Monitoring Azure VMware Solution with Log Analytics
Published Jan 19 2023 01:55 PM 7,241 Views


A global enterprise wants to migrate thousands of VMware vSphere virtual machines (VMs) to Microsoft Azure as part of their application modernization strategy. Their first step is to exit their on-premises data centers and rapidly relocate their legacy application VMs to the Azure VMware Solution as a staging area for the first phase of their modernization strategy. What should the Azure VMware Solution look like? 


Azure VMware Solution is a VMware validated first party Azure service from Microsoft that provides private clouds containing VMware vSphere clusters built from dedicated bare-metal Azure infrastructure. It enables customers to leverage their existing investments in VMware skills and tools, allowing them to focus on developing and running their VMware-based workloads on Azure. 


In this post, we will cover how monitoring is crucial to the success of operating customers’ Azure VMware Solution environments and how Log Analytics can add value to the management of their cloud operations. 


Monitoring in Azure VMware Solution  

Proper management and monitoring are vital to the success of a customer's Azure VMware Solution private cloud operations. As customers have a shared responsibility with Microsoft for the deployment, lifecycle, and configuration of certain components of Azure VMware Solution, it is imperative that customers have access to the best tools that will provide them utmost visibility into the health and management of their private cloud. We are now introducing support for Log Analytics for Azure VMware Solution, giving customers a solution to effortlessly set up, manage, and monitor their Azure VMware Solution private cloud log data without ever leaving Azure. 


What is Log Analytics?  
Log Analytics is an Azure tool that allows users to query log data collected from Azure VMware Solution and other services and analyze its results. Like most leading log management tools, Log Analytics allows customers to retrieve records that match specific criteria, identify trends, analyze patterns, view logs at different levels (by default, vCenter Server will log at the INFO level, but customers may change that to increase/decrease the granularity of their logs), and glean meaningful insights from their data. With this integration, users of Azure VMware Solution can now send logs from their vCenter Servers, ESXi Hosts, and NSX-T Data Centers to Log Analytics in a few simple steps and take advantage of some out-of-the-box content designed for Azure VMware Solution use cases in mind. 


Why Log Analytics can be the optimal logging platform for Azure VMware Solution 

Today, Azure VMware Solution customers can send logs to a plethora of solutions, such as Azure Blob Storage, Azure Event Hub, and other third-party tools. Blob Storage may be ideal for less frequent uses, such as seeing daily log volume from ESXi hosts, whereas Event Hub may be more helpful for more real-time scenarios, such as troubleshooting why a VM creation failed. Both solutions generally require another log management tool to be able to view the logs and take insightful action, whereas Log Analytics can help with either scenario while serving as the final destination for these logs. A direct syslog forwarding option could help send the logs to a destination of a customer’s choosing, though that may be a longer process and subject to potential latency as the logs leave the Microsoft ecosystem, adding to the complexity of a customer’s operations and another potential point of failure to troubleshoot. In addition to the simple set up to send logs and the ability to manage them without leaving Azure, Log Analytics also offers custom content tailored to common Azure VMware Solution troubleshooting use cases, allowing users to gain insights from their logs quickly.  


Figure 1 – Azure VMware Solution integrated with Azure Log Analytics


How to set up 
Setting up a Log Analytics workspace (where these logs will be housed) is both fast and painless and can be done directly in the Azure portal where users already manage their Azure VMware Solution needs.  

Create a resource 

  1. In the Azure portal, select Create a resource. 
  2. Search for “Log Analytics Workspace” and select Create -> Log Analytics Workspace. 



Set up a workspace 

  1. Enter the Subscription where this workspace will be a part of and the Resource Group that will house this workspace. Provide it with a name and select a region. 
  2. Select Review + Create. 



Add a diagnostic setting 

Next, add a diagnostic setting in the Azure VMware Solution private cloud, so it knows where to send the logs to. 



  1. Select the Azure VMware Solution private cloud desired. Go to Diagnostic settings on the left-hand menu under Monitoring. Select Add diagnostic setting. 
  2. Provide the diagnostic setting a name. Select the log categories of interest to send to the Log Analytics workspace. 
  3. Make sure to select the checkbox next to Send to Log Analytics workspace. Select the Subscription the Log Analytics workspace lives in and the Log Analytics workspace. Select Save on the top left. 



At this point, the Azure VMware Solution logs are now being sent to the Log Analytics workspace and ready to gather meaningful insights from! 


Sample queries tailored for Azure VMware Solution

Once the Log Analytics workspace is configured to receive Azure VMware Solution syslogs, users can navigate into the Log Analytics Workspace's “Logs” blade to query and retrieve log data using the powerful Kusto Query Language (see related links in the Summary section below for a primer on the basics of Kusto).  


The first thing one may notice when navigating to the Logs blade is the Queries window, which contains an array of sample Kusto queries for each Azure service, speeding up the initial development of these queries and reducing time to value.  


Select "Add filter"; under Resource type, select "AVS Private Cloud" to see about 20 out-of-the-box queries of common Azure VMware Solution use cases anyone can use to search from the Azure VMware Solution logs that are now being sent to this workspace – everything from vCenter server audit events in a given period, to distributed firewall logs from the NSX-T data center. This is certainly not an exhaustive list; our team welcomes feedback with open arms other out-of-the-box use cases that can add value to users in their log management journey with Azure VMware Solution! 



Users may select any of these sample queries to begin their search for Azure VMware Solution logs, or simply continue onto the query page to dive deeper into the Azure VMware Solution syslog data. 




Next Steps 

In addition to this blog, check out the links below to learn more about the service, understand how Kusto works, and use the pricing calculator to cost and size Log Analytics. With large enterprise solutions for strategic and major customers, an Azure VMware Solution Solutions Architect from Azure, VMware, or a VMware Partner should be engaged to ensure the solution is correctly sized to deliver business value with the minimum of risk. 



In this post, we took a deeper dive into how Log Analytics can help customers manage their logs from their Azure VMware Solution private cloud, showed the simple set up process within the Azure Portal, and saw how users can benefit from the tailored content customers can leverage for their Azure VMware Solution use cases. 


If you are interested in using Log Analytics for Azure VMware Solution, please use the resources to learn more about the service: 


Author Bio

Varun Hariharan is a Product Manager in the Azure VMware Solution product group at Microsoft, where he is focusing on billing, monitoring, and logging needs for the product and its users. His background is in Infrastructure as a Service (IaaS), log management, enterprise software, and DevOps. 

Version history
Last update:
‎Jan 20 2023 07:18 AM
Updated by: