Trying to set up alerts to inform us when a server is offline using azure log analytics. I have the monitor agent installed on all machines within the business but how would I configure this. Any help would be appreciated
To answer your question, refer this document to learn regarding seting up and configuring alerts using alerts interface in Azure portal. And the query in the alert to track when server is offline can be written by leveraging tables like 'Heartbeat' or 'Perf' with 'Uptime' counter name or 'Event', etc. Hope this helps!
Related
If Jmeter already connect to Azure(like JMeter logs sent to a platform
like Log Analytics workspace) , you get all Jmeter data you want. You can easily use KQL to query the Jmeter data.
But you just don't know how to query Jmeter Graph - Active Threads Over times
Is there any Query code for it? Thanks
Hi I'm Charlie from the Microsoft for Founders Hub team. I'm not usually here, so may not see a follow up question, but do want help.
KQL is used to query telemetry and logs from technologies based on Azure Data Explorer (i.e,Application Insights, Logs Analytics workspace, Search in Sharepoint).
This said, you must have your JMeter logs sent to a platform like Log Analytics workspace before you can continue to query them. If you have, please follow these link to learn how to interact with that workspace in Azure:
https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-query-overview
https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-tutorial
To help you further, please include how you connected JMeter Logs to Azure.
I am new to GCP and come from an Azure background. Is there an equivalent of "Azure Application Insights" on the GCP side for Monitoring Applications?
Let me explain my use case more clearly with an example: If I have a .NET based web application running on a Windows VM on GCP can Google Cloud Monitoring help detect Exceptions raised by the running application and send out alerts.
Any pointers/links to further explore this type of monitoring capability would be helpful.
Cloud Monitoring will provide you with many statisctics - most probably with what you need. And if there aren't any metrics to suit you need you may create ones based on the logs collected from the VM.
By default there is a number of logs being ingested but if you want to have full range and experiment with various ones you may want to install a monitoring agent. Go through the documentation and have a look.
You can then use the metrics to create charts and have a live view on a number of things such as cpu utilisation, disk IO/s, dropped/sent/received packets etc. Here's the Cloud Monitoring documentation.
And finally - you can create alerts based on the metrics (set thresholds, time periods etc). They can be simple e-mail alerts for example but they can be sent via pub-sub and trigger some functions or apps too.
Since you're new to GCP it's a lot of reading ahead of you but you will easily find documentation for most of GCP's services.
If you provide more details I can update my answer and give you more precise answer.
So I am building a application in azure and I am using Azure Log Analytics and I am trying to find s good way for people on my team that dont have access to azure but need to be able to access the Logs. Does anyone have simple fast ways to create something like this. Good techinologies good ways to give people access to it?
Is using Power BI to ingest your log analytics queries an option?.
The caveat here would be the need to redo any potential charts and graphs however Power BI offers a lot of functionality as well as opportunities to join with other day sets.
In your scenario the trick would be using a service account credentials when publishing the dataset.
You may try to use Azure Log Analytics rest api.
Then you can provide the authentication(it only authenticates to log analytics, not the entire azure) to the end user, and let them write query to fetch the logs; Or you can write a middle-ware, which can process the query request from end users.
So there are a few ways to do this:
You can use the ALA api to generate a home grown log portal
There are multiple SAS options out there
DataDog
Splunk
AppDynamics
Power Bi
Not specifically logs but prometheus and grafa for matrics and alerts and its dirt cheap compared to app insights
I have below two questions can someone help on them.
1.Is there a script or a way to create custom alert format for azure alerts?
2.Is there a way to pin all the azure VM status to dashboard?
Regarding #1, the feature to customize or configure alert email format is currently not supported. If interested, I suggest you to raise your feedback / feature request here in UserVoice / feedback forum. Responsible product / feature team would triage / start checking feasibility and would prioritize the feedback.
Regarding #2, If 'status' is meant as 'PowerState' (i.e., status of VM whether it is running, deallocated, etc.) or if it's meant as 'StatusCode' (i.e., ok, etc.) or if it's meant as 'ProvisioningState' (i.e., succeeded, etc.) then I don't think we have straight-forward way for it so that we can ingest that particular data directly to dashboard but said that, you may just leverage 'Heartbeat' Log Analytics Kusto table at first place and create a custom view as dashboard using view designer but as views in Azure Monitor are being phased out and replaced with workbooks so I suggest leveraging these workbooks now.
If not, you may leverage a new feature called as Azure Monitor for VMs which basically helps to analyze the performance and health of your Windows and Linux VMs, and monitor their processes and dependencies on other resources and external processes. Here again, you can create interactive reports Azure Monitor for VMs with VM insights workbooks.
Hope these inputs helps!
Wanting to find if there is a way to query azure security recommendations in log analytics
I checked if the schema "SecurityEvent" has details related to this. But no luck.
As Azure Security Center search and other related features are getting retired as stated here so AFAIK Azure Sentinel would be the right one to leverage now which enables us to query and also connect alerts from Azure Security Center and stream them into it. For more information, please refer this document. Hope this helps!!
Hey if i understand your question properly. You need to understand if you can get the recommendation which the Azure Security Center provides through Log Analytics Kusto queries. ? If so then
You should be able to query once you have linked the Azure Security Center in your subscription to your log analytics instance workspace.
For linking your need to go to Azure Portal ->Azure Security Center -> Pricing and settings -> Select the subscription and workspace (Follow the steps in https://learn.microsoft.com/en-us/azure/security-center/security-center-enable-data-collection )
once this is linked successful you should see the below schema 'security' or 'securityfree' based on what you have chosen. Like in the screen shot below.