Why did we build Centralized Advanced Event Viewer for BizTalk Administration?

06.02.2018

Why do we need this feature?

When it comes to troubleshooting operational problems in BizTalk Server, the first place the BizTalk administrator or support person will look is the standard BizTalk Admin Console. Once if they can't find anything obvious in the Admin Console, their next point of search will be the Event Viewer in the physical BizTalk Server machines and sometimes in the SQL Server machines.

Here are few challenges with this approach -

Correlating events across multiple BizTalk/SQL Servers: A typical BizTalk Enterprise production environment will have at least 2 BizTalk servers and 2 SQL servers to make the environment highly available. If there is a problem, you need to look into the Windows Event Viewer of each server and try to correlate and nail down the problem. This is time consuming.

Security Challenge - Administrator Access to BizTalk/SQL Servers: If you want to have access to Event Viewers in Windows Servers, then you need to have pretty much Administrator rights on the server(s). This is something that the organization needs to avoid.

Too much noise in the Event Viewer: Generally, every single problem or logging that happens in Windows Servers goes into the Event Viewer. Even though Event Viewer has the concept of Categories, it will still be noisy and the Administrator needs to have enough knowledge to understand what they are looking for in the Event Viewer. This could be a potential time loss exercise.

What is the current limitation in BizTalk Server?

BizTalk Server out of the box does not have any special tooling to address this challenge. It simply relies on Administrators to use the standard Windows Event Viewer MMC snap in. This will result in all the three challenges highlighted in the previous section. What this means is that people have gotten adapted to certain ways of solving the problems and Microsoft BizTalk Server lacks the proper tooling to address the challenge.

How does BizTalk360 solves this problem?

BizTalk360 comes with a key feature called "Centralized Advanced Event Viewer". It periodically collects the events that are related to BizTalk (out of the box we collect certain Event Log Categories, Administrators can also add additional categories) from all the BizTalk and SQL servers in the environment and store them in a central database. The collected data is then searched and then made viewable in the BizTalk360 web based user interface.

This approach seamlessly solves all the problems we highlighted previously. The BizTalk Administrators or support people need not physically access the servers via RDP (remote desktop) connection. They can easily correlate events in a single place and construct complex filters like for example: events related to Enterprise SSO across all the BizTalk Servers for a time range.

What is the business value?

Address Security Concerns: Businesses do not want too many people logging on/off into their production servers with highest privileges during business hours. This can be rectified using BizTalk360 Advanced Event Viewer.

Reduce time to diagnose issue: It's much faster to look into the reason for errors in one place rather than looking at many places and try to correlate events. This dramatically reduces the time it takes to solve the problem. In a typical BizTalk Server troubleshooting exercise, this is how the operations/support person loses a ton of time.