Monitoring in Azure

What Is Monitoring?

Monitoring is the process of collecting and analyzing data to understand the performance, health, and availability of applications and the resources they depend on.

A strong monitoring strategy:

• Provides visibility into how systems operate

• Improves uptime through proactive alerts

• Helps detect and resolve issues before users are impacted

Azure provides a collection of integrated services that together form a complete monitoring solution for cloud and hybrid environments.

---

Azure Monitor Overview

Azure Monitor is the central service for monitoring Azure resources, applications, and on-premises systems.

At a high level:

• Metrics and Logs are the core data stores

• Data comes from applications, operating systems, Azure resources, and subscriptions

• Collected data is used for analysis, alerting, dashboards, and integrations

---

Key Capabilities of Azure Monitor

1. Metrics Monitoring

• Metrics are numerical values collected at regular intervals

• Used to measure health, performance, and resource consumption

• Support near real-time monitoring

• Visualized using Metric Explorer and dashboards

2. Log Analytics

• Logs store detailed records such as:

  • Activity logs

  • Diagnostic logs

  • Application telemetry

• Queried using Kusto Query Language (KQL)

• Supports:

  • Aggregations

  • Joins

  • Advanced analytics

• Ideal for troubleshooting and deep analysis

3. Alerts and Actions

• Alerts trigger when metric or log thresholds are met

• Notifications via email, SMS, or integrations

• Can trigger automated remediation actions

---

Monitoring Data Platform

Azure Monitor works with two fundamental data types:

Metrics

• Lightweight, numeric, time-series data

• Optimized for performance monitoring

• Example: CPU percentage, disk IOPS

Logs

• Rich, structured records

• Used for detailed diagnostics and investigation

• Stored in Log Analytics workspaces

---

Data Sources and Monitoring Tiers

Azure Monitor collects data across multiple layers:

1. Application Monitoring

   • Application performance and code-level telemetry

2. Guest OS Monitoring

   • Windows and Linux operating systems

3. Azure Resource Monitoring

   • Azure services such as VMs, storage, databases

4. Azure Subscription Monitoring

   • Resource management and service health

5. Azure Tenant Monitoring

   • Tenant-level services like Azure Active Directory

Extending Monitoring

• Enable diagnostic settings

• Install monitoring agents on compute resources

• Use the Data Collector API to send custom log data from REST clients

---

Azure Advisor

Azure Advisor is a built-in optimization service that analyzes your deployments and provides recommendations in these areas:

• Cost optimization

• Performance improvements

• High availability

• Security best practices

Supported Resources

Advisor provides recommendations for:

• Virtual Machines

• Availability Sets

• Application Gateways

• App Services

• SQL Servers

• Azure Cache for Redis

---

Azure Activity Log

The Azure Activity Log records subscription-level events and answers:

• What happened

• Who performed the action

• When it occurred

• Status of the operation

Key Details

• Retention period: 90 days

• Accessible via:

  • Azure Portal

  • Azure CLI

  • PowerShell

  • REST API

---

Activity Log Filtering Options

You can filter activity logs by:

• Subscription

• Time range

• Event severity

• Resource group

• Resource name

• Resource type

• Operation name

• Initiated by (caller)

• Free-text search

---

Activity Log Event Categories

---

Key Takeaways

• Azure Monitor is the central monitoring platform in Azure

• Metrics provide fast, real-time insights

• Logs enable deep diagnostics and analytics

• Activity Logs track who did what and when

• Azure Advisor helps optimize cost, performance, and security