional general information on vRealize Operations 8.1, try one of these:

• VMware Product Public Page - vRealize Operations:  https://www.vmware.com/products/vrealize-operations.html
• vRealize Operations 8.1 - Release Notes:   https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/rn/vRealize-Operations-Manager-81.html
• vRealize Operations 8.1 - Documentation:  https://docs.vmware.com/en/vRealize-Operations-Manager/8.1/com.vmware.vcom.core.doc/GUID-7E6B5805-3D2F-41C4-ADFF-B7248386E7AC.html
• VMware Cloud Management Blog - What's New in vRealize Operations 8.1:  https://blogs.vmware.com/management/2020/03/whats-new-in-vrealize-operations-8-1.html

From here you can:

1. Click to advanced to the next page and continue with the next lab module
2. Open the TABLE OF CONTENTS to jump to any module or lesson in this lab manual
3. Click on the END button if you are done with the lab for now and want to exit

Conclusion

Thank you for participating in the VMware Hands-on Labs. Be sure to visit http://hol.vmware.com/ to continue your lab experience online.

Lab SKU: HOL-2101-06-CMP

Version: 20200803-144554