vROps – Create & Enable 6.0 Hardening Alerts

By | 2017-02-16

I’ve been spending a lot of time in vROps recently, so I’m going to do a little write up on 5.5 and 6.0 Hardening Alerts found in vRealize Operations Manager 6.4

In the vROps policy section, you’ll see that there is a default policy in the Policy Library called the vSphere 5.5 Hardening Guide:

“But wait!” You’re saying, “It’s 2017! Where is the 6.0 Hardening Guide??”

Well you are in luck (kinda)! It’s in there, you just need to bring it out & tweak it.

In order to do this you’re going to need to (a) create 2 new alerts using the 6.0 hardening symptoms and (b) either enable those alerts in your default policy OR (my preference) create sub-policies for your environment to enable hardening. If you have multiple types of hosts (i.e. both 5.x and 6.0) then I’ll show you how to effectively do option B.

Create ESXi and VM 6.0 Hardening Alerts:

If you have 6.0 hosts in your environment, then you are going to want to create 2 new alerts that contain the 6.0 hardening symptoms:

  1. Log into vROps. Go to Content -> Alert Definitions & filter by “Hardening”:

  2. Clone “ESXi Host is violating vSphere 5.5 Hardening Guide” and name copy “ESXi Host is violating vSphere 6.0 Hardening Guide”. Clone “Virtual Machine is violating vSphere 5.5 Hardening Guide” and name copy “Virtual Machine is violating vSphere 6.0 Hardening Guide”.
  3. During the cloning process for ESXi hosts, go to “Add Symptom Definitions” and filter by “6.0”, multi-select and add all 16 items to the existing symptom set, remove any symptoms that are not pertinent to your environment, then click save:

  4. During the cloning process for Virtual Machines, go to “Add Symptom Definitions” and filter by “6.0”, multi-select and add all 3 items to the existing symptom set, remove any symptoms that are not pertinent to your environment, then click save:

If you have a homogenous ESXi 5.5 or 6.0 environment:

If you have an environment with 1 flavor of ESXi, then you can simply enable the hardening alerts within your default policy for your flavor.

  1. Edit your current default policy via Administration -> Policies:

  2. In the active policy go to “Alert/Symptom Definitions”. Filter Alert Definitions using the keyword “5.5 Hardening” or “6.0 Hardening”. Select the 2 options and change state from Disable to Enable:

  3. You will now see 5.5/6.0 Hardening Guide Alerts in on your Alert Page.

If you have a mixed 5.5 and 6.0 environment:

If you have a mixed environment with both 5.5 and 6.x hosts, then you will need to create 2 custom groups and 2 additional sub-policies to differentiate alerts for the 2 types of hosts.

  1. Go to Environment and click the green plus sign to create a new group:

  2. Create one group for vSphere 5.x hosts using the following membership criteria (note that the last field has “5.” Not just “5”). Make sure you Preview to insure that you are pulling the correct hosts! :

  3. Create a 2nd group for vSphere 6.x hosts using the following membership criteria (note that the last field has “6.” Not just “6”). Make sure you Preview to insure that you are pulling the correct hosts! :

  4. Now to create the 2 new sub-policies. If you enabled the hardening guide alerts in the default policy previously, you must go back and disable them now, otherwise the new policies will be pointless.
  5. Create a sub-policy for 5.5 Hardening Alerts using the Default Policy as the base:

  6. Enable the two 5.5 Hardening Alerts as per the previous steps:

  7. Tie the newly created 5.5 custom group to it. Click on related objects, click the green plus sign and add the previously created vSphere 5.5 custom group:

  8. Confirm that the correct group is associated to the correct policy:

  9. After that, repeat steps 5-8 but this time for your 6.x hosts. Now you’ll get alerts based upon version type!

One thought on “vROps – Create & Enable 6.0 Hardening Alerts

  1. BobNiaan

    I am using vSphere 6.5 and planning to use the new vSphere 6.5 Hardening Guidelines however, I tried using this method but after typing ‘6.5’, the new hardening guideline doesn’t come up even after updating my vROPs to 6.5.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *