Monitoring and alerting with Azure Monitor

Posted on by Panther

Introduction

In the world of cloud computing, it is essential to have a monitoring and alerting system to ensure the reliability and availability of services. Azure Monitor is a monitoring solution offered by Microsoft Azure, which provides a centralized platform for collecting, analyzing, and acting upon telemetry from applications and infrastructure.

Azure Monitor offers a range of features such as metrics, logs, alerts, and dashboards, which can be used to monitor and optimize various resources like virtual machines, applications, and databases, running in Azure.

In this tutorial, we will take an in-depth look at the features of Azure Monitor, and demonstrate how you can set up and configure alert rules to monitor key metrics for Azure resources.

Prerequisites

Before we dive into the tutorial, you will need the following prerequisites:

  • An Azure subscription. If you don’t already have an Azure subscription, you can create a free account here.
  • Basic knowledge of Azure resources like virtual machines, storage accounts, and databases.

Azure Monitor Overview

Azure Monitor provides a comprehensive solution for monitoring various resources in Azure. It offers four key features designed to help you gain insights into your resources.

Metrics

Metrics are numerical values captured at regular intervals that indicate the health and performance of services and resources in Azure. Azure Monitor captures various types of metrics like CPU utilization, memory usage, network traffic, and disk I/O.

Logs

Logs are textual data that help to identify and troubleshoot issues in Azure resources. Logs contain detailed information about the health and performance of resources, such as errors, warnings, and requests. Azure Monitor collects log data from various sources like virtual machines, applications, and databases.

Alerts

Alerts notify you when a specified metric exceeds a predefined threshold or when an event occurs in your resources. Alerts can be used to trigger an email, SMS, or webhook notification or to trigger an automated action like scaling up a virtual machine or shutting down a service.

Dashboards

Dashboards provide a visual representation of metrics, logs, and alerts in Azure. Dashboards help you to view the status and performance of your resources at a glance.

In the next section, we will look at how to set up Azure Monitor and configure metric and log collection for a virtual machine.

Configuring Azure Monitor for a Virtual Machine

Assuming that you already have a virtual machine running in Azure, let’s set up Azure Monitor and configure metric and log collection for the VM.

Step 1 – Enable Azure Monitor for the Virtual Machine

To enable Azure Monitor for the virtual machine, follow these steps:

  1. Sign in to the Azure portal, navigate to the virtual machine, and select the Monitoring tab.

  2. Click on the “Enable” button to enable Azure Monitor for the virtual machine.

Step 2 – Configure Metric Collection for the Virtual Machine

To set up metric collection for the virtual machine, follow these steps:

  1. Navigate to the virtual machine, and select the Diagnostics settings tab.

  2. Click on the “Add diagnostic setting” button.

  3. In the “Add diagnostic setting” blade, provide a name for the diagnostic setting.

  4. Under the “Logs” section, select “Metrics” and then click on the “Configure metrics” button.

  5. In the “Configure Metrics” blade, select the metrics that you want to collect for the virtual machine. You can select metrics like CPU utilization, memory usage, disk I/O, and network traffic.

  6. Click on the “Add” button to add the selected metrics to the diagnostic setting.

  7. Under the “Destinations” section, select the destination where you want to store the collected metrics. You can store metrics in a storage account or stream them to an event hub.

  8. Click on the “Save” button to save the diagnostic setting.

Step 3 – Configure Log Collection for the Virtual Machine

To set up log collection for the virtual machine, follow these steps:

  1. Navigate to the virtual machine, and select the Diagnostic settings tab.

  2. Click on the “Add diagnostic setting” button.

  3. In the “Add diagnostic setting” blade, provide a name for the diagnostic setting.

  4. Under the “Logs” section, select the logs that you want to collect for the virtual machine. You can collect logs from applications, system logs, and custom logs stored in the virtual machine.

  5. Click on the “Add” button to add the selected logs to the diagnostic setting.

  6. Under the “Destinations” section, select the destination where you want to store the collected logs. You can store logs in a storage account or stream them to an event hub.

  7. Click on the “Save” button to save the diagnostic setting.

Step 4 – View Metrics and Logs for the Virtual Machine

To view the collected metrics and logs for the virtual machine, follow these steps:

  1. Navigate to the virtual machine, and select the Monitoring tab.

  2. In the “Monitoring” blade, select the “Metrics” or “Logs” tab to view metrics or logs for the virtual machine.

  3. In the “Metrics” or “Logs” blade, select the metrics or logs that you want to view and customize the chart as per your requirement.

  4. You can also view the collected metrics and logs in the Azure portal and analyze the data using tools like Azure Monitor Log Analytics and Power BI.

In the next section, we will look at how to create alert rules for virtual machines using Azure Monitor.

Creating Alert Rules for Virtual Machines

Alert rules notify you when a specified metric exceeds a predefined threshold or when an event occurs in your resources. Alert rules can be created for various resources like virtual machines, storage accounts, and databases.

Assuming that you already have a virtual machine running in Azure, let’s create an alert rule to notify us when the CPU utilization exceeds 80%.

Step 1 – Create a Metric Alert Rule

To create a metric alert rule for the virtual machine, follow these steps:

  1. Navigate to the virtual machine, and select the Monitoring tab.

  2. In the “Monitoring” blade, select the “Alerts” tab and click on the “+ New alert rule” button.

  3. In the “New alert rule” blade, select the subscription, resource group, and virtual machine for which you want to create the alert rule.

  4. Under the “Condition” section, select the metric that you want to monitor. In this case, we want to monitor the CPU utilization of the virtual machine.

  5. Set the threshold value for the metric. In this case, we want to trigger an alert when the CPU utilization exceeds 80%.

  6. Set the evaluation frequency for the metric. In this case, we want to evaluate the metric every 5 minutes.

  7. Set the aggregation type for the metric. In this case, we want to use the “Average” aggregation type.

  8. Under the “Actions” section, select the action that you want to trigger when the alert rule is triggered. You can trigger an email, SMS, or webhook notification or trigger an automated action like scaling up a virtual machine or shutting down a service.

  9. Click on the “Create alert rule” button to create the alert rule.

Step 2 – Test the Alert Rule

To test the alert rule, follow these steps:

  1. Generate load on the virtual machine to trigger the alert. You can use tools like Azure Test Plans or JMeter to generate load on the virtual machine.

  2. Wait for the evaluation frequency of the alert rule to elapse. In this case, we want to evaluate the metric every 5 minutes.

  3. Once the threshold value is exceeded, the alert rule will trigger an action based on the configured action.

In the next section, we will look at how to create an email notification for an alert rule.

Creating Email Notification for an Alert Rule

Email notifications can be created from an alert rule to notify you when the rule is triggered. To create an email notification for an alert rule, follow these steps:

  1. Navigate to the virtual machine, and select the Monitoring tab.

  2. In the “Monitoring” blade, select the “Alerts” tab and click on the alert rule for which you want to create an email notification.

  3. In the alert rule blade, select the “Actions” tab.

  4. Under the “Actions” tab, click on the “+ Add action group” button.

  5. In the “Add action group” blade, provide a name for the action group and select “Email/SMS/Push/Voice” as the type of actions.

  6. Under the “Actions” section, provide the email addresses of the recipients who will receive the email notification.

  7. Customize the email notification as per your requirement and click on the “OK” button to save the email notification.

  8. Once the alert rule is triggered, the email notification will be sent to the configured email addresses.

In the next section, we will look at how to create a log alert rule for a virtual machine using Azure Monitor.

Creating Log Alert Rules for Virtual Machines

Log alert rules notify you when a specified log event occurs in your resources. Log alert rules can be created for various resources like virtual machines, storage accounts, and databases.

Assuming that you already have a virtual machine running in Azure, let’s create a log alert rule to notify us when an error occurs in the virtual machine.

Step 1 – Create a Log Alert Rule

To create a log alert rule for the virtual machine, follow these steps:

  1. Navigate to the virtual machine, and select the Monitoring tab.

  2. In the “Monitoring” blade, select the “Alerts” tab and click on the “+ New alert rule” button.

  3. In the “New alert rule” blade, select the subscription, resource group, and virtual machine for which you want to create the alert rule.

  4. Under the “Condition” section, select the log event that you want to monitor. In this case, we want to monitor the “Error” log event in the virtual machine.

  5. Under the “Actions” section, select the action that you want to trigger when the alert rule is triggered. You can trigger an email, SMS, or webhook notification or trigger an automated action like scaling up a virtual machine or shutting down a service.

  6. Click on the “Create alert rule” button to create the alert rule.

Step 2 – Test the Alert Rule

To test the alert rule, follow these steps:

  1. Simulate an error event in the virtual machine. You can simulate an error event by running a script or shutting down a service.

  2. Wait for the alert rule to evaluate the log event. In this case, we want to evaluate the log event every 5 minutes.

  3. Once the log event is evaluated, the alert rule will trigger an action based on the configured action.

In the next section, we will look at how to create a log search query in Azure Monitor.

Creating a Log Search Query

Log search queries can be used in Azure Monitor to search and analyze log data collected from various resources. To create a log search query, follow these steps:

  1. Navigate to the Azure Monitor and select “Log Analytics”.

  2. In the “Log Analytics” blade, select the “Logs” option.

  3. In the query editor, write the query that you want to run to search and analyze the log data. For example, to search for all the log events with the source “System”, you can write the following query:

Event
| where Source ==  "System"

  1. Customize the query as per your requirement and click on the “Run” button to execute the query.

  2. Once the search query is executed, you can view the log data and analyze it using various tools like charting, grouping, and summarizing.

In the next section, we will look at how to create a log search alert rule for a virtual machine using Azure Monitor.

Creating Log Search Alert Rules for Virtual Machines

Log search alert rules notify you when a specified log search query returns results. Log search alert rules can be created for various resources like virtual machines, storage accounts, and databases.

Assuming that you already have a virtual machine running in Azure, let’s create a log search alert rule to notify us when the number of “Error” logs exceeds 10.

Step 1 – Create a Log Search Alert Rule

To create a log search alert rule for the virtual machine, follow these steps:

  1. Navigate to the virtual machine, and select the Monitoring tab.

  2. In the “Monitoring” blade, select the “Alerts” tab and click on the “+ New alert rule” button.

  3. In the “New alert rule” blade, select the subscription, resource group, and virtual machine for which you want to create the alert rule.

  4. Under the “Condition” section, select “Log search” and create a log search query. In this case, we want to search for the number of “Error” logs in the virtual machine.

  5. Set the threshold value for the log search query. In this case, we want to trigger an alert when the number of “Error” logs exceeds 10.

  6. Set the evaluation frequency for the log search query. In this case, we want to evaluate the log search query every 5 minutes.

  7. Under the “Actions” section, select the action that you want to trigger when the alert rule is triggered. You can trigger an email, SMS, or webhook notification or trigger an automated action like scaling up a virtual machine or shutting down a service.

  8. Click on the “Create alert rule” button to create the alert rule.

Step 2 – Test the Alert Rule

To test the alert rule, follow these steps:

  1. Simulate an error event in the virtual machine. You can simulate an error event by running a script or shutting down a service.

  2. Wait for the log search query to evaluate the log data. In this case, we want to evaluate the log search query every 5 minutes.

  3. Once the log search query returns results that exceed the threshold value, the alert rule will trigger an action based on the configured action.

In the next section, we will look at how to create a dashboard in Azure Monitor.

Creating a Dashboard

Dashboards can be created in Azure Monitor to provide a visual representation of metrics, logs, and alerts. To create a dashboard, follow these steps:

  1. Navigate to the Azure Monitor and select “Dashboards”.

  2. In the “Dashboards” blade, click on the “+ New dashboard” button.

  3. In the “New dashboard” blade, provide a name for the dashboard.

  4. Click on the “+ Add tile” button to add a new tile to the dashboard.

  5. In the “Add tile” blade, select the type of tile that you want to add to the dashboard. You can add tiles like metrics, logs, and alerts.

  6. Configure the tile as per your requirement and click on the “OK” button to add the tile to the dashboard.

  7. Repeat steps 4 to 6 to add more tiles to the dashboard.

  8. Once the dashboard is created, you can view the visual representation of metrics, logs, and alerts.

In the next section, we will look at how to export data from Azure Monitor.

Exporting Data from Azure Monitor

Data can be exported from Azure Monitor to external systems for further analysis. Data can be exported in various formats like CSV, JSON, and Azure table storage.

To export data from Azure Monitor, follow these steps:

  1. Navigate to the resource from which you want to export the data.

  2. Select the “Export” option from the menu.

  3. In the “Export” blade, select the data type that you want to export. You can export data like logs, metrics, and alerts.

  4. Select the destination where you want to export the data. You can export data to Azure Blob storage, Azure table storage, or an event hub.

  5. Customize the export settings as per your requirement and click on the “OK” button to start the export process.

  6. Once the data is exported, you can access it from the specified destination and analyze it using external tools like Power BI and Data Lake Analytics.

Conclusion

Azure Monitor provides a comprehensive solution for monitoring various resources in Azure. It offers four key features designed to help you gain insights into your resources – metrics, logs, alerts, and dashboards. In this tutorial, we demonstrated how you can set up and configure alert rules to monitor key metrics for virtual machines in Azure. We also showed you how to create log alert rules, log search alert rules, and dashboards in Azure Monitor. With Azure Monitor, you can gain deep insights into your resources and ensure their reliability and availability.

Related Post