In this session, Microsoft MVPs Tao Yang and Alexandre Verkinderen will show you how to design a complete monitoring solution for your Azure environment using Azure Monitor, Azure Policy and Kusto Query Language (KQL). We will also demonstrate how to deploy your monitoring solution using ARM Template and Azure DevOps. We will share examples on how the monitoring solution is implemented in the real world.
👉 Azure Monitor is a technology used to collect telemetry data from your Azure and on-premises environments. You can use Azure Monitor to improve performance and support the stability of your applications by identifying issues quickly. Azure Monitor includes Azure Metrics and Azure Logs to store telemetry data and track data in real-time and for historical analysis.
⭐️Thank you for your interest in the blog, if you find it interesting, please give me a like, comment and share for everyone to know. Thanks! ❤️️
In February of this year, the Azure SDK team embarked on a project to modernize and enhance developers’ data retrieval experience for Azure Monitor. The logs and metrics pillars of observability were identified as the focus areas.
Azure Monitor and Log Analytics are a very important part of Azure infrastructure. In my opinion, the adoption of these tools should start before a company starts its migration to azure. Using these tools over on premises servers can generate a performance baseline to be used when migrating the servers, ensuring the environment will be improving.
However, it needs to be a careful implementation, if you choose to take the easier way, you may cost some buckets to your company pocket.
The biggest example I noticed was the alert system. This system is an essential part not only of these tools but of the azure infrastructure as a hole, but you need to take care with the expenses. When you use the alert system you have some options to choose and, among them, Log or Metrics.
The log option means you need to build a Kusto query to retrieve an information from the Log Analytics storage, while the Metrics means you will define one metric you are interested on and Log Analytics will do the rest.
Let’s analyse an example. Imagine you would like to build an alert to notify you everytime a processor core is over 80% for more than 15 minutes. It seems an easy example to use a metric, right?
That’s what happens when you choose to use metrics:
Since the check will be by core, the alert needs 3 dimensions: Computer, the metric (processor) and the instance (core). However, we also can’t overreact. Any core can easily be over 80% at any moment, that’s why we need to configure the 15 minutes of check. The processor will only be in trouble if over 80% during 15 minutes.
The configuration is like this:
Log Analytics uses Kusto Query Language, or KQL, to query the information on its storage. Using it we can build a query capable of achive the same result as the monitoring metric. Learn a new query language to build this is not the easier task when starting a migration, but the difference may worth it.
The KQL query we need will be this one:
| where CounterName==”% Processor Time” and InstanceName != “_Total” and ObjectName==”Processor”
| where TimeGenerated>=ago(15m)
| summarize MinProcesor=min(CounterValue) by Computer,InstanceName
| where MinProcesor >=80
The price difference is amazing:
Such a high price difference would turn metrics useless. Why would anyone use metrics for alerts if KQL is so cheaper?
On the objects where we don’t have the Log option to build conditions, we still can use KQL queries instead of metrics. We can configure the objects to send all their log to a log analytics on our azure environment. By doing that, we will be able to configure the alerts for all of them on the log analytics environment.
The objects’ configuration is not in the same place or exactly the same everywhere. Let’s analyse the existing variations.
#blogs #azure #azuremonitor #loganalytics
In this video, learn how Azure Monitor Workbooks provide a flexible canvas for data analysis and the creation of rich visual reports within the Azure Portal. Workbooks allow you to query data from multiple sources in Azure and create custom visualizations for interactive reporting and analysis.
Learn more about Azure Monitor at: https://aka.ms/MonitoringDocs
#azure #azuremonitor #programming