Storage account insights

Posted on by zeusexam

Storage account insights

Storage account insights uses a Monitor workbook to display some general metrics for the storage accounts in the subscription. These metrics include the number of transactions on the account, a timeline of the transactions, the end-to-end latency, server latency, and client errors. Figure 5-39 displays the storage account overview.

Network insights

Network insights summarizes the network health, connectivity, and traffic for the environment. This includes the health of network interfaces, network security groups, public IP addresses, and virtual networks. Figure 5-40 displays the Network health tab of the Networks blade in Azure Monitor.

FIGURE 5-39 Storage account insights

FIGURE 5-40  Network insights

Use Azure Network Watcher and Connection Monitor

Network Watcher provides a central hub for a wide range of network monitoring and diagnos- tic tools. These tools are valuable across a wide range of network troubleshooting scenarios, and also provide access to other tools listed in this skill section, such as the Network Perfor- mance Monitor and Connection Monitor.

Deploy Network Watcher

Network Watcher is enabled as a single instance per Azure region. It is not deployed like a con- ventional Azure resource, although it does appear as a resource in a resource group.

Any subscription containing a virtual network resource will automatically have Network Watcher enabled. Otherwise, it can be enabled via the Azure portal, by choosing All Services, Network Watcher. You can also see the Network Watcher status per region. Network Watcher can also be deployed via the command line (using the New-AzNetworkWatcher cmdlet or the az network watcher configure commands), which unlike the Azure portal, provides control over the resource group used.

Some of the Network Watcher tools require the Network Watcher VM extension be installed on the VM being monitored. This extension is available for both Windows and Linux VMs. It is installed automatically when using Network Watcher via the Azure portal.

IP Flow Verify

The IP Flow Verify tool provides a quick and easy way to test whether a given network flow will be allowed into or out of an Azure virtual machine. It will report whether the requested traffic is allowed or blocked, and in the latter case, which NSG rule is blocking the flow. It is a useful tool for verifying that NSGs are correctly configured.

It works by simulating the requested packet flow through the NSGs applied to the VM. For this reason, the VM must be in a running state.

To use IP Flow Verify via the Azure portal, open Network Watcher, and click IP Flow Verify. Select the VM and NIC to verify, and specify the protocol, direction, and remote and local IP addresses and ports, as shown in Figure 5-41.

FIGURE 5-41 Network Watcher IP Flow Verify

IP Flow Verify can also be used from PowerShell, using the Test-AzNetworkWatcherIPFlow cmdlet, or the Azure CLI, using the az network watcher test-ip-flow command.

Leave a Reply

Your email address will not be published. Required fields are marked *