Wednesday, April 25, 2018

Security Features in Azure Backup


Now everyone is concern on the security if that is hosted in a different place then you should check this first if you enable the backup.

This is a new feature introduced for Azure backup and recovery and help to stop unattended backup deletion.

The following versions will support this Security features:

  • 1. MAB agent – use minimum agent version 2.0.9052
  • Azure backup server – use minimum MAB agent version 2.0.9052 with Azure Backup Server upgrade 1
  • DPM – use minimum MAB agent version 2.0.9052 with DPM 2012 R2 UR12 or DPM 2016 UR2

To enable this feature first go into the Azure tenant which you have Azure backup enabled.

Then search for the “Recovery Services vaults” and Select Properties under Settings.

Under Security settings select Update.


image

Then Click Yes to enable the two factor. Click enable after that.

Note : Once you enable this, you can revert that back. 

image


Then If you want to delete or recover your data from the backup then again you have to come here and generate the Security PIN as mentioned below.

image

Thursday, April 19, 2018

Snapshot operation failed due to COM+ error - Azure Backup.

You will get this error message on your Azure Backups which used to take Azure hosted VMs backup.

This can be due to Azure VM agent communication issue or because of the high utilization of the Virtual machine or an Agent communication issue.

image

To fix this Backup issue you have to login into the Server and restart the,

COM+ System Application service.

Then you can restart the Windows Azure Agent service to refresh the environment.

Sometime you will get the below error. This means the service was hanged or currently used by an application which is having some issue.

You can get a downtime and restart the Server. This will cure this problem.

image


Then, once the server comes online, restart this “COM+ System Application” Service.

Let the backup run after that. 

Enable Azure hosted SQL service notifications.


Enable Azure hosted SQL service notifications.

This article shows the step to set up Azure SQL Database and Data Warehouse alerts using the Azure portal. This article also provides best practices for setting alert periods.

To do this you can use OMS or the Azure portal. Here we are using the Azure portal to configure notifications.

You can receive an alert based on monitoring metrics for, or events on, your Azure services. This will be based on the section that you are going to

Activity log events - An alert can trigger on every event, or, only when a certain number of events occur.

Metric values - The alert triggers when the value of a specified metric crosses a threshold you assign in either direction. That is, it triggers both when the condition is first met and then afterwards when that condition is no longer being met.

You can configure an alert to do the following when it triggers:

· Send email notifications to the service administrator and co-administrators

· Send email to additional emails that you specify.

· Call a webhook

Once you go into the SQL instance in the Azure tenant you will see the below mentioned window where you can see the overall performance and the database utilization.

clip_image002

1. To configure the notification you can select the SQL instance then Alerts under monitoring.

2. Then click ad alert.

clip_image004

3. Select the Add alert command and fill in the fields.

clip_image006

4. Name your alert rule, and choose a Description, which also shows in notification emails.

5. Select the Metric you want to monitor, then choose a Condition and Threshold value for the metric. Also choose the Period of time that the metric rule must be satisfied before the alert triggers.

So for example, if you use the period "5 min" and your alert looks for CPU above 80%, the alert triggers when the average CPU has been above 80% for 5 minutes. Once the first trigger occurs, it again triggers when the average CPU is below 80% over 5 minutes. The CPU measurement occurs every 1 minute. Consult the table below for supported time windows and the aggregation type that each alert uses- not all alerts use the average value.

Supported metrics list is mentioned below, Highlighted metrics used in our environment which helps to do the changes before effecting to the live DB failures.

clip_image008

6. Check Email owners... if you want administrators and co-administrators to be emailed when the alert fires.

7. If you want additional emails to receive a notification when the alert fires, add them in the Additional Administrator email(s) field. Separate multiple emails with semi-colons - email@XYZ.com;email2@XYZ.com

8. Put in a valid URI in the Webhook field if you want it called when the alert fires.

9. Select OK when done to create the alert.

It will take few min to activate the alert.


Once the alert rule is created then you can select that and mange that.

  • · Edit or delete it.
  • · Disable or Enable it if you want to temporarily stop or resume receiving notifications for that alert
  • · View a graph showing the metric threshold and the actual values from the previous day.

Can be done by selecting the cleated alert rule.