How to Monitor Active Directory with OpenTelemetry
We’re excited to announce that we’ve recently contributed Active Directory Domain Services (abbreviated Active Directory DS) monitoring support to the OpenTelemetry collector. You can check it out here!
You can utilize this receiver in conjunction with any OTel Collector, including the OpenTelemetry Collector and observIQ’s distribution of the collector.
Below are steps to get up and running quickly with observIQ’s distribution and shipping Active Directory DS metrics from Windows to a popular backend: Google Cloud Monitoring. You can find out more about it on observIQ’s GitHub page.
What signals matter?
Monitoring an Active Directory DS instance can be daunting, but we’ve focused the performance metrics on just a few key components:
- The Directory Replication Agent (DRA)
The Directory Replication Agent controls the replication of domains across multiple domain controllers. This component is essential for keeping your directory data safe and available during outages.
- LDAP
LDAP (Lightweight Directory Access Protocol) is used to access your directory. The performance of this component is critical to accessing data in your directory over the network.
- The Domain Controller
The domain controller itself manages directory data. The performance of this component is critical to accessing the data in your directory.
A table with the complete list of the Active Directory metrics automatically tracked with OpenTelemetry can be found at the end of the article, but first, let’s install the collector!
Related Content: How to Install and Configure an OpenTelemetry Collector
Installing to the Source
You'll need to do that first if you don’t already have an OpenTelemetry collector built with the latest Active Directory receiver installed. We suggest using observIQ’s distribution of the OpenTelemetry Collector, which includes the Active Directory receiver (and many others) and is simple to install with our one-line installer.
Configuring the Active Directory DS receiver
After the installation, the config file for the collector can be found at
- C:\Program Files\observIQ OpenTelemetry Collector\config.yaml
Edit the configuration file and use the following configuration.
1receivers:
2 active_directory_ds:
3 collection_interval: 60s
4
5exporters:
6 googlecloud:
7 namespace: "active_directory"
8
9service:
10 pipelines:
11 metrics:
12 receivers:
13 - active_directory_ds
14 exporters:
15 - googlecloudIn the example above, the Active Directory DS receiver configuration is set to:
- Receive Active Directory metrics from the Windows performance counters.
- Set the time interval for fetching the metrics. The default value for this parameter is 10s. However, if metrics are exported to Google Cloud operations, this value should be set to 60s.
- Export metrics to Google Cloud.
- By default, the version of the Google Cloud exporter provided with the observIQ collector exports as the “generic_node” resource.
- “node_id” is the hostname of the machine the collector is running on.
- “location” is “global” as default.
- “namespace” is the default hostname of the machine. We override the default namespace and set it to “active_directory”.
- You can view the full range of configuration options for observIQ’s version of the Google Cloud exporter here.
Related Content: OpenTelemetry in Production: A Primer
Viewing the metrics
You should see the following metrics exported to Metrics Explorer:
To view the metrics, follow the steps outlined below:
- In the Google Cloud Console, head to Metrics Explorer.
- Select the resource as a generic node.
- Follow the namespace equivalent in the table above and filter the metric to view the chart.
Broken image
observIQ’s distribution is a game-changer for companies looking to implement the OpenTelemetry standards. The single-line installer, seamlessly integrated receivers, exporter, and processor pool make working with this collector simple. Follow this space to keep up with all our future posts and simplified configurations for various sources. For questions, requests, and suggestions, contact our support team at support@observIQ.com.
Slack
GitHub
x.com
LinkedIn