Wednesday, February 7, 2018

Missing computers in Azure Update/Inventory/Change Management

Recently, I enabled a couple of preview services for a client.  These services centered around using the OMS/Automation system to surface data around update/inventory/change management.  You can read more about these preview services:

https://azure.microsoft.com/en-ca/updates/update-management-inventory-and-change-tracking-are-available-in-azure-automation/

To be honest, these are pretty powerful features that help make VMs act more "as a service" by bringing in cross VM views.  In any event, for my client, only one of our VMs actually showed up in the list.  Funny enough, it was the one non-domain joined machine.

After a call into Azure support, this turns out to be a known issue.  Essentially, there are a couple of saved searches in Log Analytics that are used to determine the computer group to report on.  When you enable the service, VMs show up with only their VM name, which does not work properly when machines are domain joined.

If you navigate to your log analytics workspace, under saved searches, you will see two searches named "MicrosoftDefaultComputerGroup".




What you will want to do is right click on the search and click edit.  You can then edit the query being used.  Essentially, there is a where statement, and you need to change all the computer names to the FQDN of that computer.

ie:  prodvm01 ==> prodvm01.contoso.com

After saving that query (and waiting a bit), you should see all your domain joined machines come up in the list.  This is a known issue and Microsoft is working on a fix.  Obviously, as you add machines, you will have to re-edit the appropriate query.

Hope that helps!