Microsoft has made a number of Azure monitoring and management services generally available. You can now access Azure Monitor, Azure Network Watcher, Azure Resource Health, and Azure Advisor in general availability (GA).
Many Management Options
It has been a busy period of time as a number of different management solutions became generally available in Microsoft Azure. Each of these solutions can be used separately but most, if not all, can be integrated into other services. An example of this is using Operations Management Suite (OMS) for consolidated management.
The goal of Azure Monitor is to give you essential monitoring capabilities without acquiring or configuring costly and timely third-party solutions. With Azure Monitor, you get platform-level and service-level telemetry.
Effective management starts with designing for management by exception. Failing IT managers want status displays to constantly be updating. Successful IT managers spend their time more wisely. They only want to know when things are not working as they should. You can get classic alerts based on thresholds. You can also get alerts based on activities such as virtual machine reboots, deployment failures, or permission changes.
Monitoring data sources include:
- Activity logs
- Host Virtual machines including hidden virtual machines underneath cloud services and Service Fabric
- Resource metric and diagnostic logs
- Application diagnostic logs, application logs, and metric logs from inside a virtual machine
Monitoring data can be used as follows:
- Visualization including Azure Portal, Azure Application Insights, PowerBI and third-party tools
- Archived for local or third-party reporting and analysis
- Queried to access data on specific systems
- Automation triggers events, sends notification/email, or executes a runbook in Azure Automation
Azure Network Watcher
The network is critical for connecting components of a service but it is even more critical in cloud computing:
- Requires networking for remote access
- Builds complexity that is hard to troubleshoot without access to the underlying fabric
Network Watcher gives us the ability to monitor our network deployments in two ways but scenario-based monitoring provides us with:
- Topology: View how resources in Azure are connected
- Variable packet capture: Capture packets from the network based on a set of criteria
- IP flow verify: Check that packets can reach the desired destination from a specified source
- Next hop: See how traffic will be routed from a virtual machine
- Security group view: See what Network Security Groups (NSG) are being used and which rules are applied
- NSG flow logging: Check how your NSG rules are being applied to traffic
- Network subscription limits: How many of the limited resources you are using
- Configuring diagnostic logs: Enable and view logging for various network resources
You can use resource monitoring when a scenario identifies a trouble spot:
- Audit log: Track who made a configuration change and when
- Metrics: See how resources are performing
- Diagnostic logs: Check for errors and integrating with Log Analytics and PowerBI
- Troubleshooting: Look for common fixes
- Resource Health: See how healthy the resources are
Microsoft describes Azure Advisor as a personalized cloud consultant. Advisor aims to help you with:
- Advice on how to achieve best practices
- Improve security, performance, and high availability
- Make recommendations on current actions
The recommendations are split into four categories. Each is assigned an impact level or severity,:
- High availability
The key word in Microsoft’s description is consultant. As with all consultants, this tool will talk a ton and make lots of recommendations that are not necessarily correct for you. Advisor is useful because it is offering another pair of eyes on your deployment. You must be able to understand and filter the advice. You cannot treat each recommendation as an alert in Event Viewer. This would be a great way to increase costs.
Azure Resource Health
As a cloud customer, you are isolated from the fabric and the infrastructure management tools that make your services possible. This can make it difficult to understand the root cause of misbehavior. You need to discern if there is software fault in the virtual machine or if the underlying host is at fault.
Everything that you deploy and is an object in a resource group (ARM) is a resource. Resource Health is decided based on a number of signals from the underlying infrastructure. Once a resource becomes unhealthy, Resource Health can analyze additional information to identify the root cause. With this knowledge, you know how to proceed:
- Microsoft is acting to resolve the issue
- Steps you can take to solve the issue
- Advises you to contact support
You can find Resource Health in the management blade of every resource that is supported. The current and historical (up to 14 days) health of the resource can be seen. You can also view advice for solving a current problem.