Skip to content

Monitoring

Azure Monitor

Azure Monitor is based on a common monitoring data platform that enables you to view, analyze and work with data gathered from your resources.

All data collected by Azure Monitor fits into one of two fundamental types : metrics and logs.

  • Metrics are numerical values that describe some aspect of a system at a particular point in time.
    • Metrics are lightweight and capable of supporting near-real-time scenarios like priority alerts and responding to critical issues.
  • Logs contain different kinds of data organized into records with different sets of properties for each type.
    • Data like events and traces are stored as logs along with performance data so all the data can be combined for analysis.
    • Azure Monitor activity logs are kept for 90 days.

Features - Capabilities

Azure Monitor provides features and capabilities in three areas :

Azure Monitor gathers numerical metric values from your Azure resources.
Azure Monitor offers different methods for viewing your metric data to help you understand the health, operation, and performance of your system.

Azure Monitor Logs (Log Analytics) generates activity logs, diagnostic logs, and telemetry information from your monitoring solutions.
The service provides analytics queries that you can use to help with troubleshooting and visualizations of your log data.

  • Handles a variety of data types and sources including Azure, On-remises and other clouds.
  • Provides powerful analytics capabilities for querying data with Kusto Query Language.
  • Data can be used for complex alerting, analytics, visualizations, dashboards and integration with other services.
  • Azure Monitor log data is organized in tables. Some query tables :
    • Event : Windows Event Logs.
    • Syslog : Linux Syslog .
    • Heartbeat : Agents Logs.
    • Alert : Alert rules.
    • MyLog_CL : Custom Logs.

Azure Monitor lets you set up alerts for your gathered data to notify you when critical conditions arise.
You can configure actions based on the alert conditions, and take automated corrective steps based on triggers from your metrics or logs.

Metrics support near-real-time scenarios like priority alerts and responding to critical issues.

Implementing Alerts & Actions

Alert Rule : Consists of Resource, condition, actions type and alert details.

  • Resource :
    • The target resource to be used for the alert rule.
    • It's possible to assign multiple target resources to a single alert rule
  • Condition :
    • The signal type to be used to assess the rule. The signal type can be a metric or logs.
    • The alert logic applied to the data that's supplied via the signal type.
  • Actions :
    • The action, like sending an email, sending an SMS message, or using a webhook.
    • An action group, which typically contains a unique set of recipients for the action.
  • Alert Details : Incident management capabilities including alert logging, severity and reporting.
    • An alert name and an alert description that should specify the alert's purpose.
    • The alert state is manually set by the user and does not have any automated logic behind it. The alert state can be either New, Acknowledged or Closed.

Azure Workbooks - Insights

Azure Workbooks, a feature of Azure Monitor, provide a flexible canvas for data analysis and the creation of rich visual reports within the Azure portal.
Customers use Workbooks to explore the usage of an application, to do root cause analysis, put together an operational playbook and many other tasks.

The real power of Workbooks is the ability to combine data from disparate sources within a single report. You can create composite resource views or joins across resources enabling richer data and insights that would otherwise be impossible.
Consider Azure Workbooks to investigate the root cause analysis of incidents and put together an operational playbook for your team.

Azure Monitor Insights can help you identify performance issues in your architecture. Consider these characteristics about insights :

  • Azure insights provide a customized monitoring experience for particular applications and services.
  • Azure insights collect and analyze both logs and metrics.
  • Many insights are provided as features of Azure Monitor : Application/Container/RG/Storage...

Network Watcher

Network Watcher provides tools to monitor, diagnose, view metrics and enable or disable logs for resources in an Azure virtual network.
Network Watcher is a regional service that enables you to monitor and diagnose conditions at a network scenario level.

  • Automate remote network monitoring with packet capture. Trigger packet capture by setting alerts and gain access to real-time performance information at the packet level.

  • Gain insight into your network traffic using flow logs. Build a deeper understanding of your network traffic pattern using NSG flow logs.

  • Diagnose VPN connectivity issues. Network Watcher provides you the ability to diagnose your most common VPN Gateway and Connections issues.

    • Allowing you, not only, to identify the issue but also to use the detailed logs created to help further investigate.

Features

Network Watcher Topology lets generates a visual diagram of the resources in a virtual network and the relationships between the resources.

The IP Flow Verify purpose is to check if a packet is allowed or denied to or from a virtual machine.
For example, confirming if a security rule is blocking ingress or egress traffic to or from a virtual machine.

To determine if traffic is being directed to the intended destination. Next hop information will help determine if network routing is correctly configured.

IT Service Management Connector

ITSM Connector allows you to use Log Analytics, Azure Monitor and other Azure services to detect, troubleshoot and analyze problems with Azure and non-Azure resources such as on-premises resources.

An ITSMC provides a bi-directional connection between Azure and allows System Center to see issues with Azure resources.

Azure Data Explorer can help enhance your monitoring solution.