Skill 5.1: Monitor resources in Azure
Azure Monitor maximizes the availability and performance of your applications by delivering a comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments. It helps you understand how your applications are perform- ing and proactively identifies issues affecting them and the resources on which they depend.
The Azure Monitor landing page provides a jumping off point to configure other more-specific monitoring services, such as Application Insights, Network Watcher, Log Analytics, Manage- ment Solutions, and so on. Figure 5-1 shows some of the various data sources and how they are collected, either as metric or log data. The data is consumed, visualized, or acted on by various services in Azure.
FIGURE 5-1 Azure Monitor data sources for metric and log data and the ways you can act on the data
Azure Monitor helps you track performance, maintain security, and identify trends by ingesting metrics and telemetry from multiple areas, including applications and the operating systems of virtual machines. You can also query your Azure resources (which emit performance counters), your Azure subscriptions, Entra tenant, and event custom sources.
The data from your Azure resources is ingested into either metrics stored within the Azure platform and accessible by the monitor service, or as logs into a Log Analytics workspace in your Azure subscription.
Comparing metrics and logs surfaces some key differentiators:
- Retention Most of the metrics are retained for 93 days within the Azure service, while logs stored in Log Analytics can be retained for up to two years. However, metric que- ries can only span up to 30 days. There are opportunities to retain long-term metrics by storing metrics in Log Analytics as well.
- Properties Metrics have a fixed set of properties (or attributes). These are time, type, resource, value, and dimensions (optional). Logs have different properties for each log type and even support rich data types, such as date and time.
- Data availability Metrics are gathered over time (like once a minute) and available for immediate query. Logs are often gathered after being triggered by an event (such as when an event is written to an application log) and can take time to process before they are available for query. While both offer near real-time query capabilities, metrics will typically be used for fast alerts, and logs are used for more complex analysis.
Once the data is collected, Azure Monitor provides “a single pane of glass,” or entry point, to interact with your metrics and logs. Interactions can include querying and alerting, building visualizations and dashboards, or even automated responses based on telemetry for function- ality, such as autoscaling in virtual machines.
Data stored in Log Analytics can also be queried directly through a Log Analytics work- space, where you will have access to the same query interfaces as you have through Azure Monitor, but you also can make customizations to the configuration of the workspace and access workspace-specific solutions, including visualizations and queries.
All the data that you can access through Azure Monitor can be used to create alerts within Azure Monitor with alert rules. Alert rules are built based on target resources or resource types, such as virtual machines, storage account, and even PaaS services and your custom con- ditions. Alerts proactively notify you of the health of the resources you deploy in Azure. You are not limited to notifications; alert rules leverage actions groups so you can even implement automation based on an alert condition.
