- Inbuilt in Portal (Monitor -> Network)
- Features
- Topology: e.g. VNet's, subnets, VMs, NICs
- Variable Packet Capture: Captures TCP packages at NIC level as wireshark files.
- IP Flow Verify: Troubleshoots NSG
- Next hop: Troubleshoots route tables
- Connection troubleshoot: Why it does not connect?
- Diagnostics Logging
- Security Group View
- NSG Flow Logging
- VPN Gateway Troubleshooting
- Network Subscription Limits
- Role Based Access Control
- Troubleshooting blade.
- Available for the following network resources:
- ExpressRoute, VPN Gateway, Application Gateway, Network Security Logs, Routes, DNS, Load Balancer, and Traffic Manager.
- Available through Portal, CLI, PowerShell, Rest API, retrieved using Power BI or third-party logs.
- Events are logged in storage accounts, ready to be sent to Event Hub or Log Analytics.
- Metrics for performance measurements are collected over a period of time.
- Unified security management and advanced threat protection for workloads running in Azure, on-premises, and in other clouds.
- Enables you to discover and assess the security of your workloads and to identify and mitigate risk.
- E.g. network recommendations, network maps, internet facing endpoints without NSGs.
- In standard tier, Just-in-time (JIT) virtual machine (VM) access can be used to lock down inbound traffic to your Azure VMs, reducing exposure to attacks while providing easy access to connect to VMs when needed.
- When a user requests access to a VM, Security Center checks that the user has Role-Based Access Control (RBAC) permissions that permit them to successfully request access to a VM. If the request is approved, Security Center automatically configures the Network Security Groups (NSGs) to allow inbound traffic to the selected ports and requested source IP addresses or ranges, for the amount of time that was specified. After the time has expired, Security Center restores the NSGs to their previous states. Those connections that are already established are not being interrupted, however.
- Deprecated names:
- Operations Management Suite (OMS)
- Log Analytics
- Monitors your cloud and on-premises environments to maintain their availability and performance.
- In portal:
- Log searches
- Graphical views of your most valuable searches
- Solutions which provide additional functionality and analysis tools.
- Also called performance counters
- Tasks
- Track the performance of your resource (such as a VM, website, or logic app) by plotting its metrics on a portal chart and pinning that chart to a dashboard.
- Perform advanced analytics or reporting on performance or usage trends of your resource.
- Get notified of an issue that impacts the performance of your resource when a metric crosses a certain threshold.
- Archive the performance or health history of your resource for compliance or auditing purposes.
- You can choose to stream this information to an event hub.
- Doing so allows you to route them to Azure Stream Analytics for near-real-time analysis.
- There is no need to set up additional diagnostics for metrics, nor opt-in for the data.
- Frequency of one minute.
- Some metrics available can also have name-value pair attributes
- Known as dimensions
- Allows further segmentation
- Users to access up to 30 days of history for each metric.
- You can also choose to achieve metrics to storage if you need to retrain them for longer than the archive period.
- You configure it in settings for the resource.
- You can also choose to achieve metrics to storage if you need to retrain them for longer than the archive period.
- Can be installed on:
- Azure VMs using the Azure Log Analytics VM extension for Windows and Linux
- For machines in a hybrid environment using setup, command line, or with Desired State Configuration (DSC) in Azure Automation.
- Outbound connection over TCP port 443
- If no connection to internet:
- The Log Analytics gateway is an HTTP forward proxy that supports HTTP tunneling using the HTTP CONNECT command.
- Agents sends their data to gateway
- Sends data to log analytics workspace
- The Log Analytics retention settings allow you to configure a minimum of 31 days (if not using a free tier) up to 730 days.
- Collects custom logs, IIS logs, performance counters, syslog, windows event logs.
- Collection of diagnostic data on a deployed application
- Supports azure Cloud Service (classic) Web and Worker Roles, Virtual Machines, Virtual Machine scale sets, and Service Fabric.
- Collects: Performance counter metrics, Application logs, Windows Event logs, .NET EventSource logs, IIS Logs, Manifest based ETW logs, Crash dumps (logs), Custom error logs, Azure Diagnostic infrastructure logs.
- Data storage
- The extension stores its data in an Azure Storage account that you specify.
- You can also send it to Application Insights.
- Another option is to stream it to Event Hub, which then allows you to send it to non-Azure monitoring services.
- You also have the choice of sending your data to Azure Monitor metrics time-series database
- Application Performance Management (APM) service for web developers building and managing apps on multiple platforms.
- Use it to monitor your live web application.
- It will automatically detect performance anomalies.
- It integrates with your DevOps process, and has connection points to a variety of development tools.
- It can monitor and analyze telemetry from mobile apps by integrating with Visual Studio App Center and HockeyApp.
- It analyzes your resource configuration and usage telemetry. It then recommends solutions to help improve the performance, security, and high availability of your resources while looking for opportunities to reduce your overall Azure spend.
- Across subscriptions
- You can apply filters to display recommendations for specific subscriptions and resource types.
- The recommendations are divided into four categories:
- High Availability : To ensure and improve the continuity of your business-critical applications.
- Security : To detect threats and vulnerabilities that might lead to security breaches.
- Performance : To improve the speed of your applications.
- Cost : To optimize and reduce your overall Azure spending.
- Provides personalized guidance and support when issues in Azure services affect you
- Helps you prepare for upcoming planned maintenance.
- Alerts you and your teams via targeted and flexible notifications.
- Service Health tracks three types of health events:
- Service issues : Problems in the Azure services that affect you right now.
- Planned maintenance : Upcoming maintenance that can affect the availability of your services in the future.
- Health advisories: Changes in Azure services that require your attention.
- E.g. Azure features are deprecated
- E.g. you exceed a usage quota.
- Data is presented at
- Azure Portal: Personalized Service Health Dashboard
- Azure Monitor: Service Health Alerts
- http://status.azure.com : General Health Overview of All Azure Services
- Turn data processing to analytics and reports that provide real-time insights into your business.
- Works with cloud-based or on-premises data.
- Has a multitude of Azure connections available.
- Shape and refine your data to build customized reports.
- Products: Power BI Desktop, Power BI Pro, Power BI Premium, Power BI Mobile, Power BI Embedded, Power BI Report Server
- You can start with a straightforward connection to an Azure SQL Database, and create reports to monitor the progress of your business.
- E.g: "Get Data dialog": Within the same Query you can connect to your Azure SQL Database, your Azure HDInsight data source, and your Azure Blob Storage (or Azure Table Storage), then select only the subsets within each that you need, and refine it from there.