Chapter 4

Azure Monitor

Overview

Microsoft released Application Insights in public preview in April 2015 to provide clients deploying applications in Azure with deeper insights into each application’s performance. In September 2016, Microsoft released Azure Monitor in public preview. At the start, Azure Monitor included capabilities to gather, monitor (using shared dashboards), analyze, and alert on activity logs, resource metrics, and diagnostic logs.

Over time, Microsoft has consolidated Application Insights, Log Insights, and Azure resource monitoring into Azure Monitor. Microsoft has also extended Azure Monitor’s capabilities, third-party integrations, and available metrics and integrations across Azure resources.

Key benefits

Azure Monitor enables you to monitor all your Azure applications, virtual machines (VMs), and other deployed services. It offers a number of key benefits, as follows:

  • Automated log collection and monitoring of Azure resources

  • Deeper insights into application performance for optimization

  • Automated alerts sent to resource owners for action

  • DevOps integration for continuous monitoring

  • Automated action to address critical issues

  • Pay-as-you-go, requiring no upfront investment

  • Custom dashboards to meet every requirement

  • Integration with other Microsoft services, such as Power BI, for centralized dashboards across the organization

  • Considerable third-party integrations to extend capabilities

Figure 4-1 provides a high-level overview of the key capabilities of Azure Monitor. As you can see, Azure Monitor supports the integration of various data sources for log, event, and metrics collection. You can gain deeper insights into different Azure resources, create visualizations using various built-in tools and integrated services, analyze data to respond with alerts and automated actions, and export data into other third-party solutions you might have in your environment.

An illustration showing all the key capabilities of Azure Monitor covering the different services available for insights, visualizations, analysis, response, and integration.

FIGURE 4-1Key capabilities of Azure Monitor.

Concepts and considerations

Now that you have a basic overview of the features and benefits of using Azure Monitor in your environment, let’s discuss the following:

  • The types of data you can collect using Azure Monitor

  • How to set up the data-collection process

  • Available data-visualization options

  • How alerts and automated actions work

  • Options to integrate this service to extend its functionality

Data types

Azure Monitor supports three data types, as follows:

  • Metrics

  • Log data

  • Distributed traces

Each data type helps Azure Monitor piece together a picture of the overall health of an Azure environment. Collecting and analyzing these data types is critical to gain deeper insights into the performance and availability of your Azure resources and to proactively take actions to avoid outages.

Metrics

Metrics are resource values collected at particular points in time, indicating system performance for monitored services or events. You define the interval at which these numerical values are captured, along with associated values that include the data and timestamp, the name of the metric, and labels that help define the metric. Metrics help reveal trends that you can analyze to identify performance bottlenecks or areas that require deeper analysis for a resource.

Azure uses a time-series database to store and optimize metrics, as this type of database is best suited to host this kind of data. Once combined with other data types, such as logs, you can better identify root causes of issues. Metrics are lightweight data points and therefore are ideal for use in Dashboards for real-time health monitoring of resources that are critical for your environment. (See Figure 4-2.)

An illustration showing how metrics captured help in generating dashboards with data points for real-time health analysis.

FIGURE 4-2Real-time health monitoring with dashboards using metrics.

Log data

Every system, including VMs, storage, network infrastructure, and other Azure services, generates logs that capture changes, issues, and errors. Logs can contain numerical or text data. In the context of Azure, you can store logs in a Log Analytics workspace (see Figure 4-3) and use Azure Monitor to analyze them for specific events or errors that are of interest. You can also perform queries against log data to identify the root cause of issues or to pre-empt issues for remedial action. Finally, you can set up alerts against logged data that help you proactively respond to issues before users are affected.

NoteLogs are ideal for root cause analysis and error monitoring.

An illustration showing logs collected being analyzed using Log Analytics in Azure Monitor.

FIGURE 4-3Log Analytics.

Distributed traces

A distributed trace is when a system traces a user request across a distributed environment and is used to identify and analyze any bottlenecks or other issues in your environment. Distributed systems contain a number of individual components; distributed traces help correlate logs generated by these individual components in the application stack. You use the Application Insights SDK to enable distributed tracing and define where to store trace data. You can then analyze trace data, along with other log data, and create dashboards, custom queries, and alerts for monitoring.

Data collection

Now that you have a better understanding of the different data types supported by Azure Monitor, let’s look at the different ways Azure Monitor can collect data. Azure Monitor supports a range of data sources, including the following:

  • Subscription-level activity and monitoring logsAzure collects subscription-level activity logs that track the creation, modification, and deletion of resources, along with other operational and management activities that you perform on all resources.

  • Azure service-level monitoring logsThese apply to services such as Azure Active Directory, which are built and managed by Microsoft when you create a new subscription and Azure tenant. These logs help you keep track of the health status of these services.

  • Resource-level metrics and logsAzure collects metrics and enables you to collect logs for all resources you create in your Azure subscription. These track the performance and health of individual resources created within your Azure subscription.

  • Azure guest VM OS performance and diagnostic logsYou can use Azure Monitor to collect basic performance logs after you create a VM in Azure. You can even install an Azure Monitor agent on the VM to capture detailed performance metrics, logs, and events to gain deeper insights into the VM.

  • On-premises VM/server or other cloud-hosted guest VM performance and diagnostic logsAs with Azure VMs, you can install the Azure Monitor agent on VMs or servers hosted on-premises or in other cloud environments to gather performance and diagnostic logs to monitor and manage those resources.

  • Application performance metrics and diagnostic logsApplication Insights allows you to send extensive performance and logging data to Azure Monitor for monitoring, analysis, and alerting. This includes granular information such as page views, application requests, and application exceptions encountered during runtime.

  • Custom sourcesAzure Monitor supports data collection from any REST client using the Data Collector API. This allows you to monitor resources that do not support the use of Azure Monitor agents or integration with Application Insights.

Once collected, data from all these sources can be directly written to the Azure Monitor metrics database and/or the Log Analytics workspace database. Alternatively, you can store this data in Azure Storage accounts; Azure Monitor can then ingest it from there.

Azure Monitor supports various methods for data ingestion:

  • Application InsightsApplication Insights requires you to integrate your application with the service using the Application Insights SDK to gather rich user and application data, logs, and metrics.

  • Agents on VMs and physical serversYou can deploy the Log Analytics or Azure Monitor agent on VMs or physical servers to gather deeper insights into performance, logs, and events.

  • Diagnostic settings on Azure ResourcesYou can define diagnostic settings on Azure resources that send logs and metrics to various destinations, such as Azure Storage, a Log Analytics workspace, Azure Event Hubs, or an integrated partner solution.

Data segregation

Azure Monitor can collect many different types of data. But it has to organize all these different types of data into logical structures—not only for easy retrieval but also to maintain data separation between clients, resources, and environments.

The data segregation logic built into the Azure Monitor service ensures that all data is tagged with the associated workspace, and that all tagging is preserved for the entire data lifecycle. Every client tenant has a dedicated database instance in a storage cluster in the Azure region used by the service.

ImportantAzure Monitor complies with international standards such as ISO/IEC 27001, PCI DSS, HIPAA, HITECH, and many others. For an up-to-date list of certifications, see the Microsoft Trust Center. Here, you can determine whether the service adheres to any other specific compliance measures required by your organizations.

Data retention

The Azure Monitor service retains all indexed log data and collected metrics based on the selected pricing tier:

  • Free tierIn this tier, all collected and indexed data is retained for seven days.

  • Paid tierIn this tier, all collected and indexed data is retained by default for 31 days. You can extend this to 730 days.

In addition, all data from the previous two weeks is stored in SSD-cache for fast retrieval.

Data redundancy

All data is replicated within the local Azure region using locally redundant storage (LRS), thereby providing some level of redundancy for your environment.

Data security

By default, Azure Monitor collects data from Azure services and resources over TLS 1.2-encrypted connections. Moreover, all data is encrypted at rest, as is all data held in SSD cache. This ensures that data is protected at every stage; there are no vulnerable areas for attack in throughout the entire data lifecycle.

NoteData encrypted at rest uses Microsoft-managed keys, although customers have the ability to use their own keys.

In addition, once data is ingested by the service, it is stored as read-only in the database. Although you can delete data using the Azure Monitor APIs, you cannot alter it. If you don’t want any data to be deleted, you can export it to an Azure Storage account that is set to prevent data deletions.

Data visualization

Azure Monitor provides two types of built-in visualizations, which allow you to monitor various Azure resources at a glance: curated visualizations and insights.

Curated visualization

Curated visualizations are limited in scope to a particular service or set of services. You can use them without having to configure them first. Examples of curated visualizations include the metrics that become visible when you click a specific Azure resource such as a VM (see Figure 4-4) or Azure Storage account (see Figure 4-5).

A screenshot is showing the CPU (Average), Network (Total), Disk Bytes (Total), Disk Operations/Sec (Average), and Available Memory Bytes (Preview) metrics for an Azure VM for the last six hours.

FIGURE 4-4Azure VM metrics.

A screenshot is showing the Total Egress, Total Ingress, Average Latency, and Request Breakdown metrics for an Azure Storage for the last day.

FIGURE 4-5Azure Storage metrics.

Insights

Insights are larger scalable visualizations that focus on specific resources, such as web apps, VMs, and container services. These require integration and customization but provide deeper and richer insights. Microsoft provides several Insights tools, including Application Insights, Container Insights, VM Insights, Network Insights, Storage Insights, and many others. Four Insights that can help you monitor your environment include the following:

  • Application InsightsApplication Insights provides a deep understanding of an integrated web application’s performance, availability, usage, bottlenecks, and exceptions. The web application can be hosted anywhere, including on-premises and other cloud environments. You use the Application Insights SDK to enable Application Insights configuration for your web applications and configure it to monitor and stream the required parameters to Azure Monitor for analysis. Application Insights integrates with Visual Studio to support DevOps scenarios.

  • VM InsightsVM Insights enables you to monitor the performance and health of numerous VMs at once and to identify dependencies on external endpoints that impact the performance of a particular VM. You can use VM Insights for VMs hosted in Azure, on-premises, or in other cloud environments.

  • Network InsightsNetwork Insights (see Figure 4-6) monitors the health of the various network endpoints running in your environment, including VPN gateways, VPN connections, private endpoints, virtual networks, and so on. You can also use Network Insights to monitor connection health and traffic flow logs for the different network security groups (NSGs).

A screenshot is showing the Network Health tab that shows the health of the ER and VPN Connections, Local Network Gateways, Network Security Groups, Private Endpoints, Virtual Network Gateways, and Virtual Networks.

FIGURE 4-6Network Insights.

  • Storage InsightsStorage Insights monitors the health of the various storage accounts running in your Azure subscriptions. With Storage Insights, you can easily monitor key metrics, such as the following:

    • Transactions

    • Transactions Timeline

    • E2E Latency

    • Server Latency

    • Client Errors

You can also monitor the capacity of various storage accounts to proactively identify any that are reaching their maximum thresholds. Figure 4-7 shows a Storage Accounts Insights dashboard.

A screenshot is showing the Overview tab of Storage Insights that shows the Transactions, Transactions Timeline, E2E Latency, Server Latency, and other metrics for multiple storage accounts.

FIGURE 4-7Storage Insights.

Dashboards

Azure enables you to build customized dashboards using different data sources and data types and display them in the Azure Portal for easy viewing. You can also share your custom dashboards with other Azure users, providing a consistent view of critical resources across your IT team. Essentially, when creating a dashboard, you select tiles that contain the different data types from the different data sources for display. You can then size them and align them based on your requirements.

Figure 4-8 shows a sample dashboard that contains the following information:

  • All the resources present in the tenant

  • Average CPU credits consumed by some VMs

  • Average memory available in bytes for those VMs

  • Average CPU percentage usage for those VMs

  • User sign-in graph for the past few days

  • Secure Score metric

  • Service Health and Marketplace shortcut tiles

A screenshot is showing a dashboard called My Dashboard that is showcasing different metrics including the different resources set up in the subscriptions, Avg CPU Credits Consumed in the West US region, Users Sign-ins in the Past 24 Hours, Avg Available Memory Bytes in the West US Region, and Avg Percentage CPI in the West US Region for that subscription.

FIGURE 4-8Azure Monitor dashboards.

Workbooks

You can use Azure Workbooks to generate rich and interactive visual reports from multiple data sources. You can base these reports on publicly available templates that have been pre-configured to contain key metrics or start with a blank canvas and create your own. You can customize, save, and reuse templates as necessary. Figure 4-9 shows a list of the templates that are publicly available at the time of this writing, while Figure 4-10 shows the output of the Performance Analysis template.

A screenshot is showing some of the Public templates available in the Azure Portal.

FIGURE 4-9Azure Workbooks templates.

A screenshot is showing the output of the Performance Analysis template that is showing different metrics for the Top 10 machines including CPU Utilization %, Available Memory Bytes Sent Rate, and Bytes Received Rate.

FIGURE 4-10The Azure Workbooks Performance Analysis template.

Power BI

Microsoft has integrated Power BI with Azure Monitor. So, you can easily import logs from Azure Monitor into Power BI to create rich, interactive visualizations. A full-fledged business analytics service, Power BI offers extensive capabilities to create queries, custom dashboards, and reports based on your organizational needs.

Third-party integrations

Azure Monitor integrates with several types of third-party solutions. For example:

  • IT service-management (ITSM) solutionsYou can connect Azure to your ITSM tool to automatically create tickets and to manage the lifecycle of the ticket. The Microsoft site contains an extensive list of supported ITSM products, which continues to grow as more integrations come online.

  • Azure Monitor partner integrationsAzure Monitor supports integration with partner solutions to either extend capabilities provided by Azure Monitor or export logs stored in Azure Monitor to their systems.

Data export

Azure Monitor integrates with other Azure services, such as Event Hubs and Logic Apps, to export data to other Azure services or to third-party solutions such as SIEM or monitoring tools. You can also integrate with APIs exposed by the service for direct integration and data export. Here are a few points to keep in mind:

  • When using Logic Apps with Azure Monitor, you can set up automated tasks and workflows that export data from Azure Monitor and import it into other services or solutions.

  • When using Azure Event Hubs, you can transform, store, and stream Azure Monitor data to third-party SIEM and monitoring tools.

  • When leveraging the APIs provided by Azure Monitor, you can read all the captured logs and metrics and alerts generated in Azure Monitor and import them into your existing monitoring solution or SIEM tool for analysis.

Alerts

Alerts are a key feature in any monitoring solution. After you have collected all the required data, identified all the events and metrics you want to monitor, and selected appropriate thresholds to accurately identify issues in your environment, you need some mechanism to inform you when events are triggered and metric thresholds are met. In Azure Monitor, this mechanism is the alert.

With Azure Monitor, you can define alert rules that identify the targeted resources, targeted metrics or events, thresholds, and frequency to determine whether to initiate some action you specify. An action is defined as part of an action group. This can include automated actions to remediate the alert, such as stopping, starting, or restarting the resource; scaling the resource in or out; triggering an automation runbook; or logging tickets in an integrated ITSM tool. Along with these automated actions, you can also define other action groups, such as one to alert responsible administrators, via email, SMS, or voice calls, of the need for manual intervention or monitoring to ensure automated actions have been correctly performed.

Azure Monitor walkthrough

The following sections walk you through the process of using Azure Monitor to create an alert rule to monitor the CPU usage of a VM, create a Log Analytics workspace, configure Azure VM monitoring, set up Azure VM Insights alerts, configure Azure Storage monitoring, and running queries on Azure Storage.

ImportantIf you are following along, you’ll want to select resources and unique resource names based on your environment for each of your deployments.

ImportantIf you are following along, delete any unwanted resources after you have completed testing to reduce charges being levied by Microsoft for these resources.

ImportantBefore you begin, create a VM and let it run for a few hours so you can gather some usage metrics. Also create an Azure Blob Storage account and upload a few test documents before and after setting up monitoring to capture usage logs.

Using The Azure Portal

To set up and use Azure Monitor using the Azure Portal, follow these steps.

Create Metrics Alerts

  1. Log in to the Azure Portal, and browse to the VM you created in your Azure environment for the purposes of this walkthrough.

  2. In the left pane of the VM’s configuration blade, under Monitoring,click Metrics. (See Figure 4-11.)

    This figure shows a screenshot of the Monitoring section with the different sections available as Insights, Alerts, Metrics, Diagnostic Settings, Logs, Connection Monitor (Classic), and Workbooks. The Metrics section is selected.

    FIGURE 4-11Select Metrics under Monitoring.

    A default metrics visualization opens in the right pane. (See Figure 4-12.) This visualization contains the following options:

    • Add MetricClick this button to add metrics to the visualization.

    • Line ChartClick this button and choose a different view for the visualization from the drop-down list that appears. The options are Area Chart, Bar Chart, Scatter Chart, and Grid.

    • Drill Into LogsClick this button to dig deeper into the logs captured for this resource for a better understanding of the metrics that you are viewing. (This feature is currently in preview, so we will not dive into it here, as its functionality is subject to change.)

    • New Alert RuleClick this button to set up a new alert rule for this metric. You will learn how to do this in a moment.

    • Save to DashboardClick this button to pin this metric visualization to a dashboard or send it to a workbook.

    • MetricsClick this to change the metric displayed in the visualization. The metric shown in Figure 4-12 is Source VM CPU Credits Consumed Avg.

      This figure shows a screenshot of the graph with the average CPU Credits Consumed for Source VM, with the Line Chart, Drill into Logs, New Alert Rule, and Save to Dashboard buttons on the top right. The CPU Credits Consumed is mentioned as 1.09m with a pick at 0.03 as represented on the graph.

      FIGURE 4-12Avg CPU Credits Consumed for Source VM.

  3. Click the New Alert Rule button.

    The Create an Alert Rule wizard starts with the Condition tab displayed. (See Figure 4-13.) Depending on your needs, you can do one of the following:

    • Leave the settings in the Conditiontab as is.

    • Click the Add Conditionbutton and follow the prompts to add a new condition for the rule to assess along with the current one.

    • Click the link for the condition in the Condition Namelist to edit the condition.

NoteThe Scope tab is automatically populated with the details of the VM you selected.

This figure shows a screenshot of the Create an Alert Rule wizard with the Scope, Condition, Actions, Details, Tags, and Review + Create sections. The Condition section is selected showing the Condition name as Whenever the Average CPU Credits Remaining Is Greater Than < Logic Undefined and details such as Time Series Monitored mentioned as 1, the Estimated Monthly Cost in USD mentioned as $0.10, with the total estimated monthly costs in USD below.

FIGURE 4-13Create an alert rule.

For this exercise, we will edit the condition.

  1. Click the link for the condition in the Condition Name list.

    The Alert Logic section of the Configure Signal Logic dialog box offers different options depending on what you select as the Threshold setting. We will explore these different settings now.

  2. In the Alert Logic section, under Threshold, click Static.

    You’ll see the settings shown in Figure 4-14. You don’t need to change any of these settings; we are simply going to review them here:

    • OperatorThe options in this drop-down list are Greater Than, Less Than, Greater Than or Equal To, and Less Than or Equal To.

    • Aggregation TypeThe options in this drop-down list are Average, Maximum, Minimum, Total, and Count.

    • Threshold ValueHere, you enter the threshold value to monitor against.

    • UnitThis is where you select the threshold unit.

    • Aggregation Granularity (Period)This defines the period over which the aggregation points will be grouped for analysis.

    • Frequency of EvaluationThis is where you specify how often the rule should be triggered.

    This figure shows a screenshot of the Configure Signal Logic tab with the conditions that can be selected. The first part of the page is related to the graph of CPU credit consumed over a period (over the last six hours, for example). The second part of the page is related to the Alert logic that can be set up. Threshold is selected on static, the Operator conditions is filtered in as greater than, the Aggregation type is filtered on average, the threshold value is filtered on 80, and Unit condition is filtered on count. The Condition Preview displays below the conditions previously selected, such as in this case: Whenever the Average CPU Credits Consumed Is Greater than 80. The Evaluated Based On condition takes into consideration the Aggregation Granularity (Period) condition, which is filtered on 15 minutes, and the Frequency of Evaluation condition, which is filtered on every 15 minutes.

    FIGURE 4-14Configure Signal Logic Static Threshold settings.

  3. In the Alert Logic section, under Threshold, click Dynamic.

    You’ll see the settings shown in Figure 4-15. For this exercise, we will create a dynamic threshold, so you will change these settings as outlined here.

    • OperatorThe options in this drop-down list are the same as for the Static Threshold settings. For this example, choose Greater or Less Than.

    • Aggregation TypeThe options in this drop-down list are the same as for the Static Threshold settings. For this example, choose Average.

    • Threshold SensitivityThe options in this drop-down list are High, Medium, and Low. For this example, choose Medium.

    • Aggregation Granularity (Period)This option is the same as for the Static Threshold settings. For this example, choose 5 Minutes.

    • Frequency of EvaluationThis option is the same as for the Static Threshold settings. For this example, choose Every 5 Minutes.

    The figure shows a screenshot of the Alert Logic tab, filtered on the Dynamic option, the Operator is set on Greater or Less Than, the Aggregation Type is set on Average, the Threshold Sensitivity is set on Medium. The Condition Preview below displays the conditions previously selected. The conditions on Evaluated Based On Aggregation granularity is set on 5 Minutes and the Frequency of Evaluation is set on Every 5 Minutes.

    FIGURE 4-15Configure Signal Logic Dynamic Threshold settings.

  4. Click Advanced Settings, enter the following information, and click OK. (See Figure 4-16.)

    • Number of ViolationsThis number specifies how many violations should occur before the alert is triggered. For this exercise, choose 4.

    • Evaluation PeriodThis indicates the timeframe during which the specified number of violations must occur to trigger an alert. In this case, choose 20 Minutes.

    • Ignore Data BeforeTo begin monitoring for the alert conditions at some date and time in the future, select this check box and choose the desired date and time. We’ll leave this unchecked in this case.

    The Advanced Settings section is showing the Number of Violations to trigger the alert set on 4 and the Evaluation Period set on 20 minutes. The Ignore Data Before condition is not having date selected.

    FIGURE 4-16Configure Signal Logic Dynamic Threshold settings.

  5. Back in the Condition tab of the Create an Alert Rule wizard (see Figure 4-17), click Next.

    The figure shows a screenshot of the Condition tab with the Condition Name ticked with the condition previously set up mentioned as Whenever the Average CPU Credits Consumed Is Greater Than 80. The Time Series Monitored is still set up on 1 and the Estimated Monthly Cost is $0.10.

    FIGURE 4-17Back to the Condition tab of the Create an Alert Rule wizard.

    In the Actions tab of the Create an Alert Rule wizard (see Figure 4-18), you can select an existing action group or create a new one. In our case, we will create a new one.

    The figure shows a screenshot of the Actions tab selected with the Add Action Groups and the Create Action Group buttons. No Action Group Name has been created yet.

    FIGURE 4-18Actions tab.

  6. Click the Create Action Group button.

  7. In the Basics tab of the Create an Action Group wizard (see Figure 4-19), enter the following information. Then click Next.

    • SubscriptionSelect the subscription you want to use to create the action group.

    • Resource GroupSelect the resource group you want to use to create the action group. Alternatively, click the Create New link and follow the prompts.

    • Action Group NameType a unique name for the action group.

    • Display NameType a unique display name for the action group. This can contain a maximum of 12 characters.

    The figure shows a screenshot of the Basics section the Create an Action Group wizard. The project details are mentioned as the Subscription set as Pay-As-You-Go, and the Resource Group set as RG01. The Instance details are mentioned as Action Group Name as ActionGroup-Email and the Display Name mentioned as AG-Email.

    FIGURE 4-19Basics tab in the Create an Action Group wizard.

    The Notifications tab opens. (See Figure 4-20.) Here, you select the notification type for any alerts triggered by the role. You can choose to send the notification by email to an Azure resource manager role or to send it by email, SMS message, push, or voice to the recipient(s) of your choosing.

    The figure shows a screenshot of the Notifications section of the Create an Action Group wizard. The Notification type is mentioned as Email/SMS message/Push/Voice, and the Name is mentioned as EmailAppAdmin.

    FIGURE 4-20The Notifications tab of the Create an Action Group wizard.

  8. In the Notification Type drop-down list, choose Email/SMS Message/Push/Voice.

  9. In the Email/SMS Message/Push/Voice dialog box (see Figure 4-21), enter the following information. Then click OK.

    • EmailSelect this check box and enter the email address to send email notifications to when the alert rule is triggered.

NoteYou can only enter one email address in this field. If you want to send the notification to multiple email addresses, use email groups or set up multiple notification types.

  • SMSSelect this check box and enter a country code and phone number to send SMS notifications to when the alert is triggered.

  • Azure Mobile App NotificationIn this case, leave this unchecked. You would select this if you wanted to send a notification by way of an Azure mobile app.

  • VoiceIn this case, leave this unchecked. You would select this if you wanted to send a voice-based notification.

  • Enable the Common Alert SchemaYou select this option to standardize the alert schema across all the different alerting options. In this case, click No.

  1. In the Notifications tab of the Create an Action Group wizard, click Next.

  2. In the Actions tab, open the Action Type drop-down list and choose what type of action you want to perform when the alert rule is triggered. In this case, choose Automation Runbook. Then enter a name for the action type (here, RestartVM) and click Next. (See Figure 4-22.)

    The figure shows a screenshot of the Email/SMS message/Push/Voice section with the Email option being ticked and the Email below mentioned as apppadmin@fabrikam.com. The SMS (Carrier charges may apply) option is ticked with the country code filtered on 1 and the phone number is entered. The Azure mobile app notification and the Voice notifications are not ticked, as to enable the common alert schema is set on No. Once all information has been inserted, you can click the OK button at the bottom of the page.

    FIGURE 4-21The Email/SMS message/Push/Voice section.

    The figure shows a screenshot of the Actions tab with the Actions type being filtered on Automation Runbook and the Name set up as RestartVM.

    FIGURE 4-22The Actions tab of the Create an Action Group wizard.

  3. In the Configure Runbook dialog box (see Figure 4-23), enter the following information. Then click OK.

    • Run RunbookClick Enable to specify that the runbook should be run.

    • Runbook SourceSelect the runbook source. In this case, choose Built-in.

    When you choose Built-in as the runbook source, the dialog box displays additional settings. These are also shown in Figure 4-23.

    • RunbookChoose the built-in runbook you want to use. In our case, we select Restart VM.

    • SubscriptionChoose the Azure subscription that contains the Azure Automation account you want to use.

    • Automation AccountSelect the automation account you want to use. Alternatively, click New and follow the prompts.

    • Enable the Common Alert SchemaFor this example, choose No.

    The figure shows a screenshot of the Configure Runbook with the Run Runbook filtered on Enabled, the Runbook Source filtered on Built-in. The Runbook is filtered on Restart VM, and the Subscription is filtered on Pay-As-You-Go with the Automation Account set on site-reco-fam-asr-automationaccount. The Enable the Common Alert Schema button is set up on No.

    FIGURE 4-23The Configure Runbook dialog box.

  4. In the Actions tab of the Create an Action Group wizard, click Next.

  5. In the Tags tab (see Figure 4-24), enter a name and value for any tags you want to associate with the action group, and click Next.

    The figure shows a screenshot of the Tags tab with the Name mentioned as ms-resource-usage and the Value as SourceVM-Alert.

    FIGURE 4-24The Tags tab of the Create an Action Group wizard.

  6. In the Review + Create tab (see Figure 4-25), review your settings, and click Review + Create to create the action group.

    The figure shows a screenshot of the Review + Create tab with the summary of the options selected in the previous tabs. The Basics with the subscription is mentioned as Pay-As-You-Go, the Resource Group is set up as RG01, the Action Group Name is set up as ActionGroup-Email, the Display Name is Ag-Email. The Notifications with the Notification type selected on Email/SMS message/Push/Voice, the name EmailAppAdmin and the Email and SMS message selected. The Actions tab has the Action type selected on Automation Runbook, the name as restartVM, and the Restart VM selected. No tags are defined.

    FIGURE 4-25The Review + Create tab of the Create an Action Group wizard.

    The action group you just created appears in the Actions tab of the Create a Metric Alert wizard (see Figure 4-26).

    The figure shows a screenshot of the Actions tab with the Actions Group Name mentioned as ActionsGroup-Email and the Contains Actions section mentioning 1Email, 1 SMS message, and 1 Automation Runbook.

    FIGURE 4-26Back in the Actions tab of the Create a Metric Alert wizard.

  7. Optionally, create additional action groups.

  8. Click Next.

  9. In the Details tab of the Create a Metric Alert wizard (see Figure 4-27), enter the following information. Then click Next:

    • SubscriptionSelect the subscription you want to use to create the metric alert.

    • Resource GroupSelect the resource group you want to use to create the metric alert. Alternatively, click the Create New link and follow the prompts.

    • SeverityChoose a severity for the alert when the rule conditions are met. You can select between Critical, Error, Warning, Informational, and Verbose based on your requirements. Here, select 1-Error.

    • Alert Rule NameType a unique name for the alert rule.

    • Alert Rule DescriptionType a description of the alert rule.

    • Enable Upon CreationSelect this check box.

    • Automatically Resolve AlertsSelect this check box.

    The figure shows a screenshot of the Details tab with, in the Project Details section, the Subscription filtered on Pay-As-You-Go, and the Resource Group set as RG01. In the Alert Rule Details section, the Severity is set as 1-Error, the Alert Rule Name is mentioned as VMError-Alert, and the Enable Upon Creation and Automatically Resolve Alerts options are ticked.

    FIGURE 4-27The Details tab of the Create a Metric Alert wizard.

  10. In the Tags tab (see Figure 4-28), enter a name and value for any tags you want to define for the alert rule. Then click Next.

    The figure shows a screenshot of the Name mentioned as ms-resource-usage and the Value set as SourceVM-Alert.

    FIGURE 4-28The Tags tab of the Create a Metric Alert wizard.

  11. In the Review + Create tab (see Figure 4-29), review your settings and click Review + Create to create the metric alert.

    The figure shows a screenshot of the Review + Create tab with a summary of all options selected previously. The Metric Alert Rule is set up with 1 Condition and a total pricing of 0.10 USD/month. The Scope is set as Resource and Pay-As-You-Go. The Condition section is set up as Signal Name with CPU Credits Consumed, the Operator is set as Greater Than, the Aggregation Type is set as Average, the Aggregation Granularity is set as 15 minutes, and the Frequency of Evaluation is set as Every 15 minutes. The Actions section is set with the Action Group Name and the 1 Email, 1 SMS message, 1 Automation Runbook as actions. The Details section is set as Pay-As-You-Go as subscription, the Resource Group as RG01, and the Alert Rule Name is set as VMError-Alert.

    FIGURE 4-29The Review + Create tab of the Create a Metric Alert wizard.

Create Log Analytics Workspace

Next, you need to create a Log Analytics workspace.

  1. Type log analytics workspace in the Azure Portal search box and select it from the list that appears. (See Figure 4-30.)

    The figure shows a screenshot of the search in Azure portal with Log Analytics Work being entered. The Log Analytics workspaces appears in the Services section.

    FIGURE 4-30Searching for Log Analytics workspace.

  2. Click the Create Log Analytics Workspace button. (See Figure 4-31.)

    The figure shows a screenshot of a pop-up mentioning that currently No Log Analytics Workspaces to Display with the button to click Create a Log Analytics Workspace.

    FIGURE 4-31Starting the Create Log Analytics Workspace wizard in Azure Portal.

  3. In the Basic tab of the Create Log Analytics Workspace wizard (see Figure 4-32), enter the following information. Then click Next:

    • SubscriptionSelect the subscription you want to use to create the workspace.

    • Resource GroupSelect the resource group you want to use to create the workspace. Alternatively, click the Create New link and follow the prompts.

    • NameEnter a unique name for the workspace.

    • RegionSelect the Azure region to host the workspace.

    The figure shows a screenshot of the Basics tab with the Project Details set with the Subscription recorded as Pay-AS-You-Go and the Resource Group set as RG01. The Instance Details are set with the Name as DefaultLogAnalyticsWorkspace and the Region is set as East US 2.

    FIGURE 4-32The Basic tab of the Create Log Analytics Workspace wizard.

  4. In the Tags tab (see Figure 4-33), type a name and value for any tags you would like to associate with the workspace, and click Next.

    The figure shows a screenshot of the Tags tab with the Name field set as ms-resource-usage and the Value set as LogAnalyticsWorkspace.

    FIGURE 4-33The Tags tab in the Create Log Analytics Workspace wizard.

  5. In the Review + Create tab (see Figure 4-34), review your settings, and click Review + Create to create the workspace.

    The figure shows a screenshot of the Review + Create tab with the summary of the options selected previously. The Basics set as the Subscription with the Pay-As-You-Go, the Resource Group as RG01, the Name set as DefaultLogAnalysticsWorkspace, and the Region set as East US 2. The pricing tier is set as LogAnalyticsWorkspace.

    FIGURE 4-34Review + Create tab in the Create Log Analytics Workspace wizard.

Configure Azure VM Monitoring

Now that you have created the Log Analytics workspace, you can set up monitoring for your Azure VM.

  1. In Azure Portal, navigate to the VM for which you want to set up monitoring.

  2. In the left pane of the VM’s configuration blade, under Monitoring, click Metrics. (See Figure 4-35.)

    The figure shows a screenshot of the Monitoring tab with the Insights filed selected.

    FIGURE 4-35Configure monitoring for the Azure VM.

  3. In the right pane, click the Enable button to enable Insights. (See Figure 4-36.)

    The figure shows a screenshot of the options available under Insights with the Enable button at the bottom of the page to initiate it.

    FIGURE 4-36Enable Insights.

  4. Azure Monitor automatically locates an existing Log Analytics workspace and its associated subscription. If it is not the right one for your environment, select the appropriate subscription and Log Analytics workspace. (See Figure 4-37.)

    The figure shows a screenshot of the Azure Monitor with the Workspace Subscription set as Pay-As-You-Go and the Choose a Log Analytics Workspace field set up as DefaultLogAnalyticsWorkspace [eastus2]. Once these have been selected, you can click the Enable button at the bottom left.

    FIGURE 4-37Locating the subscription and workspace.

  5. Click the Enable button.

    When the VM’s integration with the Log Analytics workspace is complete, the VM’s Performance tab opens with the Logical Disk Performance view displayed. This view includes the following metrics for VM resources by default (see Figure 4-38):

    • CPU Utilization %

    • Available Memory %

    • Logical Disk IOPS

    • Logical Disk MB/s

TipYou can scroll through the list of metrics; there are many more available. You can also change the view’s time range. You can also pin key metrics to a dashboard for easy viewing.

The figure shows a screenshot of the Azure VM Performance tab with the Logical Disk Performance results and four graphs below. One is about the CPU Utilization %, one is about the Available Memory, another one is about the Logical Disks IOPS, and the last one is about the Logical Disk MB/s.

FIGURE 4-38Performance Tab of the Azure VM.

  1. Click the Map tab.

NoteIt might take a few minutes for the map to load, depending on how much time the service has had to analyze your VM.

You will see a map similar to the one shown in Figure 4-39. This map contains all the active ports on the VM and the processes actively using each port.

The figure shows a screenshot of the VM Map tab with the all the active ports identified and linked as a map to the SourceVM.

FIGURE 4-39The Azure VM’s Map tab.

  1. Click a port or service to see more information about it. (See Figure 4-40.) This will give you deeper insights into the VM.

    The figure shows a screenshot of the SourceVM Map tab with the processes' details associated and the link of each of them to the active ports identified.

    FIGURE 4-40Viewing more information about a service or port.

Set Up Azure VM Insights Alerts

At this point, you’re ready to set up an alert. For this example, you will create an alert for low disk space. Because your test VM likely does not have low disk space at this time, you can either set the monitoring threshold very high or add data to the VM disk to reduce the space below your monitoring threshold. In our case, we will do the former—raise an alert if the C drive goes below 90% free. (In production use, you would generally not set such a high threshold for disk space alerts.)

  1. In the pane to the right of the Map tab, click the Log Events link.

  2. In the Event Type list (see Figure 4-41), click InsightsMetrics.

    The figure shows a screenshot of the VM Map tab with the SourceVM details on the right tab of the page and the Log Events option selected. This option shows details about the Heartbeat count, the InsightMetrics count, the ServiceMapComputer_CL, the ServiceMapProcess_CL, the VMBoundPort, the VMComputer, VMConnection, and VMProcess counts.

    FIGURE 4-41The Insight option in the Map tab of the Azure VM.

  3. The Log Explorer window opens with a pre-defined query that searches for all InsightsMetrics for the VM. (See Figure 4-42.) You will see various metrics, including Network, LogicalDisk, Processor, Memory, and others.

  4. Locate the metric for which you want to set up the alert—in our case, the LogicalDisk FreeSpacePercentage metric.

    The figure shows a screenshot of a list of all the results for the search of the InsightsMetrics found with the Computer option set up as Source VM. In the list, there are the details of TimeGenerated, the Computer (SourceVM), the Origin (vm.asm.ms), the Namespace, the Name, the Value, and the Tags.

    FIGURE 4-42The InsightsMetrics for the Azure VM.

  5. In the pre-populated query at the top of the Log Explorer window, enter the following code after the VM name (‘SourceVM’), as shown in Figure 4-43. Then click Run.

    Click here to view code image

    And Namespace == 'LogicalDisk' and Name == 'FreeSpacePercentage'
    The figure shows a screenshot of the InsightsMetrics query with the Computer option set up as SourceVM, the Namespace set up as LogicalDisk, and Name set up as FreeSpacePercentage.

    FIGURE 4-43The InsightsMetrics search.

  6. The Log Explorer window returns a list of LogicalDisk FreeSpacePercentage metrics. (See Figure 4-44.)

    The figure shows a screenshot of the list of results of the query with the Computer set up as SourceVM, the Namespace as LogicalDisk, and the Name as FreeSpacePercentage. Each line result presents also the Time Generated, the Origin, the Value, the Tags, and the Agentld.

    FIGURE 4-44LogicalDisk FreeSpacePercentage metrics for the Azure VM.

  7. Click the New Alert Rule button along the top of the Log Explorer window. (See Figure 4-45.)

    The figure shows a screenshot of the top bar of the query where there is Run button, the Time Range option, the Save button, the Share button, and the New Alert Rule.

    FIGURE 4-45The New Alert Rule button.

  8. In the Condition tab of the Create an Alert Rule wizard, under Measurement, change the following settings (see Figure 4-46):

    • MeasureChoose Val.

    • Aggregation TypeSelect Average.

    • Aggregation GranularityChoose 5 Minutes.

    The figure shows a screenshot of the Create an Alert Rule wizard, under the Condition tab, with a Log Query section with the InsightsMetrics query is written, the Measurement section mentioning the options Measure sets as Val, the Aggregation Type sets as Average, the Aggregation Granularity sets as 5 minutes; then the section Split by Dimensions with the Resource ID column sets as ResourceID.

    FIGURE 4-46The Condition tab of the Create an Alert Rule wizard.

  9. Leave the settings in the Split by Dimensions section of the Condition tab at their default values.

  10. In the Alert Logic section of the Condition tab (see Figure 4-47), enter the following information. Then click Next:

    • OperatorSelect Less Than or Equal To.

    • Threshold ValueType 90. (Remember: You want a high value here to make it easier to trigger the alert, just for the purposes of this exercise.)

    • Frequency of EvaluationSelect 5 Minutes.

    The figure shows a screenshot of the Alert Logic wizard with the Operator option selected as Less Than or Equal To the Threshold value selected as 90, the Frequency of Evaluation selected as 5 minutes. The Estimated Monthly Cost is mentioned below as $1.50. The Advanced Options section below shows Preview with the Select Time Series set as Sourcevm: Aggregate and the Time Range is set as Over the Last 6 Hours.

    FIGURE 4-47The Alert Logic section of the Condition tab.

  11. In the Actions tab, click Add Action Groups, and select the action group you created earlier. Alternatively, you can click Create Action Group and follow the prompts to create a new one. (See Figure 4-48.) Then click Next.

    The figure shows a screenshot of the Create an Alert Rule wizard under the Actions tab with the option to Add Action Groups or to Create Action Group.

    FIGURE 4-48Choose an action group.

  12. In the Details tab (see Figure 4-49), change the following settings (leave the others at their default values). Then click Next:

    • SubscriptionSelect the subscription you want to use to create the alert rule.

    • Resource GroupSelect the resource group you want to use to create the alert rule. Alternatively, click the Create New link and follow the prompts.

    • SeveritySelect 2-Warning.

    • Alert Rule NameType a unique name for the alert rule.

    • Alert Rule DescriptionType a description of the alert rule.

    • RegionSelect the Azure region in which to create the alert rule.

    • Enable Upon CreationSelect this check box.

      The figure shows a screenshot of the Create an Alert Rule wizard, under the Details tab, with the Project Details section and the Subscription option selected as Pay-As-You-Go and the Resource Group selected as RG01. The Alert Rule Details section has the Severity option selected as 2-warning, the Alert Rule Name selected as LowDiskSpace-VM-Name', the Alert Rule Description selected as Monitoring Disk Space on VM xxxx, and the Region selected as East US 2. In the Advanced options, the option Enable Upon Creation is selected.

      FIGURE 4-49Enter the alert rule details.

  13. In the Tags tab (see Figure 4-50), type a name and value for any tags you want to add for this alert rule, and click Next.

    The figure shows a screenshot of the Create an Alert Rule wizard, under the Tags tab, with the Name section set as ms-resource-usage and the Value set as SourceVM-Alert.

    FIGURE 4-50Adding tags to the alert rule.

  14. In the Review + Create tab, review your settings, and click Review + Create to create the alert rule.

  15. After the alert has been created, let your system run for 15 or 20 minutes.

    The alert should trigger frequently, indicating low disk space on the test VM. (See Figure 4-51.)

    The figure shows a screenshot of the list of Alerts results with the Name of each alert, the Severity associated, the Monitor Condition as Fired, the Alert State as New, the Affected Resource as sourcevm, the Monitor Service as Log Alerts V2, the Signal Type as Log, the Fired Time, and the Subscription as Pay-As-You-Go.

    FIGURE 4-51Test VM results.

Configure Azure Storage Monitoring

Finally, you can set up monitoring for an Azure Storage account.

  1. In Azure Portal, navigate to the Azure Storage account for which you would like to set up monitoring.

  2. In the left pane of the Azure Storage account’s configuration blade, under Monitoring, click Diagnostic Settings. (See Figure 4-52.)

    The figure shows a screenshot of the left configuration blade the Monitoring section with Insights, Alerts, Metrics, Workbooks, Diagnostic Settings, and Logs options.

    FIGURE 4-52Setting up an Azure Storage account for monitoring.

    The pane on the right shows the current diagnostic status of the various storage types. (See Figure 4-53.)

    The figure shows a screenshot of the diagnostic status with the Name (such as azcloudstorageeus, blob, queue, table, file), Resource Type (Storage account), Resource Group (RG01), and Diagnostics Status set as Disabled.

    FIGURE 4-53Azure Storage account diagnostic status.

  3. Click the blob entry in the Name list.

    Azure displays the blob’s diagnostic configuration. As shown in Figure 4-54, the blob’s diagnostic settings are currently not configured.

    The figure shows a screenshot of the diagnostic settings selected on the Resource azcloudstorageeus/blob with no diagnostic settings defined yet.

    FIGURE 4-54Blob diagnostic status.

  4. Click the Add Diagnostic Setting link.

  5. In the Diagnostic Setting dialog box (see Figure 4-55), change the following settings. (Leave any other settings at their default value.) Then click Save.

    • Diagnostic Setting NameType a name for the diagnostic setting.

    • Logs/CategoriesSelect the check box next to each log category you want to collect—in this case, StorageRead, StorageWrite, and StorageDelete.

    • MetricsSelect the check box next to each metric you want to collect—here, Transaction.

    • Send Log to Analytics WorkspaceSelect this check box. Then enter the details for the workspace in the settings that appear, including the workspace’s subscription and name. In this case, select the workspace you created earlier.

    The figure shows a screenshot of the diagnostic settings with the Diagnostic Setting Name set as DiagnosticSetting, and the Logs StorageRead, StorageWrite, and StorageDelete, all ticked. The Metrics option ticked on Transaction. The Destination Details section on the right has the Send to Log Analytics Workspace option ticked, the Subscription mentioned as Pay-As-You-Go, AND the Log Analytics Workspace mentioned as DefaultLogAnalyticsWorkspace (eastus2). The Archive to a Storage Account, the Stream to an Event Hub, and Send to Partner Solution options are all not selected.

    FIGURE 4-55The Diagnostic Setting dialog box for the Azure Storage account.

    You can set up the diagnostic settings for any other storage resource type by following these same steps. (See Figure 4-56.) You can apply the same settings as you did for blob or different settings based on the storage type. You can also set up diagnostic settings on the storage account level to apply the same settings across the entire account.

The figure shows a screenshot of the diagnostic settings with the Resource option that could be changed into other options: azcloudstorageeus/queue, azcloudstorageeus/table, and 'azcloudstorageeus/file.

FIGURE 4-56Azure Storage account diagnostic status.

Run Queries On Azure Storage

Now that you’ve configured the diagnostic settings for log collection for your storage account, run a few queries in the Azure Portal to monitor the output and set up alerts if needed.

  1. In the left pane of the configuration blade for the Azure Storage account for which you configured the diagnostic settings, under Monitoring, click Logs. (See Figure 4-57.)

    The figure shows a screenshot of the left configuration with the Logs option selected in the Monitoring section.

    FIGURE 4-57Azure Storage account logs monitoring.

    A query explorer opens, with a set of pre-defined queries for you to run. These include frequently used queries for auditing, performance monitoring, error tracking, and alerting purposes. (See Figure 4-58.)

    The figure shows a screenshot of the query explorer with the pre-defined queries defined, such as Alerts, Audit, Errors, and Performance available for selection on the left pane, and their definition and details on the right pane of the page.

    FIGURE 4-58The Azure Storage query explorer.

    Because you most likely would not have any errors or performance bottlenecks in your test storage, you need to select a query that might show some output, such as one that generates a Frequent Operations chart.

  2. Click the Run button in the Frequent Operations tile of the query explorer.

    The system displays a pie chart showing the frequency of all operations performed on this test storage account. (See Figure 4-59.)

    The figure shows a screenshot of the frequent operations chart with a pie chart of the operations used over the last three days.

    FIGURE 4-59The frequent operations chart on Azure Storage.

NoteAfter you have used this storage account for a period, you can employ one of the other queries or create your own custom query (as you did earlier for the VM) and set up alerts to monitor on a regular basis.

Best practices

Following are some general best practices regarding using the Azure Monitor service based on real-world deployments that can help you optimize your configuration or deployment.

  • Deploy or migrate to Azure Monitor agentsUse the Azure Monitor agent on Windows and Linux VMs instead of the legacy Log Analytics agent. The Log Analytics agent will be retired in August 2024. Still, it is recommended to migrate to the newer agent as soon as possible. First, though, evaluate all the monitor solutions you are currently using. If they are compatible, you can migrate to the new agent gracefully, as Microsoft will make all new Azure Monitor functionality and capabilities available to new agent installs. The agent already supports newer functionality such as filtering, scoping, and multi-homing of data. The Azure Monitor agent also uses system-managed identities instead of the legacy workspace keys required by Log Analytics agents. This makes larger deployments of agents easier and more secure.

  • Use Application Insights for better application monitoringApplication Insights can provide you with deeper insights into user behavior, application behavior, application performance, and so on. This will help you resolve critical issues more quickly. It also provides actionable insights to optimize your product and improve responsiveness. Finally, you can use Application Insights proactively to identify and address potential issues with your application.

  • Use Private Link for private connectivity to Azure MonitorThe Private Link service allows you to connect to Azure Monitor over a private network using Azure ExpressRoute. As a result, all your logging traffic will be transmitted and accessible only over a private network. This can be advantageous in environments with compliance requirements that prohibit the transmission of such logs over public networks.

  • Use keys to encrypt Azure Storage accounts used by Log AnalyticsYou can use Microsoft-managed keys to encrypt this storage, or you can use your own keys integrated with Azure Key Vault to achieve this encryption. If there are compliance reasons for your environment to use your own customer-managed keys, Azure Monitor does support this, and you can use this capability if the need arises.

  • Use AutoScale when possibleAzure Monitor supports the use of monitoring rules to trigger autoscaling for various Azure workloads, such as Azure VM scale sets, Azure API Management services, Azure App Services, and Azure Cloud Services. So, you can build logic within your application to automatically scale up or down based on user load, which improves application response times and optimizes costs. This is a great feature to use, provided your application supports it.

  • Automatically enable monitoring for new Azure resourcesAzure Monitor allows you to automatically enable monitoring for new resources added into your environment to ensure they are actively observed from the start. Continuous monitoring using DevOps integration is also supported, so new application resources are automatically brought under the purview of Azure Monitor. It is a good practice to set up these capabilities so you can easily identify root causes for any issues in your environment without having to constantly intervene manually to ensure workloads are being monitored.

  • Set up actionable alertsSometimes it’s not enough to receive an alert. You need an alert that can perform some type of pre-defined action to mitigate whatever condition triggered the alert. These are called actionable alerts. Examples of actionable alerts include autoscaling workloads based on resource utilization, triggering Azure Automation runbooks based on resource metrics, and triggering webhooks to activate external resources based on pre-defined criteria or log events. Automatically sending email messages, SMS messages, or voice calls to relevant administrators of a resource are also classified as actionable alerts. However, when possible, it’s preferable to configure automated actions that will alleviate or resolve the issue without manual intervention to minimize downtimes.

  • Use dynamic thresholds when possibleUnlike static thresholds, dynamic thresholds enable Azure Monitor to develop monitoring baselines based on observed usage of a resource. This can in turn reduce the number of false positive alerts. Use dynamic thresholds for resources that do not have consistent usage and can have temporary fluctuations in performance that might trigger false positives.

  • Share dashboards between teams to ensure consistent monitoringAzure Monitor allows you to share dashboards so that different team members or inter-dependent teams monitor the same resource metrics and events. This ensures a timely response when issues arise. It is a good practice to develop these dashboards in collaboration with the different team members and interconnected teams to identify and track the correct key performance indicators (KPIs) for each application or service they are monitoring.

  • Review your monitoring thresholds and KPIs on a regular basisIt is a good practice, especially in large organizations, to conduct regular collaborative reviews of the monitoring setup and update thresholds and KPIs based on ongoing developments, internal feedback, historical performance metrics, and other relevant criteria. This will help ensure that your monitoring solution is up to date and provides relevant alerts.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.116.42.158