I need to monitor an external IP. This is for the Virtual Network Gateway, I cant use AzureDiagnostics because we are using Policy based tunnel.
Anyone with an idéa for monitoring this external IP? And get it in Log analytics for monitoring?
Azure supports metric Microsoft.Network/publicIPAddresses type in Azure Monitor. You could use metrics explorer to analyze collected metrics on a chart and compare metrics from different resources. You can also retrieve metrics by using the Azure monitoring REST API. Moreover, for non-VM resources, you need to configure diagnostic settings to send logs for log analytics.
Related
I am exploring to monitor VPN Tunnel status using Azure Monitor via Azure Monitor metrics Exporter(https://github.com/webdevops/azure-metrics-exporter). Monitoring Stack is Victoria Metrics + Grafana. Currently We are using Diagnostic logs to fetch the S2S Tunnel Status using below query and sending the alerts over mail+webhook to the Dispatcher team.
AzureDiagnostics
| where TimeGenerated > ago(5m)
| where Category == "TunnelDiagnosticLog" and OperationName == "TunnelDisconnected"
| project
TimeGenerated,
Resource,
status_s,
remoteIP_s,
stateChangeReason_s,
OperationName
How can we onboard this alert for S2S Tunnel status on my existing solution to make it automated and more efficient?
While going through the metrics offered by Azure Monitor(https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-setup-alerts-virtual-network-gateway-metric) I couldn't find any metric related to my problem. Any kind of help is much appreciated
How can we onboard this alert for S2S Tunnel status on my existing solution to make it automated and more efficient? I couldn’t find any metric related to my problem. Any kind of help is much appreciated
I created one S2S VPN connection in my Azure Environment
S2S connection connected successfully :-
I enabled the logging for Virtual Network Gateway and created diagnostics settings:-
Sent logs to Log analytics workspace:-
If you cannot find the required metrics or want to create an alert based on the query in the question, You can select Custom logs in the Alert and then provide your query to create an alert based on the query result.
Go to your Log analytics workspace that contains your VPN logs.
Select Log Analytics Workspace > Alerts > Create Alert > Condition > Custom log search > Type your Log query > Create an Alert
You can select Webhook below :-
Provide your Webhook URL and create an Alert.
AFAIK for now, Prometheus integration in azure is still in Preview and only supported for Azure AKS and Kubernetes managed clusters, Refer here
I might recommend investigating which metrics are exported by https://github.com/webdevops/azure-metrics-exporter and check if the right metrics are present in the Azure Monitor managed service, as the documentation may be out of date. If metrics are present - then just configure https://docs.victoriametrics.com/vmalert.html and it should works.
We've logs(W3CIISLogs) on Log analytics workspace for websites hosted on VMs. Similarly we have app insights enabled for websites hosted on App service. Now we want to access telemetry data of both type of websites thru single interface, either via app insights or via Log analytics. Just wondering if it's possible and what's the best way.
With Azure Monitor you can now query not only across multiple Log Analytics workspaces, but also data from a specific Application Insights app in the same resource group, another resource group, or another subscription. This provides you with a system-wide view of your data. You can only perform these types of queries in Log Analytics.
Querying across Log Analytics workspaces and from Application Insights - reference another workspace in your query, use the workspace identifier and for an app from Application Insights, use the app identifier.
Cross-resource query limits:
The number of Application Insights resources that you can include in
a single query is limited to 100.
Cross-resource query is not supported in View Designer. You can Author a query in Log
Analytics and pin it to Azure dashboard and visualize a log search.
Cross-resource query in log alerts is supported in the new
scheduledQueryRules API. By default, Azure Monitor uses the legacy
Log Analytics Alert API for creating new log alert rules from Azure
portal, unless you switch from legacy Log Alerts API. After the
switch, the new API becomes the default for new alert rules in Azure
portal and it lets you create cross-resource query log alerts rules.
You can create cross-resource query log alert rules without making
the switch by using the ARM template for scheduledQueryRules API –
but this alert rule is manageable though scheduledQueryRules API and
not from Azure portal.
Documentation Reference - Cross-Resource Log queries in Azure Monitor
Hope the above information helps.
I enabled the VM insights for few VMs. How can I create alerts for those metrics in Azure monitor?
How can I create alerts for those metrics in Azure monitor?
You can not create alerts for the metrics provided by VM insights. VM insight preview provides an in-depth view of VM health, performance trends, and dependencies. You can create these metrics alert for VM.
Moreover, Standard or Platform metrics are limited, you can try to make custom metrics via a variety of methods on your Azure VM to collect some custom performance indicators or business-specific metrics to provide deeper insights. Once published to Azure Monitor, you can alert on custom metrics for your Azure resources side by side the standard metrics emitted by Azure.
Ref: Send guest OS metrics to the Azure Monitor metric store using a Resource Manager template for a Windows Virtual Machine
It is possible to connect Azure VM to Log Analytics via Microsoft Monitoring Agent virtual machine extension (https://learn.microsoft.com/en-us/azure/log-analytics/log-analytics-azure-vm-extension). But the data received in Log Analytics has nothing to say about the subscription or the resource group the VM belongs to. This means that if I have two VMs with the same names in two different resource groups then in Log Analytics there is no way to differentiate between them. So, is there a workaround for this? Is it possible to enrich the data collected by Microsoft Monitoring Agent?
It is not possible to enrich the data collected by Microsoft Monitoring Agent at the moment.
Someone alredy created a request:
https://feedback.azure.com/forums/267889-log-analytics/suggestions/17005000-multi-tenancy-collect-azure-health-logs-from-diff
There is no Management API for reading azure monitoring data. Is there any way other than getting the monitoring data directly from a VM through remote desktop connection? We basically want to display a chart for "CPU usage percentage Vs. Time”. Actually, Azure site displays monitoring data for each VM-is there any way I can read that data and display it in a report? Any PowerShell cmdlets?
Suggested good related articles:
How to monitor Cloud Services
Enabling Diagnostics in Windows Azure
If you, however refer to Windows Azure Virtual Machines then you have to organize monitoring of these a similar way you would organize a monitoring over machines in private cloud (hyper-v)
You can fetch the CPU data for cloud services (Web/workers and VMs) through the Azure Metrics API, see: https://convective.wordpress.com/2014/06/22/using-azure-monitoring-service-with-azure-virtual-machines/
You can find example code in https://github.com/WadGraphEs/AzurePlot