How To
      Back to home
      1. Knowledge Base | OpsLogix
      2. VMware Management Pack
      3. How To

      KB: Setup a VMware Monitoring Account

      This article shows you how to create a VMware monitoring account with sufficient permissions for the VMware Management Pack.

      Setting up the VMware Monitoring Account

      The OpsLogix VMware Management Pack requires Top level read-only permissions on vCenter or ESX(i) host(s) for monitoring to work correctly. If you do not have a suitable VMware account/login for monitoring, you can create a monitoring account by using the steps below. The example below configures the user OpsLogixMonitoring for the VMware monitoring.

      Note: The steps below do not apply for monitoring a direct attached ESX(i) host without VCenter.  In case of a direct attached host you must use the vSphere Client to configure the appropriate permissions.  For more information see: http://kb.VMWare.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2082641

      Create a special user:

      Navigate to “Menu -> Administration-> User and Groups”. (see step 1 and 2 in the picture below) Select the correct domain and create the new user ‘OpsLogixMonitoring’. (see step 3 and 4 in the picture below.) 

      vmware_mp_config_7             

      Apply the user information for the user ‘OpsLogixMonitoring’ and press add (see step 1 and 2 in the picture below). 

      vmware_mp_config_8

      Create a special user role:

      Navigate to “Menu -> Administration-> Roles” and create a clone of the Read-only access role (See step 1, 2, 3 and 4 in the picture below).

      vmware_mp_config_9

      Apply a role name and create the special role. (See step 1, 2 in the picture below).

      vmware_mp_config_10

      Click on the newly created read-only clone and then click Edit. (See step 1, 2, 3 and 4 in the picture below).

      vmware_mp_config_11                 

      Next, select the “Validate session” privilege and save change made. (See step 1, 2 and 3 in the picture below)

      vmware_mp_config_12

      Assign the User at TopLevel using the special User Role:

      Navigate to “Menu -> Administration-> Roles” to add the new created user. (See step 1, 2 and 3 in the picture below)

      vmware_mp_config_13

      Select the just created user and select the just created special role. (See step 1, 2 in the picture below). Enable ‘Propogate to childeren’ to give Toplevel access and save it. (See step 3, 4 in the picture below)  

      vmware_mp_config_14

      Appliance Monitoring

      If you import the "Opslogix IMP - VMware Appliance Monitoring" and intend to use this you have to add the monitoring account you created above to a specific group in vSphere Client. You need to do this so that the monotoring account gets access to the Appliance API which has other permissions than the normal Global Permission assignments.

      The group you need to add the monitoring account to is "SystemConfiguration.Administrators". You add the monitoring account by go to "Users and Groups" in vSphere Client and find the group and add the user by modifying the group. More how to handle groups in vSphere Client is found here: https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-authentication/GUID-CDEA6F32-7581-4615-8572-E0B44C11D80D.html