Three quarters of 2015, my IT career and various ramblings

September is over. The first three quarters of 2015 are over.
This has been a very important year so far – difficult, but revealing. Everything has been about change, healing and renewal.

We moved back to Europe first, and you might have now also read my other post about leaving Microsoft, more recently.

This was a hard choice – it took many months to reach the conclusion this is what I needed to do.

Most people have gone thru strong programming: they think you have to be 'successful' at something. Success is externally defined, anyhow (as opposed to satisfaction which we define ourselves) and therefore you are supposed to study in college a certain field, then use that at work to build your career in the same field… and keep doing the same thing.

I was never like that – I didn't go to college, I didn't study as an 'engineer'. I just saw there was a market opportunity to find a job when I started, studied on the job, eventually excelled at it. But it never was *the* road. It just was one road; it has served me well so far, but it was just one thing I tried, and it worked out.
How did it start? As a pre-teen, I had been interested in computers, then left that for a while, did 'normal' high school (in Italy at the time, this was really non-technological), then I tried to study sociology for a little bit – I really enjoyed the Cultural Anthropology lessons there, and we were smoking good weed with some folks outside of the university, but I really could not be asked to spend the following 5 or 10 years or my life just studying and 'hanging around' – I wanted money and independence to move out of my parent's house.

So, without much fanfare, I revived my IT knowledge: upgraded my skill from the 'hobbyist' world of the Commodore 64 and Amiga scene (I had been passionate about modems and the BBS world then), looked at the PC world of the time, rode the 'Internet wave' and applied for a simple job at an IT company.

A lot of my friends were either not even searching for a job, with the excuse that there weren't any, or spending time in university, in a time of change, where all the university-level jobs were taken anyway so that would have meant waiting even more after they had finished studying… I am not even sure they realized this until much later.
But I just applied, played my cards, and got my job.

When I went to sign it, they also reminded me they expected hard work at the simplest and humblest level: I would have to fix PC's, printers, help users with networking issues and tasks like those – at a customer of theirs, a big company.
I was ready to roll up my sleeves and help that IT department however I would be capable of, and I did.
It all grew from there.

And that's how my IT career started. I learned all I know of IT on the job and by working my ass off and studying extra hours and watching older/more expert colleagues and making experience.

I am not an engineer.
I am, at most, a mechanic.
I did learn a lot of companies and the market, languages, designs, politics, the human and technical factors in software engineering and the IT marketplace/worlds, over the course of the past 18 years.

But when I started, I was just trying to lend a honest hand, to get paid some money in return – isn't that what work was about?

Over time IT got out of control. Like Venom, in the Marvel comics, that made its appearance as a costume that SpiderMan started wearing… and it slowly took over, as the 'costume' was in reality some sort of alien symbiotic organism (like a pest).

You might be wondering what I mean. From the outside I was a successful Senior Program Manager of a 'hot' Microsoft product.
Someone must have mistaken my diligence and hard work for 'talent' or 'desire of career' – but it never was.
I got pushed up, taught to never turn down 'opportunities'.

But I don't feel this is my path anymore.
That type of work takes too much metal energy off me, and made me neglect myself and my family. Success at the expense of my own health and my family's isn't worth it. Some other people wrote that too – in my case I stopped hopefully earlier.

So what am I doing now?

First and foremost, I am taking time for myself and my family.
I am reading (and writing)
I am cooking again
I have been catching up on sleep – and have dreams again
I am helping my father in law to build a shed in his yard
We bought a 14-years old Volkswagen van that we are turning into a Camper
I have not stopped building guitars – in fact I am getting setup to do it 'seriously' – so I am also standing up a separate site to promote that activity
I am making music and discovering new music and instruments
I am meeting new people and new situations

There's a lot of folks out there who either think I am crazy (they might be right, but I am happy this way), or think this is some sort of lateral move – I am not searching for another IT job, thanks. Stop the noise on LinkedIn please: I don't fit in your algorithms, I just made you believe I did, all these years.

Capturing your knowledge/intelligence should be SIMPLE

Lately this blog has been very personal. This post is about stuff I do at work, so if you are not one of my IT readers, don't worry.

For my IT readers, an interruptions from guitars and music on this blog to share some personal reflection on OpInsights and SCOM.

SCOM is very powerful. You know I have always been a huge fan of 2007 and worked myself on the 2012 release. But, compared to its predecessor – MOM – in SCOM it has always been very hard to author management packs – multiple tools, a lot of documentation… here we are, more than 6 years later, and the first 2 comments on an old post on the momteam blog still strike me hard every time I read it:

whatever happened to click,click,done?

You would think that things have changed, but SCOM is fundamentally complex, and even with the advances in tooling (VSAE, MPAuthor, etc) writing MPs is still black magic, if you ask some users.

I already blogged about me exporting and MP and converting its event-based alerting rules to OpInsights searches.

Well, writing those alerting rules in SCOM needs a lot of complex XML – you might not need to know how to write it (but you often have to attempt dechipering it) and even if you create rules with a wizard, it will produce a lot of complex XML for you.

In the screenshot below, the large XML chunk that is needed to pick up a specific eventId from a specific log and a specific source: the key/important information is only a small fraction of it, while the rest is ‘packaging’:

image

I want OpInsights to be SIMPLE.

If there is one thing I want the most for this project, is this.

That's why the same rule can now be expressed with a simple filter search in OpInsights, where all you need is just that key information

EventID=1037 Source="Microsoft-Windows-IIS-W3SVC" EventLog=System

and you essentially don't have to care about any sort of packaging nor mess with XML.

Click, click – filters/facets in the UI let you refine your criteria. And your saved searches too. And they execute right away, there is not even a ‘Done’ button to press. You might just be watching those searches pinned to tiles in your dashboard. All it took was identify the three key pieces of info, no complex XML wrapping needed!

Ok, granted – there ARE legitimate, more complex, scenarios for which you need complex data sources/collectors and specialized/well thought data shaping, not just events – and we use those powerful capabilities of the MMA agent in intelligence packs. But at its core, the simple search language and explor-ability of the data are meant to bring back SIMPLE to the modern monitoring world. Help us prioritize what data sources you need first!

PS – if you have no idea what I was talking about – thanks for making it till here, but don’t worry: either you are not an IT person, which means simply ignore this; or – if you are an IT person – go check out Azure Operational Insights!

System Center Advisor has kept me busy and you should check it out

If you were one of my work/Microsoft-related subscribers or other IT geeks, you might have been disappointed this blog has only had my own songs posted, lately. Yes I know you don’t like them. It’s fine.

In general, I tend to blog work-related stuff at my other MSDN blog or on the MOMteam blog, lately. Also, several folks (in Microsoft, and from outside) have reached and keep reaching out to me for APM-related questions. Sorry, I don't work nor own that feature anymore. In fact I have not really worked on it for over a year. It appears ITPro’s and Dev’s are a still a thing over here.

So I stayed with the ITPro’s, and in the last 16 or so months I have  been busy with System Center Advisor. First small but useful things, then the complete overhaul we did the past May at TechEd North America 2014.

If you have not yet heard about it and have no clue what I am talking about, then you should definitely check it out. See the following resources if you want to learn more of what I am working on:

clip_image001VIDEOS

Advisor Preview 2min Overview Video: http://aka.ms/unrpst

Advisor Preview TechEd announcement Video: http://aka.ms/Aulpqc

Joseph @ The Edge Show showing off our Log Management capabilities http://aka.ms/R4p9d0

Advisor Preview Onboarding Steps Video: http://aka.ms/Lgt2zu 

clip_image002SOCIAL

Advisor Preview Twitter Handle: @mscAdvisor

clip_image003RESOURCES

Advisor Preview Onboarding Documentation: http://aka.ms/Wrbzug

Advisor Preview Troubleshooting blog: http://aka.ms/G04tcq

Advisor Preview Feature requests can me made inside the Advisor portal by clicking the ‘Feedback’ link Advisor Feedback

SCOM Tools

When I was working at Microsoft, I used to maintain a few tools related to System Center Operations Manager.

You can still find them at the following links, but I have not touched them in a long time:

Operations Manager 2012 SP1 BETA is out, and some cool things you might not (yet) know about it

It has been a couple of months since we released the CTP2 release (I had blogged about that here http://www.muscetta.com/2012/06/16/operations-manager-2012-sp1-ctp2-is-out-and-my-teched-na-talk-mgt302/ ) and we have now reached the Beta milestone!

Albeit you might have already seen a number of posts about this last week (i.e. http://blogs.technet.com/b/server-cloud/archive/2012/09/10/system-center-2012-sp1-beta-available-evaluate-with-windows-server-2012.aspx or http://blogs.technet.com/b/momteam/archive/2012/09/11/system-center-2012-service-pack-1-beta-now-available-for-download.aspx), I see the information on the blogs so far didn’t quite explain all the various new features that went into it, and I want to give a better summary specifically about the component that I work on: Operations Manager.

Keep in mind the below is just my personal summary – the official one is here http://technet.microsoft.com/en-us/library/jj656650.aspx – and it actually does explain these things… but since some OpsMgr community reads a lot of blogs, I wanted to highlight some points of this release.

Platform Support

  • Support for installing the product on Windows Server 2012 for all components: agent, server, databases, etc.
  • Support for using SQL Server 2012 to host the databases

Cloud Services

  • Global Service Monitor – This is actually something that Beta version enables, but the required MPs don’t currently ship with the Beta download directly – you will be able to sign up for the Beta of GSM here. Once you have registered and imported the new MPs, you will be able to use our cloud based capability to monitor the health of your web applications from geo-distributed perspective that Microsoft manages and runs on Windows Azure, just like you would from your own agent/watcher nodes. Think of it as an extension of your network, or “watcher nodes in the cloud”

APM-Related improvements

this is my area and what myself and the team I am in specifically works on – so I personally had the privilege to drive some of this work (not all – some other PMs drove some of this too!)

  • Support for IIS8 with APM (.NET application performance monitoring) – this enables APM to monitor applications running on Windows Server 2012, not just 2008 anymore. The new Windows Server 2012 and IIS8 Management packs are required for this to work. Please note that, if you have imported the previous, “Beta” Windows 8 Management packs, they will need to be removed prior to installing the official Windows Server 2012 Management Packs. About Windows Server 2012 support and MPs, read more here http://blogs.technet.com/b/momteam/archive/2012/09/05/windows-server-2012-system-center-operations-manager-support.aspx
  • Monitoring of WCF, ASP.NET MVC and .NET NT services – we made changes to the agent so that we better understand and present data related to calls to WCF Services, we support monitoring of ASP.NET MVC applications, and we enabled monitoring of Windows Services that are built on the .NET framework – the APM documentation here is updated in regards to these changes and refers to both 2012 RTM and SP1 (pointing out the differences, when needed) http://technet.microsoft.com/en-us/library/hh457578.aspx
  • Introduction of Azure SDK support – this means you can monitor applications that make use of Azure Storage with APM, and the agent is now aware of Azure tables, blobs, queues as SQL Azure calls. It essentially means that APM events will tell you things like “your app was slow when copying that azure blob” or “you got an access denied when writing to that table”
  • 360 .NET Application Monitoring Dashboards – this brings together different perspectives of application health in one place: it displays information from Global Service Monitor, .NET Application Performance Monitoring, and Web Application Availability Monitoring to provide a summary of health and key metrics for 3-tier applications in a single view. Documentation here http://technet.microsoft.com/en-us/library/jj614613.aspx
  • Monitoring of SharePoint 2010 with APM (.NET application performance monitoring) – this was a very common ask from the customers and field, and some folks were trying to come up with manual configurations to enable it (i.e. http://blogs.technet.com/b/shawngibbs/archive/2012/03/01/system-center-2012-operation-manager-apm.aspx ) but now this comes out of the box and it is, in fact, better than what you could configure: we had to change some of the agent code, not just configuration, to deal with some intricacies of Sharepoint…
  • Integration with Team Foundation Server 2010 and Team Foundation Server 2012 – functionality has also been enhanced in comparison to the previous TFS Synchronization management pack (which was shipped out of band, now it is part of Operations Manager). It allows Operations teams to forward APM alerts ( http://blogs.technet.com/b/momteam/archive/2012/01/23/custom-apm-rules-for-granular-alerting.aspx ) to Developers in the form of TFS Work Items, for things that operations teams might not be able to address (i.e. exceptions or performance events that could require fixes/code changes)
  • Conversion of Application Performance Monitoring events to IntelliTrace format – this enables developers to get information about exceptions from their applications in a format that can be natively used in Visual Studio. Documentation for this feature is not yet available, and it will likely appear as we approach the final release of the Service Pack 1. This is another great integration point between Operations and Development teams and tools, contributing to our DevOps story (my personal take on which was the subject of an earlier post of mine: http://www.muscetta.com/2012/02/05/apm-in-opsmgr-2012-for-dev-and-for-ops/)

Unix/Linux Improvements

Audit Collection Services

  • Support for Dynamic Access Control in Windows Server 2012 – When was the last time that an update to ACS was made? Seems like a long time ago to me…. Windows Server 2012 enhances the existing Windows ACL model to support Dynamic Access Control. System Center 2012 Service Pack 1 (SP1) contributes to the fulfilling these scenarios by providing enterprise-wide visibility into the use of the Dynamic Access Control.

Network Monitoring

  • Additional network devices models supported – new models have been tested and added to the supported list
  • Visibility into virtual network switches in vicinity dashboard – this requires integration with Virtual Machine Manager to discover the network switches exposed by the hypervisor

 

 

Reminders:

  • Production use is NOT supported for customers who are not part of the TAP program
  • Upgrade from CTP2 to Beta is NOT Supported
  • Upgrade from 2012 RTM to SP1 Beta will ONLY be supported for customers participating in the TAP Program
  • Procedures not covered in the documentation might not work

 

 

 

Download http://www.microsoft.com/en-us/download/details.aspx?id=34607

Operations Manager 2012 SP1 CTP2 is out, and my TechED NA talk (MGT302)

As you might have already heard, this has been an amazing week at TechEd North America: System Center 2012 has been voted as the Best Microsoft Product at TechEd, and we have released the Community Technology Preview (CTP2) of all System Center 2012 SP1 components.

I wrote a (quick) list of the changes in Operations Manager CTP2 in this other blog post and many of those are related to APM (formerly AVIcode technology). I have also demoed some of these changes in my session on thursday – you can watch the recording here. I think one of the most-awaited change is support for monitoring Windows Services written in .NET – but there is more than that!

In the talk I also covered a bit of Java monitoring (which is the same as in 2012, no changes in SP1) and my colleague  Åke Pettersson talked about Synthetic Transactions, and how to bring all together (synthetic and APM) in a single new dashboard (also shipping in SP1 CTP2) that gives you a 360 degrees view of your applications. The CTP2 documentation covers both the changes to APM as well as how to light up this new dashboard.

When it comes to synthetics  – I know you have been using them from your own agents/watcher nodes – but to have a complete picture from the outside in (or last mile), we have now also announced the Beta of Global Service Monitoring (it was even featured in the Keynote!) – where essentially we extend your OpsMgr infrastructure to the cloud, and allow you to upload your tests to our Azure-based service and we will run those tests against your Internet-facing applications from our watcher nodes in various datacenters around the globe and feed back the data to your OpsMgr infrastructure, so that you can see how your application is available and responding from those locations. You can sign up for the consumer preview of GSM from the connect site.

Enjoy your beta testing! (Isn’t that what weekends are for, geeks?)

APM in OpsMgr 2012: for Dev and for Ops

I recently wrote a couple of technical posts about the object model we have chosen for APM in OpsMgr 2012 and how to author granular alerting rules for APM in XML. That’s more the type of post that pertains on the momteam blog.

This one you are reading now, instead, is more “philosophical” than technical – I think that, going forward, I’ll keep more of this distinction by posting my rants here on my personal blog, as they are only partially related to the products and more about my point of view on things. The reasons explained below are just those that I perceive and what drives me – I don’t mean in any way to be speaking on behalf of my company, our strategists or product planners.

I have heard statements from customers such as “AVIcode is a developer tool” or “APM is for QA/Test environments – if you need it in production you have not done your QA work well”and similar statements. People asked why we did bring together the two, for example, on the TechNet forums. Sure, it can be useful to employ such a tool also in a development and QA/test environment… but why not in production? With frequent deployments that the agile business demands, change control alone can’t slow down the business and sometimes bad things happen anyway – so we need solid monitoring to keep an eye on the behavior and performance on the system, exposed in a way that can quickly pinpoint where issues might be – be them in the infrastructure or in the code – in a way that enables people to efficiently triage and resolve them. Sergey points out how APM in OpsMgr 2012 is much easier to setup, simpler to configure and cheaper to maintain than the standalone AVIcode product ever was, and hints at the fact that a comprehensive solution encompassing both “traditional” systems management approach as well as Application Performance Monitoring is a good one. It is a good one, in its simplest form, because we have a simplified, unified and more cost-effective infrastructure. It is a good one – I add – because we can extract a lot of useful information from within the applications, only when those are running; when they are down altogether, APM is not very useful on its own, when it is not complemented by “traditional” OS and platform checks: before I wonder if my application is slow, I’d better ask “is IIS actually up and running? is my application running at all?”. Operations Manager has been historically very good, with its management packs, in answering those questions. APM adds the deep application perspective to it, to provide rich data that Developers and Operations need to have an overall picture of what is going on in their systems and applications.

In my opinion, in this world of continuous services improvement and cloud services, IT management is tearing down the walls between what traditionally has been two separate worlds of “Operations” (Ops) teams and Development (Dev) teams. So, while people ask why we brought what was more of a Developer tool into a pure System Management tool, it is clear to me that those areas are converging, and even other vendors who start from the opposite approach (APM) eventually go “back to the basics” and begin implementing server-level systems management such as showing disk space and CPU utilization, meaning that, whatever your starting point was or has been, everybody wants and feels the need to bring those two worlds and disciplines together.

This line of thoughts has even been given a name: “DevOps”.

What is this DevOps things anyway is one famous post that can be found on the web, where Stephen Nelson-Smith writes:

[…] On most projects I’ve worked on, the project team is split into developers, testers, release managers and sysadmins working in separate silos. From a process perspective this is dreadfully wasteful. It can also lead to a 'lob it over the wall' philosophy – problems are passed between business analysts, developers, QA specialists and sysadmins […] The Devops movement is built around a group of people who believe that the application of a combination of appropriate technology and attitude can revolutionize the world of software development and delivery […] these people understand the key point – we’re all on the same side! All of us – developers, testers, managers, DBAs, network technicians, and sysadmins – are all trying to achieve the same thing: the delivery of great quality, reliable software that delivers business benefit to those who commissioned it. […]

DevOps – the war is over if you want it is a presentation by Patrick Debois which I also encourage you to check out, as it is also very evocative thru images:

The War is over if you want it

DevOps – 6 steps for improved collaboration

[…] The DevOps movement is a modern push from the software industry to instill better interaction and productivity between development (Dev) and IT operations (Ops). Instead of throwing applications “over the fence” blindly to operations, a fluid and much more effective DevOps process inserts transparency, efficiency and ownership into the art of developing, releasing and the production use of critical applications. It also binds the two traditionally siloed teams together. […]

Last but not least, 10+ Deploys Per Day: Dev and Ops Cooperation at Flickr (another presentation from a conference) is a real-world example of a large scale web site (Flickr) and how those practices are adopted.

When it comes to the DevOps ideas and concepts within Microsoft products, for what I can see, some customers really “get“ it, and would like to see more in this sense. For example I found this interesting blog post by James Dawson:

[…] The bulk of my work revolves around the Microsoft platform and to put it bluntly it is very much a second class citizen in terms of the available tooling.

Now I’ve fanned the flames, let me put some context around that. I don’t mean that as a criticism, in fact I view the status quo as an entirely natural result given where the movement grew out of and, to be frank, the mindset of the typical Microsoft IT shop. In a Microsoft environment there tends to be far greater reliance on big vendor products, whereas in the Linux/BSD world it is far more common to integrate a series of discrete tools into a complete tool chain that meets the needs for a given scenario. […]

I think James is right when saying this: he “gets” it, but we also have a vast user base of more “traditional” enterprise customers where the concepts have not been digested and understood yet. When it comes to traditional enterprises, what sometimes happens is well explained in this other article by Paul Krill:

[…] To protect the infrastructure, IT ops can put in place processes that seem almost draconian, causing developers to complain that these processes slow them down, says Glenn O'Donnell, an analyst at Forrester Research. Indeed, processes such as ITIL (IT Infrastructure Library) that provide a standardized way of doing things, such as handling change management, can become twisted into bureaucracy for its own sake. But sometimes, people "take a good idea too far, and that happens with ITIL, too." […]

And I think that is exactly one of the reasons why, even if many of our teams “get” it, we need to talk more of the DevOps culture in those places where it hasn’t arrived yet, so that these integrated products are more successful and can help them solve problems – because some of these customers haven’t yet realized that it takes a culture shift before these new tools can be adopted. DevOps does not have critical mass today, but could have it tomorrow. Even Gartner says:

[…] by 2015, DevOps will evolve from a niche strategy employed by large cloud providers into a mainstream strategy employed by 20% of the Global 2000 organizations”. […]

So, back to suggesting that Microsoft produces more of this “goodness”, James again writes:

[…] I want to see the values espoused by DevOps spread far and wide, including the quietest backwaters of corporate IT, where Windows, Office and IE 6 reign supreme. To that end, the Microsoft infrastructure community needs to take a similar approach as the .NET community did and start bringing some of the goodness that we see in the Linux world to the Microsoft platform in a way that facilitates adoption for all and actually takes advantage of the platform’s innate richness and strengths. […]

So do I. And, for what I can tell, we are actually trying to bridge gaps and push the culture shift – integrating APM in OpsMgr is definitely an effort in this direction. But it might take some time. Is it too an “utopian” a vision? I don’t think it is; I think we can get there. But it will take some time. As this other article was saying:

[…] The DevOps approach is so radical it will take some time to cross the chasm, and indeed it will be actively resisted by many organizations where it threatens traditional delivery models and organizational structures. […]

Let’s get Dev and Ops talking to each other, also in the Enteprise! I am all for it.

Disclaimer

The information in this weblog is provided "AS IS" with no warranties, and confers no rights. This weblog does not represent the thoughts, intentions, plans or strategies of my employer. It is solely my own personal opinion. All code samples are provided "AS IS" without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.
THIS WORK IS NOT ENDORSED AND NOT EVEN CHECKED, AUTHORIZED, SCRUTINIZED NOR APPROVED BY MY EMPLOYER, AND IT ONLY REPRESENT SOMETHING WHICH I'VE DONE IN MY FREE TIME. NO GUARANTEE WHATSOEVER IS GIVEN ON THIS. THE AUTHOR SHALL NOT BE MADE RESPONSIBLE FOR ANY DAMAGE YOU MIGHT INCUR WHEN USING THIS INFORMATION. If you want to see the official info from my employer about the topic above, go to http://www.microsoft.com/presspass/presskits/cloud/default.aspx

Operations Manager 2012 Release Candidate is out of the bag!

Go read the announcement at http://blogs.technet.com/b/server-cloud/archive/2011/11/10/system-center-operations-manager-2012-release-candidate-from-the-datacenter-to-the-cloud.aspx

This is the first public release since I am part of the team (I started in this role the day after the team had shipped Beta) and this is the first release that contains some direct output of my work. It feels so good!

Documentation has also been refreshed – it starts here http://technet.microsoft.com/en-us/library/hh205987.aspx

The part specifically about the APM feature is here http://technet.microsoft.com/en-us/library/hh457578.aspx

Enjoy!

IT-Related Articles

This page contaisn links to some of the technical IT articles I've written on the web in various periods of my life. They may go about Security Research or infrastructure or development, or how-to's or useful SQL Queries and Tools and scripts for System Center Operations Manager; some are translations to italian of some english security white papers or guides; they might be just rants or normal blog posts.

I collected them here to let them be found more easily, hoping that someone might find them interesting. Always keep in mind the period in which they are written, as my mind could – and probably has – changed on a variety of topics, with time!

2015
Monitoring SQL Backup Failures with Azure Operational Insights Search and Dashboards
How to collect text log lines in Azure Operational Insights thru Operations Manager (SCOM)

2014
Azure Operational Insights Search How To: Part I – How to filter big data
Azure Operational Insights Search How To: Part II – More on Filtering, using Boolean Operators, the Time Dimension, Numbers and Ranges
Azure Operational Insights Search How To: Part III – Manipulating Results: the pipeline “|” and Search Commands
Azure Operational Insights Search How To: Part IV – Introducing the MEASURE command
Azure Operational Insights Search HowTo: Part V – Max() and Min() Statistical functions with Measure command
Azure Operational Insights Search How To: Part VI – Measure Avg(), and an exploration of Type=PerfHourly
Azure Operational Insights Search How To: Part VII – Measure Sum() and Where command
W3C IIS Logs Search in Microsoft Azure Operational Insights
Useful Operational Insights Search Query Collection
IIS MP Event-Alerting Rules’s OpInsights Searches Equivalents
Anatomy of an Event Collection Rule for Azure Operational Insights (Advanced targeting when using OpsMgr attach)
How to collect Syslog events in Azure Operational Insights thru Operations Manager (SCOM)

2013
Microsoft Monitoring Agent, System Center Operations Manager and Visual Studio Application Insights
Programmatically create APM objects and configuration (w/ APM Explorer sample app)
System Center Advisor now supports Windows Azure Active Directory (formerly OrgID)
Custom Rule for selective APM Event collection (useful with multi-homing)
Alerting on ASP.NET Exceptions thru the Windows Azure Management Pack

2012
APM Agent Throttling settings and other APM Overrides in SC2012 Operations Manager
APM Configured Endpoints Report
 Event-to-Alert ratio, reviewing problems and understanding trends for APM data in OpsMgr 2012
All you need to know about APM “Transactions”
Custom APM Rules for granular alerting
APM object model

2011
Application Monitoring Architecture in OpsMgr 2012 Beta

2010
How to convert (and fixup) the RedHat RPM to run on Debian/Ubuntu
A few thoughts on sizing Audit Collection System

2009

one of Event 9 *Solutions* as a Expert Commentator to the 2009 Summer Scripting Games
Using the SCX Agent with WSMan from Powershell v2
Installing the OpsMgr 2007 R2 SCX Agent on Ubuntu
Get-WmiCustom (aka: Get-WMIObject with timeout!)
OpsMgr2007 Certificate Management via Command Line (coded the included script)
Cross Platform Monitoring in OpsMgr2007 R2 Release Candidate

2008

Programmatically Check for Management Pack Updates in OpsMgr2007 R2
CentOS Discovery in OpsMgr 2007 R2 beta
Testing System Center Cross Platform Extensions

2007

PowerShell and RegExp for log analysis
Create a script based unit monitor in OpsMgr2007 via the GUI

2006

Out-Blog: a sample PowerShell CmdLet using Windows Live Writer adapters

2005

Connecting to an IPv6 Tunnel Broker from behind an ISA 2004 Firewall (Eng)
– BlackHat Europe 2005 Review – with Interviews (Ita) – [broken link]

2004

BlackHat Europe 2004 Review – with Interviews (Ita) – [broken link] – Jeff Moss's Interview (Eng)
Honeynet Project' "Scan Of The Month" (SOTM) 30 – (IT Virtual Community Team)
Honeynet Project' "Scan Of The Month" (SOTM) 30 – (IT Virtual Community Team) a mirror (the honeynet site does not have the complete wiki anymore)

2003

BlackHat Europe 2003 Review – with Interviews (Ita) – [broken link] – Lance Spitzner's Interview (Eng)
What About Netware? (Eng – 1st version)
HONEYTAGS: Honey Power for the masses – ITVC version (Ita) – [broken link] – Worms researched from logs of production systems and honeypots
Honeynet Project' "Scan Of The Month" (SOTM) 29 – (Daniele Muscetta)
Simple honeynet with OpenBSD (italian translation of a paper by Christopher J. Reining) – [broken link]