6.1.1. Configure Azure Monitor Metrics and Logs
š” First Principle: Azure Monitor provides unified observability by centralizing telemetry (metrics and logs) from diverse sources, enabling a comprehensive view of application and infrastructure health.
Scenario: You need to monitor the CPU utilization of your Azure Virtual Machines and collect detailed application logs from them. You also need to retain these logs for a specific period for auditing.
What It Is: Azure Monitor is a unified monitoring service in Azure that provides comprehensive solutions for collecting, analyzing, and acting on telemetry data.
Types of Data Collected by Azure Monitor:
- Metrics: Numeric values representing resource state at a specific time (e.g., CPU usage, memory).
- Logs: Event and diagnostic data, structured or unstructured, capturing operational details (e.g., activity logs, resource logs).
How Data is Collected:
- Platform Metrics: Automatically collected for most Azure resources.
- Diagnostic Settings: Configure resources to send logs and metrics to Log Analytics, Storage Accounts, or Event Hubs.
- Agents: Install Azure Monitor Agent (AMA) on VMs to collect guest OS metrics and custom logs.
ā ļø Common Pitfall: Relying only on platform metrics and not collecting guest OS metrics. Platform metrics show the hypervisor's view of the VM, but guest OS metrics (collected by an agent) provide a more accurate picture of what's happening inside the operating system.
Key Trade-Offs:
- Metrics vs. Logs: Metrics are lightweight and good for real-time alerting on numerical trends. Logs are richer in detail and better for deep troubleshooting and root cause analysis.
Reflection Question: How does configuring Azure Monitor metrics (for numerical data like CPU usage) and logs (for event/diagnostic data) fundamentally provide unified observability for applications, infrastructure, and networks by centralizing telemetry data, enabling proactive monitoring and troubleshooting?