6.1.1. Configure Azure Monitor Metrics and Logs

💡 First Principle: Azure Monitor provides unified observability by centralizing telemetry (metrics and logs) from diverse sources, enabling a comprehensive view of application and infrastructure health.

Scenario: You need to monitor the CPU utilization of your Azure Virtual Machines and collect detailed application logs from them. You also need to retain these logs for a specific period for auditing.

What It Is: Azure Monitor is a unified monitoring service in Azure that provides comprehensive solutions for collecting, analyzing, and acting on telemetry data.

Types of Data Collected by Azure Monitor:

• Metrics: Numeric values representing resource state at a specific time (e.g., CPU usage, memory).
• Logs: Event and diagnostic data, structured or unstructured, capturing operational details (e.g., activity logs, resource logs).

How Data is Collected:

• Platform Metrics: Automatically collected for most Azure resources.
• Diagnostic Settings: Configure resources to send logs and metrics to Log Analytics, Storage Accounts, or Event Hubs.
• Agents: Install Azure Monitor Agent (AMA) on VMs to collect guest OS metrics and custom logs.

⚠️ Common Pitfall: Relying only on platform metrics and not collecting guest OS metrics. Platform metrics show the hypervisor's view of the VM, but guest OS metrics (collected by an agent) provide a more accurate picture of what's happening inside the operating system.

Key Trade-Offs:

• Metrics vs. Logs: Metrics are lightweight and good for real-time alerting on numerical trends. Logs are richer in detail and better for deep troubleshooting and root cause analysis.

Reflection Question: How does configuring Azure Monitor metrics (for numerical data like CPU usage) and logs (for event/diagnostic data) fundamentally provide unified observability for applications, infrastructure, and networks by centralizing telemetry data, enabling proactive monitoring and troubleshooting?