Objectives
In this lab, you will:
- Task 1: Provision the lab environment
- Task 2: Create and configure an Azure Log Analytics workspace and Azure Automation-based solutions
- Task 3: Review default monitoring settings of Azure virtual machines
- Task 4: Configure Azure virtual machine diagnostic settings
- Task 5: Review Azure Monitor functionality
- Task 6: Review Azure Log Analytics functionality
Task 1: Provision the lab environment
In this task, you will deploy a virtual machine that will be used to test monitoring scenarios.
Sign in to the https://portal.azure.com.
In the Azure portal, open the Azure Cloud Shell by clicking on the icon in the top right of the Azure Portal.
If prompted to select either Bash or PowerShell, select PowerShell.
If this is the first time you are starting Cloud Shell and you are presented with the You have no storage mounted message, select the subscription you are using in this lab, and click Create storage.
In the toolbar of the Cloud Shell pane, click the Upload/Download files icon, in the drop-down menu, click Upload and upload the files \Allfiles\Labs\11\az104-11-vm-template.json and \Allfiles\Labs\11\az104-11-vm-parameters.json into the Cloud Shell home directory.
From the Cloud Shell pane, run the following to create the resource group that will be hosting the virtual machines (replace the
[Azure_region]
placeholder with the name of an Azure region where you intend to deploy Azure virtual machines):Make sure to choose one of the regions listed as Log Analytics Workspace Region in the referenced in Workspace mappings documentation
powershell$location = '[Azure_region]' $rgName = 'az104-11-rg0' New-AzResourceGroup -Name $rgName -Location $location
From the Cloud Shell pane, run the following to create the first virtual network and deploy a virtual machine into it by using the template and parameter files you uploaded:
powershellNew-AzResourceGroupDeployment ` -ResourceGroupName $rgName ` -TemplateFile $HOME/az104-11-vm-template.json ` -TemplateParameterFile $HOME/az104-11-vm-parameters.json ` -AsJob
Do not wait for the deployment to complete but instead proceed to the next task. The deployment should take about 3 minutes.
Task 2: Register the Microsoft.Insights and Microsoft.AlertsManagement resource providers.
From the Cloud Shell pane, run the following to register the Microsoft.Insights and Microsoft.AlertsManagement resource providers.
powershellRegister-AzResourceProvider -ProviderNamespace Microsoft.Insights Register-AzResourceProvider -ProviderNamespace Microsoft.AlertsManagement
Minimize Cloud Shell pane (but do not close it).
Task 3: Create and configure an Azure Log Analytics workspace and Azure Automation-based solutions
In this task, you will create and configure an Azure Log Analytics workspace and Azure Automation-based solutions
In the Azure portal, search for and select Log Analytics workspaces and, on the Log Analytics workspaces blade, click + Add.
On the Basics tab of the Create Log Analytics workspace blade, the following settings, click Review + Create and then click Create:
Settings Value Subscription the name of the Azure subscription you are using in this lab Resource group the name of a new resource group az104-11-rg1 Log Analytics Workspace any unique name Region the name of the Azure region into which you deployed the virtual machine in the previous task Make sure that you specify the same region into which you deployed virtual machines in the previous task.
Wait for the deployment to complete. The deployment should take about 1 minute.
In the Azure portal, search for and select Automation Accounts, and on the Automation Accounts blade, click + Add.
On the Add Automation Account blade, specify the following settings, and click Create:
Settings Value Name any unique name Subscription the name of the Azure subscription you are using in this lab Resource group az104-11-rg1 Location the name of the Azure region determined based on Workspace mappings documentation Create Azure Run As account Yes Make sure that you specify the Azure region based on the Workspace mappings documentation
Wait for the deployment to complete. The deployment might take about 3 minutes.
On the Add Automation Account blade, click Refresh and then click the entry representing your newly created Automation account.
On the Automation account blade, in the Configuration Management section, click Inventory.
In the Inventory pane, in the Log Analytics workspace drop-down list, select the Log Analytics workspace you created earlier in this task and click Enable.
Wait for the installation of the corresponding Log Analytics solution to complete. This might take about 3 minutes.
This automatically installs the Change tracking solution as well.
On the Automation account blade, in the Update Management section, click Update management and click Enable.
Wait for the installation to complete. This might take about 5 minutes.
Task 4: Review default monitoring settings of Azure virtual machines
In this task, you will review default monitoring settings of Azure virtual machines
In the Azure portal, search for and select Virtual machines, and on the Virtual machines blade, click az104-11-vm0.
On the az104-11-vm0 blade, in the Monitoring section, click Metrics.
On the az104-11-vm0 | Metrics blade, on the default chart, note that the only available Metrics Namespace is Virtual Machine Host.
This is expected, since no guest-level diagnostic settings have been configured yet. You do have, however, the option of enabling guest memory metrics directly from the Metrics Namespace drop down-list. You will enable it later in this exercise.
In the Metric drop-down list, review the list of available metrics.
The list includes a range of CPU, disk, and network-related metrics that can be collected from the virtual machine host, without having access into guest-level metrics.
In the Metric drop-down list, select Percentage CPU, in the Aggregation drop-down list, select Avg, and review the resulting chart.
Task 5: Configure Azure virtual machine diagnostic settings
In this task, you will configure Azure virtual machine diagnostic settings.
On the az104-11-vm0 blade, in the Monitoring section, click Diagnostic settings.
On the Overview tab of the az104-11-vm0 | Diagnostic settings blade, click Enable guest-level monitoring.
Wait for the operation to take effect. This might take about 3 minutes.
Switch to the Performance counters tab of the az104-11-vm0 | Diagnostic settings blade and review the available counters.
By default, CPU, memory, disk, and network counters are enabled. You can switch to the Custom view for more detailed listing.
Switch to the Logs tab of the az104-11-vm0 | Diagnostic settings blade and review the available event log collection options.
By default, log collection includes critical, error, and warning entries from the Application Log and System log, as well as Audit failure entries from the Security log. Here as well you can switch to the Custom view for more detailed configuration settings.
On the az104-11-vm0 blade, in the Monitoring section, click Logs and then click Enable.
On the az104-11-vm0 - Logs blade, ensure that the Log Analytics workspace you created earlier in this lab is selected in the Choose a Log Analytics Workspace drop-down list and click Enable.
Do not wait for the operation to complete but instead proceed to the next step. The operation might take about 5 minutes.
On the az104-11-vm0 | Logs blade, in the Monitoring section, click Metrics.
On the az104-11-vm0 | Metrics blade, on the default chart, note that at this point, the Metrics Namespace drop-down list, in addition to the Virtual Machine Host entry includes also the Guest (classic) entry.
This is expected, since you enabled guest-level diagnostic settings. You also have the option to Enable new guest memory metrics.
In the Metrics Namespace drop-down list, select the Guest (classic) entry.
In the Metric drop-down list, review the list of available metrics.
The list includes additional guest-level metrics not available when relying on the host-level monitoring only.
In the Metric drop-down list, select Memory\Available Bytes, in the Aggregation drop-down list, select Max, and review the resulting chart.
Task 6: Review Azure Monitor functionality
In the Azure portal, search for and select Monitor and, on the Monitor | Overview blade, click Metrics.
On the Select a scope blade, on the Browse tab, navigate to the az104-11-rg0 resource group, expand it, select the checkbox next to the az104-11-vm0 virtual machine entry within that resource group, and click Apply.
This gives you the same view and options as those available from the az104-11-vm0 - Metrics blade.
In the Metric drop-down list, select Percentage CPU, in the Aggregation drop-down list, select Avg, and review the resulting chart.
On the Monitor | Metrics blade, on the Avg Percentage CPU for az104-11-vm0 pane, click New alert rule.
Creating an alert rule from Metrics is not supported for metrics from the Guest (classic) metric namespace. This can be accomplished by using Azure Resource Manager templates, as described in the document Send Guest OS metrics to the Azure Monitor metric store using a Resource Manager template for a Windows virtual machine
On the Create alert rule blade, in the Condition section, click the existing condition entry.
On the Configure signal logic blade, in the list of signals, in the Alert logic section, specify the following settings (leave others with their default values) and click Done:
Settings Value Threshold Static Operator Greater than Aggregation type Average Threshold value 2 Aggregation granularity (Period) 1 minute Frequency of evaluation Every 1 Minute On the Create alert rule blade, in the Action group section, click Add action groups and then click the + Create action group button.
On the Basics tab of the Create action group blade, specify the following settings (leave others with their default values) and select Next: Notifications >:
Settings Value Subscription the name of the Azure subscription you are using in this lab Resource group az104-11-rg1 Action group name az104-11-ag1 Display name az104-11-ag1 On the Notifications tab of the Create action group blade, in the Notification type drop-down list, select Email/SMS/Push/Voice. In the Name text box, type admin email. Click the Edit details (pencil) icon.
On the Email/SMS/Push/Voice blade, select the Email checkbox, type your email address in the Email textbox, leave others with their default values, click OK, back on the Notifications tab of the Create action group blade, select Next: Actions >.
On the Actions tab of the Create action group blade, review items available in the Action type drop-down list without making any changes and select Review + create.
On the Review + create tab of the Create action group blade, select Create.
Back on the Create alert rule blade, in the Alert rule details section, specify the following settings (leave others with their default values):
Settings Value Alert rule name CPU Percentage above the test threshold Description CPU Percentage above the test threshold Severity Sev 3 Enable rule upon creation Yes Click Create alert rule.
It can take up to 10 minutes for a metric alert rule to become active.
In the Azure portal, search for and select Virtual machines, and on the Virtual machines blade, click az104-11-vm0.
On the az104-11-vm0 blade, click Connect, in the drop-down menu, click RDP, on the Connect with RDP blade, click Download RDP File and follow the prompts to start the Remote Desktop session.
This step refers to connecting via Remote Desktop from a Windows computer. On a Mac, you can use Remote Desktop Client from the Mac App Store and on Linux computers you can use an open source RDP client software.
You can ignore any warning prompts when connecting to the target virtual machines.
When prompted, sign in by using the Student username and Pa55w.rd1234 password.
Within the Remote Desktop session, click Start, expand the Windows System folder, and click Command Prompt.
From the Command Prompt, run the following to trigger increased CPU utilization on the az104-11-vm0 Azure VM:
shfor /l %a in (0,0,1) do echo a
This will initiate the infinite loop that should increase the CPU utilization above the threshold of the newly created alert rule.
Leave the Remote Desktop session open and switch back to the browser window displaying the Azure portal on your lab computer.
In the Azure portal, navigate back to the Monitor blade and click Alerts.
Note the number of Sev 3 alerts and then click the Sev 3 row.
You might need to wait for a few minutes and click Refresh.
On the All Alerts blade, review generated alerts.
Task 7: Review Azure Log Analytics functionality
In the Azure portal, navigate back to the Monitor blade, click Logs.
You might need to click Get Started if this is the first time you access Log Analytics.
If necessary, click Select scope, on the Select a scope blade, select the Recent tab, select a104-11-vm0, and click Apply.
In the query window, paste the following query, click Run, and review the resulting chart:
sh// Virtual Machine available memory // Chart the VM's available memory over the last hour. InsightsMetrics | where TimeGenerated > ago(1h) | where Name == "AvailableMB" | project TimeGenerated, Name, Val | render timechart
Click Queries in the toolbar, on the Queries pane, locate the Track VM availability tile, click the Run command button in the tile, and review the results.
On the New Query 1 tab, select the Tables header, and review the list of tables in the Virtual machines section.
The names of several tables correspond to the solutions you installed earlier in this lab.
Hover the mouse over the VMComputer entry and click the Preview data icon.
If any data is available, in the Update pane, click Use in editor.
You might need to wait a few minutes before the update data becomes available.
Clean up resources
Remember to remove any newly created Azure resources that you no longer use. Removing unused resources ensures you will not see unexpected charges.
In the Azure portal, open the PowerShell session within the Cloud Shell pane.
List all resource groups created throughout the labs of this module by running the following command:
powershellGet-AzResourceGroup -Name 'az104-11*'
Delete all resource groups you created throughout the labs of this module by running the following command:
powershellGet-AzResourceGroup -Name 'az104-11*' | Remove-AzResourceGroup -Force -AsJob
The command executes asynchronously (as determined by the -AsJob parameter), so while you will be able to run another PowerShell command immediately afterwards within the same PowerShell session, it will take a few minutes before the resource groups are actually removed.
Review
In this lab, you have:
- Provisioned the lab environment
- Created and configured an Azure Log Analytics workspace and Azure Automation-based solutions
- Reviewed default monitoring settings of Azure virtual machines
- Configured Azure virtual machine diagnostic settings
- Reviewed Azure Monitor functionality
- Reviewed Azure Log Analytics functionality
Subscribe by Email
Follow Updates Articles from This Blog via Email
No Comments