I have an Azure cloud application / Webrole and Worker role. Our company has the need to receive automated logs via email for SOX compliance reasons.
Is there anything out of the box with Azure which allows me to automatically email / notify the support team of various log activities or even email the log entries themselves automatically? Or, do I have to write something to do this?
For example: In the "Audit Logs" anytime there is a Level of Warning or above, email support team.
A couple good options:
Most Cloud Service logs get written to Azure Storage - the Azure WebJobs SDK is perfect for creating a simple WebJob that can monitor the BLOBs and send you applicable notifications.
Application Insights has easily configurable alerts that can monitor and notify you of issues with your application.
Related
As part of our production environment we have several App Services running inside of Azure. I would like to implement notifications to be sent to a specific email address upon file or configuration changes within those App Services. I have tried enabling Application Changes for the service but it does not appear to provide the capability to set up alerts on the changes,
I have also tried enabling App Service alerts but it does not appear that any of the test configuration changes that I have made were captured by the signal "Apply Web App Configuration".
The last thing that I tried was to enable Diagnostic Settings to capture AppServicePlatformLogs and AppServiceFileAuditLogs and stream them to an Event Hub, however, I cannot determine how to set up the email notification from the hub for the events.
I am hoping that there may be an easier way to set this up and was hoping that someone may have some pointers or resources that I can follow.
I was able to accomplish this under "Monitoring" -> "Alerts". A more detailed walkthrough can be found here https://perituza.com/blog/azure-app-service-monitoring-and-alerts/. The key was selecting "Activity Log - Administrative" as the Monitor Service in the Condition.
I have error setting up Azure Function within Azure Resource under Log Analytics Workspace.
When only AllMetrics is checked, it works. But whenever FunctionExecutionLogs is checked, error occurs like below:
1.Nav to your log analytics workspace in azure portal.
2.in the left blade, select Workspace Data Sources -> Azure Resources, then click your azure function there.
Check FunctionExecutionLogs and error occurs.
Any idea?
Setup data used by Azure Log Analytics with Azure Fucntions
Update
We would like to understand more on Application InSights and Log Analytics, and use the best tool for us.
'FunctionExecutionLogs' for azure function/web app in azure log analytics will not be supported any more.
So application insights is a better choice for monitoring azure function.
The following is the feedback from MS log analytics team:
Several months ago, App Service/Functions team on-boarded to Azure Monitor diagnostic logs but they don't actually emit log data.
Basically there are thousands of diagnostic setting registrations which are no-ops and don't actually do anything.
Recently in the past few weeks, we've been in discussion with App Service to release this feature in the next few weeks as a private preview feature.
This unfortunately is a breaking change as only private preview customers can turn on diagnostic logs for App Service.
Please note -- There is no actual customer impact as whatever customers turned on previously never worked to begin with.
To fix the deployment script, we should ask customers to update their template to only turn on metric export and not logs --- this won't have any actual customer impact.
So, from our Log Analytics side, this is a scenario we are not support from our Log Analytics team which has declared by our Production Group any more.
I would recommend using Application insight with Azure Functions. Application insights has deeper integration with Azure Functions and is the recommended way of setting up Analytics for your app. Is there a specific reason you want to setup through Log Analytics instead of Application Insights?
Now, almost 2 years later, Classic Application Insights is deprecated (apparently it will be retired around Feb '24). The recommended way to set this up is to
Create a log analytics workspace
Create an application insights resource that has it's workspace id set to the LA workspace created in the previous step
Your functions will still be configured to log to app insights but that has its datastorage now backed by the LA workspace instead of bringing its own.
You can migrate existing app insights to link to a LA workspace - apparently this migration is not reversible but it should be transparent from your function point of view (i.e. the app insights connection doesn't change). Details can be found here: https://learn.microsoft.com/en-nz/azure/azure-monitor/app/convert-classic-resource
What is the use case for Azure application insights or log analytics?
I am using APIM and Azure Functions and want to perform logging for requests. Which one is the best fit, application insights or log analytics?
https://learn.microsoft.com/en-gb/azure/azure-monitor/overview
Update
In particular, any info on Azure application insights vs log analytics used for APIM?
What used to be known as Application Insights and Log Analytics independent offerings - are now a part of Azure Monitor. We're actively merging both platforms.
For instance, Analytics exploration part is exactly the same (same backend, same UX, same capabilities, just different data schema). Alerts are the same. Some experiences are still different (for instance, app experiences such as Application Map).
Example: in Azure Monitor Overview (https://learn.microsoft.com/en-gb/azure/azure-monitor/overview):
"Log Analytics" is referred as a feature and not what used to be known as Log Analytics as a product. For instance, Application Insights resources provide the same "Log Analytics" feature.
For Azure Functions / APIM the native integration with Azure Monitor is through Application Insights.
Update (October, 2020). Application Insights can now store data in Log Analytics workspaces. Now many workspace related features are available to Application Insights resources. How to migrate.
Azure function better to go with application insights and if you working with kubernetes cluster choose Log analytics work space
Azure Functions offers built-in integration with Azure Application Insights to monitor functions.
So for azure function, you'd better use application insights, which is easy configure.
Details are here.
Application Insights
Application Insights is an Application Performance Management (APM) service, that you use to monitor your application. It helps to detect performance anomalies, has analytic abilities, and can help you understand how users interact with your application.
Not only can it collect telemetry data from your application, but it can also collect information from the application host, Azure Diagnostics, or Docker logs. It’s also nice that you can use Application Insights to set up tests that send requests to your website/service to check for availability (and receive a notice if these fail).
One of the most powerful things that I’ve noticed in my use of Application Insights (which is monitoring this blog), is the Smart Detection feature. This feature proactively analyzes and detects changes in your application. So even if you hadn’t set up an Alert of monitoring of a specific metric, it can pick it up and react to it.
Use case is as soon as an error occurs in application, support team should receive a notification.
Looking for an out of box solution in Azure.
Current system configured for Diagnostic logs with below settings:
Application Logging (Blob) - On
Logging Level - Error
Retention period - X days.
As far as I know, azure app service has Alerts feature. By using this feature, you could define which metrics will send the email.
About how to use it, you could refer to below images:
1.Find the alters in your from azure portal app service.
2.Click add alerts
3.Define alert rule
I want to explore OMS (especially Service Map) for Azure webApps, but it shows following error, "In order to on-board a server to Service Map, the Microsoft Dependency Agent needs to be installed on a server being monitored by OMS. Documentation can be found".
Alos, Microsoft claims that 'Monitor service' is used to view the data across multiple subscriptions, resource group etc. But when I view Metrics, it requires 'Resource Name'. Although comments says, 'select or all resources', but It does not give option to select all.
I think it's too late but here it goes, Application insight is what you will need to get the metrics, Have you looked at it as an option?
OMS, is more useful when you are running stuff on Infrastructure as service resources not on Paas/Saas, I guess because the shared responsibility monitoring etc is different in such environment & PaaS/SaaS should already have means to log, monitor & alert.
Though there is workaround to integrate your app for logging that I am aware of, All you need to do integrate the log analytics for your app service, from there you can setup alerting etc.
Installing agent on shared service would never work out, considering there will be other neighbors using the resources however dedicated instances of app will give you greater flexibility.
Thanks