In this blog, you will see an overview of Azure cloud infrastructure monitoring, Here I have covered various monitoring services that are provided by Microsoft Azure for cloud infrastructure monitoring. I also have covered steps to monitor Azure resource using Azure Monitor
Azure monitoring services are helpful to monitor all resources very easily that are available in your subscription, with the help of azure alerts you can get alerts for your particular resource via email.
Apart from this, you can check my blog on Azure traffic manager, where I discuss Azure traffic manager with a practical demonstration in detail.
Below I have discussed various monitoring services which are provided by Azure:
- Azure Infrastructure Security Monitoring
- Azure Monitor
- Azure Workbooks
- Azure Alerts
- Log Analytics
- Network Watcher
- Azure Service Health
- Monitor Azure Costs
- Azure Application Insights
- Unified Monitoring in Azure
- Steps To Monitor Azure Resource Using Azure Monitor
Azure Infrastructure Security Monitoring
Infrastructure monitoring consists of five parts
- Configuration and change management
- Vulnerability management
- Protective monitoring
- Vulnerability scanning
- Incident management
1. Configuration And Change Management
Azure check and upgrade configuration settings and baseline configurations of software, hardware, and network devices yearly. The baseline configurations that are needed for Azure-based services are checked by the Azure security and compliance team and by service teams. A service team evaluation is part of the testing that happens before the deployment of its production service.
2. Vulnerability Management
The management of security updates is important for systems to protect them from known vulnerabilities. Integrated deployment systems are used to manage the distribution and installation of security updates for Microsoft software.
3. Protective Monitoring
The security of Azure has defined requirements for active monitoring. Service teams configure active monitoring tools inline with these requirements. These tools include the Microsoft Monitoring Agent (MMA) and System Center Operations Manager. These tools are configured to provide timely alerts to Azure security personnel in situations that require immediate action.
4. Vulnerability Scanning
This scanning is performed on server operating systems, databases, and network devices. The vulnerability scans are performed every 3 months minimum. Penetration testing of Azure boundary is also performed
5. Incident Management
Incident Management service is used to define and allocate roles and responsibilities. This is the responsibility of Azure security incident management team to managing security incidents, including escalation, and ensuring the involvement of specialist teams when necessary. This is the responsibility of operations managers in overseeing the investigation and resolution of security and privacy incidents.
Also Check: Our blog post on Azure Networking. Click here
Azure Monitor
Azure Monitor is the local monitoring solution for Azure, and when we are using Azure or doing anything, it’s present in the background collecting data for you. Metrics and logs are collected by Azure monitor from all of your Azure resources and used to create alerts, monitor, troubleshoot issues, performance and create dashboards so that you have full visibility of your Azure estate and a means to act when problems arise.
Read More: About Azure ARM Templates. Click here
Azure Workbooks
Workbooks are another feature that lies under Azure Sentinel which falls under Threat Management that is something you must consider for visualizing your data in Azure Sentinel more accurately. But the actual power of workbooks is the ability to combine data from disparate sources within a single report. Which allows for the creation of composite resource views or joins across resources enabling richer data and insights that would otherwise be impossible.
Also Check: Our blog post on Azure Automate Deployment Click here
Azure Alerts
Alerts enthusiastically notify you when issues are found with your infrastructure or application using your monitoring data in Azure Monitor. They permit you to analyze and address problems before the users of your system notice them. These alert rules are separated from alerts and the actions taken when an alert fires. The alert rule captures the target and criteria for alerting. The alert rule can be in an enabled or a disabled state. Alerts only fire when enabled.
Check Out: Our blog post on AZ 304. Click here
Log Analytics
Log Analytics is the primary tool in the Azure portal for writing log queries and interactively analyzing their results. Even if a log query is used elsewhere in Azure Monitor, you’ll typically write and test the query first using Log Analytics.
You can start Log Analytics from several places in the Azure portal. The scope of the data available to Log Analytics is determined by how you start it. See Query Scope for more details.
- Select Logs from the Azure Monitor menu or Log Analytics workspaces menu.
- Select Logs from the Overview page of an Application Insights application.
- Select Logs from the menu of an Azure resource.
Read More: About Microsoft Azure Compute. Click here
Network Watcher
Azure Network Watcher provides tools to monitor, diagnose, view metrics, and enable or disable logs for resources in an Azure virtual network. Network Watcher is designed to monitor and repair the network health of IaaS (Infrastructure-as-a-Service) products which includes Virtual Machines, Virtual Networks, Application Gateways, Load balancers, etc. Note: It is not intended for and will not work for PaaS monitoring or Web analytics.
Azure Service Health
Azure Service Health helps you stay informed and take action when Azure service issues like outages and planned maintenance affect you. Azure Service Health notifies you about Azure service incidents and planned maintenance so you can take action to mitigate downtime. Configure customizable cloud alerts and use your personalized dashboard to analyze health issues, monitor the impact on your cloud resources, get guidance and support and share details and updates.
Also Read: Our previous blog post on Microsoft Azure Active Directory. Click here
Monitor Azure Costs
Costing dashboard helps users to know the current expenses of their subscriptions and minimizes the cost of the subscription for the better utilization of the expenses. It helps users to reduce cost underlying services of the subscription-based on the services, which are being utilized by the subscription owner. It also gives recommendations for the rightsizing on the basis of utilization of the services under the subscription, which helps users to give a direction for managing the cost of the services of subscription.
Azure Application Insights
Application Insights, a feature of Azure Monitor, is an extensible Application Performance Management (APM) service for developers and DevOps professionals. Use it to monitor your live applications. It will automatically detect performance anomalies and includes powerful analytics tools to help you diagnose issues and to understand what users actually do with your app.
Unified Monitoring In Azure
Azure Alerts offers organizations and IT managers, access to faster alerts and a unified monitoring platform. Once set up, the software requires minimal technical effort and gives the IT team a centralized monitoring experience through a single dashboard that manages ALL the alerts.
The platform is designed to provide low latency log alerts and metric alerts which gives IT managers the opportunity to identify and fix production and performance issues almost in real-time. Naturally, in complex IT environments, this level of control and overview of the IT infrastructure leads to higher productivity and reduced costs.
Also Check: Our blog post on Azure interview questions. Click here
Steps To Monitor Azure Resource Using Azure Monitor
Step 1) Log in to Azure Portal (Please make sure you have a subscription before doing all this. If you created a free account for the first time, you’ll already have a FREE TRIAL subscription for 1 month).
Note: If you don’t know how to get free Azure account then click on Azure Free Trial Account to know more
Step 2) Locate Azure resource in your subscription, for this demo I am using storage account as a resource (If you don’t know how to create storage account then click on Azure Storage Accounts to know more) So goto resources of the storage account.
Step 3) Now click on Overview which will open Overview page and note if there’s any performance data displayed (Check below image for reference). This data will be provided by Azure Monitor. The example below is the Overview page for an Azure storage account
Check Out: Our blog post on Azure Solution Architect Exam: Learn how to prepare for this exam.
Step 4) You can click on any of the graphs to open the data in metrics (From step 5 we will see metrics)
Step 5) Under the Monitoring section of your resource’s menu, select Metrics. This opens metrics explorer with the scope set to your resource. Select a Metric from the dropdown list and then an Aggregation. This defines how the collected values will be sampled over each time interval.
Step 6) After selection you can check how graph changes in below image (Here in this demo I have chosen Percentage CPU)
Conclusion: The Azure monitoring services help to monitor resources, you can easily monitor your resources with various monitoring services provided by Azure. The practical Hands-on in this blog helps you to understand concepts in more detail like how monitoring services work and how they look like and easy to manage.
Frequently Asked Questions
What can be monitored using Azure Monitor?
Microsoft combined three unique services—Azure Monitor, Log Analytics, and Application Insights—under the umbrella of Azure Monitor to provide powerful end-to-end monitoring of your applications and the components they rely on. Log Analytics and Application Insights are now features of Azure Monitor.
How many types of data does Azure Monitor collect?
Azure Monitor collects data from various sources. These sources include logs and metrics from the Azure platform and resources, custom applications, and agents running on virtual machines.
Can Azure monitor detect threats?
Azure Advanced Threat Protection (ATP) cloud service helps protect your organization from insider threats and compromised identities. It constantly monitors the domain controllers and analyzes events. It identifies threat patterns and their source, both on-premises and in the cloud.
What is the difference between Azure metrics and Azure monitor?
Azure Monitor Metrics can only store numeric data in a particular structure, whereas Azure Monitor Logs can store a variety of data types that have their own structures. You can also perform complex analysis on Azure Monitor Logs data by using log queries, which can't be used for analysis of Azure Monitor Metrics data.
References/Related
- Microsoft Azure Architect Design Step By Step Activity Guides (Hands-On Labs)
- Case Study: Deploy A Container Instance In Azure Using The Azure Portal
- Azure Storage Account [Official Microsoft]
- Tips To Prepare Exam AZ-304: Microsoft Azure Architect Design
- Core Cloud Service: Azure Compute Options
- [AZ-304] Microsoft Azure Architect Design (beta): Everything You Need To Know
- Exam AZ-305: Azure Solutions Architect Expert Certification
Next Task For You
Begin your journey toward Mastering Azure Cloud and landing high-paying jobs. Just click on the register now button on the below image to register for a Free Class on Mastering Azure Cloud: How to Build In-Demand Skills and Land High-Paying Jobs. This class will help you understand better, so you can choose the right career path and get a higher paying job.
Leave a Reply