Monitor onpremise VM using Azure Monitor

%3CLINGO-SUB%20id%3D%22lingo-sub-523483%22%20slang%3D%22en-US%22%3EMonitor%20onpremise%20VM%20using%20Azure%20Monitor%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-523483%22%20slang%3D%22en-US%22%3E%3CP%3EFolks%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EEnvironment%3A%3C%2FP%3E%3CP%3EOnpremise%20to%20Azure%20connecting%20via%20Site%202%20Site%20VPN%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EPlease%20let%20me%20know%20if%20its%20possible%20to%20have%20Azure%20Monitor%20to%20monitor%20workloads%20running%20onPREMISE%3F%3C%2FP%3E%3CP%3EAlso%2C%20Use%20Log%20Analytics%20to%20anlayse%20the%20data%20onpremise%20workloads%20monitoring%20data.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-527320%22%20slang%3D%22en-US%22%3ERe%3A%20Monitor%20onpremise%20VM%20using%20Azure%20Monitor%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-527320%22%20slang%3D%22en-US%22%3EHi%2C%3CBR%20%2F%3E%3CBR%20%2F%3Eyes%20you%20can%20install%20the%20Log%20Analytics%20Agent%20(SCOM%20Agent)%20on%20an%20On-Prem%20Server%20and%20collect%20all%20Data.%3CBR%20%2F%3ELink%20to%20install%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Flearn%2Fquick-collect-windows-computer%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Flearn%2Fquick-collect-windows-computer%3C%2FA%3E%3CBR%20%2F%3EYou%20can%20use%20Azure%20Monitor%20notifications%20(Email%2C%20SMS%2C%20Voice%2CPush)%3CBR%20%2F%3EImportant%2C%20it%E2%80%99s%20also%20possible%20to%20collect%20Information%20from%20third%20party%20products%20because%20you%20can%20write%20custom%20scripts%20and%20send%20the%20result%20to%20log%20analytics%20(Custom%20Log)%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Fplatform%2Fpowershell-workspace-configuration%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Fplatform%2Fpowershell-workspace-configuration%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3ERegards%2C%3CBR%20%2F%3EHannes%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-532237%22%20slang%3D%22en-US%22%3ERe%3A%20Monitor%20onpremise%20VM%20using%20Azure%20Monitor%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-532237%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F289860%22%20target%3D%22_blank%22%3E%40Hannes_LG%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20it%20possible%20to%20transfer%20the%20logs%20from%20the%20Log%20Analytics%20Gateway%20not%20via%20port%20443%20as%20it%20goes%20over%20the%20Internet.%3C%2FP%3E%3CP%3EBut%20using%20ExpressRoute%20or%20Site2Site%20VPN%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-532389%22%20slang%3D%22en-US%22%3ERe%3A%20Monitor%20onpremise%20VM%20using%20Azure%20Monitor%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-532389%22%20slang%3D%22en-US%22%3EHi%2C%3CBR%20%2F%3E%3CBR%20%2F%3Eif%20you%20have%20ExpressRoute%20in%20place%2C%20the%20outgoing%20traffic%20routes%20over%20the%20Microsoft%20peering.%3CBR%20%2F%3EIf%20you%20only%20have%20S2S%20VPN%20there%20isn%E2%80%99t%20an%20option%20to%20change%20the%20route%20for%20my%20point%20of%20view.%3CBR%20%2F%3E%3CBR%20%2F%3EAnother%20option%20is%20maybe%20(not%20the%20best)%20you%20place%20the%20Gateway%20in%20azure%2C%20then%20the%20traffic%20doesn%E2%80%99t%20leave%20the%20Azure%20datacenter.%3CBR%20%2F%3E%3CBR%20%2F%3ERegards%2C%3CBR%20%2F%3EHannes%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-560542%22%20slang%3D%22en-US%22%3ERe%3A%20Monitor%20onpremise%20VM%20using%20Azure%20Monitor%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-560542%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F289860%22%20target%3D%22_blank%22%3E%40Hannes_LG%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWith%20S2Svpn%20-%20does%20traffic%20goes%20over%20Port%20443%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-560559%22%20slang%3D%22en-US%22%3ERe%3A%20Monitor%20onpremise%20VM%20using%20Azure%20Monitor%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-560559%22%20slang%3D%22en-US%22%3EHi%2C%3CBR%20%2F%3E%3CBR%20%2F%3Ein%20both%20situations%20the%20traffic%20goes%20over%20port%20443.%3CBR%20%2F%3EThe%20difference%20between%2C%20when%20you%20use%20Azure%20Express%20Route%2C%20it%E2%80%99s%20possible%20to%20route%20the%20traffic%20over%20the%20Microsoft%20peering.%20When%20you%20only%20have%20S2S%20in%20place%2C%20the%20traffic%20goes%20over%20you%20internet%20connection.%3CBR%20%2F%3E%3CBR%20%2F%3EHere%20is%20an%20Log%20Analytics%20Architecture%20design%3A%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Fplatform%2Flog-analytics-agent%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Fplatform%2Flog-analytics-agent%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3ERegards%2C%3CBR%20%2F%3EHannes%3C%2FLINGO-BODY%3E
Frequent Contributor

Folks,

 

Environment:

Onpremise to Azure connecting via Site 2 Site VPN

 

 

Please let me know if its possible to have Azure Monitor to monitor workloads running onPREMISE?

Also, Use Log Analytics to anlayse the data onpremise workloads monitoring data.

 

5 Replies
Hi,

yes you can install the Log Analytics Agent (SCOM Agent) on an On-Prem Server and collect all Data.
Link to install: https://docs.microsoft.com/en-us/azure/azure-monitor/learn/quick-collect-windows-computer
You can use Azure Monitor notifications (Email, SMS, Voice,Push)
Important, it’s also possible to collect Information from third party products because you can write custom scripts and send the result to log analytics (Custom Log)
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/powershell-workspace-configuration

Regards,
Hannes

@Hannes_LG 

 

Is it possible to transfer the logs from the Log Analytics Gateway not via port 443 as it goes over the Internet.

But using ExpressRoute or Site2Site VPN?

Hi,

if you have ExpressRoute in place, the outgoing traffic routes over the Microsoft peering.
If you only have S2S VPN there isn’t an option to change the route for my point of view.

Another option is maybe (not the best) you place the Gateway in azure, then the traffic doesn’t leave the Azure datacenter.

Regards,
Hannes

@Hannes_LG 

 

With S2Svpn - does traffic goes over Port 443?

Hi,

in both situations the traffic goes over port 443.
The difference between, when you use Azure Express Route, it’s possible to route the traffic over the Microsoft peering. When you only have S2S in place, the traffic goes over you internet connection.

Here is an Log Analytics Architecture design:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/log-analytics-agent

Regards,
Hannes