General Availability: Granular RBAC in Azure Monitor Logs
We’re excited to announce the general availability of Granular Role-Based Access Control (RBAC) in Azure Monitor Logs! This capability enables you to set fine-grained data access control at the row level, giving you more flexibility and security when managing log data. Back in May 2025, we introduced this feature in public preview. Today, it’s fully available and ready for production use What is Granular RBAC? Organizations often need to segregate and control access to data without trading off the benefits of a centralized logging platform. Granular RBAC builds on existing Azure RBAC capabilities for workspace and table-level access, allowing you to: Apply least privilege access at any level, workspace, table, or row level security. Maintain all your data in a single Log Analytics workspace. Separate data plane and control plane access using Azure Attribute-Based Access Control (ABAC) as part of your RBAC role assignments. With Granular RBAC, you can filter which data each user can view or query based on conditions you define such as organizational roles, geographic regions, or data sensitivity levels. What’s New? Broad Availability: Granular RBAC is now supported in Azure Public Cloud, Azure Government (GCC), and Azure China. New Built-in Role: The Log Analytics Data Reader role now fully supports Granular RBAC for an out-of-the-box experience. Learn more Get Started Learn more about Granular RBAC and how to set it up in Azure Monitor Logs We hope you enjoy this new addition to Azure Monitor Log Analytics.Announcing General Availability: Azure Monitor dashboards with Grafana
Continuing our commitment to open-source solutions, we are announcing the general availability of Azure Monitor dashboards with Grafana. This service offers a powerful solution for cloud-native monitoring and visualizing all your Azure data. Dashboards with Grafana enable you to create and edit Grafana dashboards directly in the Azure portal without additional cost and less administrative overhead compared to self-hosting Grafana or using managed Grafana services. Built-in Grafana controls and components allow you to apply a rich set of visualization panels and client-side transformations to Azure monitoring data to create custom dashboards. Start quickly with pre-built and community dashboards Dozens of pre-built Grafana dashboards for Azure Kubernetes Services, Application Insights, Storage Accounts, Cosmos DB, Azure PostgreSQL, OpenTelemetry metrics and dozens of other Azure resources are included and enabled by default. Additionally, you can import dashboards from thousands of publicly available Grafana community and open-source dashboards for the supported data sources: Prometheus, Azure Monitor (metrics, logs, traces, Azure Resource Graph), and Azure Data Explorer. Streamline monitoring with open-source compatibility and Azure enterprise capabilities Azure Monitor dashboards with Grafana are fully compatible with open-source Grafana dashboards and are portable across any Grafana instances regardless of where they are hosted. Furthermore, dashboards are native Azure resources supporting Azure RBAC to assign permissions, and automation via ARM and Bicep templates. Import, edit and create dashboards in 30+ Azure regions Choose from any language in the Azure Portal for your Grafana user interface Manage dashboard content as part of the ARM resource Automatically generate ARM templates to automate deployment and manage dashboards Take advantage of Grafana Explore and New Dashboards Leverage Grafana Explore to quickly create ad-hoc queries without modifying dashboards and add queries and visualizations to new or existing dashboards New out of the box dashboards for additional Azure resources: Additional Azure Kubernetes Service support including AKS Automatic and AKS Arc connected clusters Azure Container Apps monitoring dashboards Microsoft Foundry monitoring dashboards Azure Monitor Application Insights dashboards OpenTelemetry metrics Microsoft Agent Framework High Performance Computing dashboards with dedicated GPU monitoring When to step up to Azure Managed Grafana? If you store your telemetry data in Azure, Dashboards with Grafana in the Azure portal is a great way to get started with Grafana. If you have additional 3rd-party data sources, or need full enterprise capabilities in Grafana, you can choose to upgrade to Azure Managed Grafana, a fully managed hosted service for the Grafana Enterprise software. See a detailed solution comparison of Dashboards with Grafana and Azure Managed Grafana here. Get started with Azure Monitor dashboards with Grafana today.
Advancing Full-Stack Observability with Azure Monitor at Ignite 2025
New AI-powered innovations in the observability space First, we’re excited to usher in the era of agentic cloud operations with Azure Copilot agents. At Ignite 2025, we are announcing the preview of the Azure Copilot observability agent to help you enhance full-stack troubleshooting. Formerly “Azure Monitor investigate”, the observability agent streamlines troubleshooting across application services and resources such as AKS and VMs with advanced root cause analysis in alerts, the portal, and Azure Copilot (gated preview). By automatically correlating telemetry across resources and surfacing actionable findings, it empowers teams to resolve issues faster, gain deeper visibility, and collaborate effectively. Learn more here about the observability agent and learn about additional agents in Azure Copilot here. Additionally, with the new Azure Copilot, we are streamlining agentic experiences across Azure. From operations center in the Azure portal, you can get a single view to navigate, operate and optimize your environments and invoke agents in your workflows. You also get suggested top actions within the observability blade of operations center to prioritize, diagnose and resolve issues with support from the observability agent. Learn more here. In the era of AI, more and more apps are now AI apps. That’s why we’re enhancing our observability capabilities for GenAI and agents: Azure Monitor brings agent-level visibility and control into a single experience in partnership with Observability in Foundry Control Plane through a new agent details view (public preview) showcasing success metrics, quality indicators, safety checks, and cost insights in one place. Simplified tracing also transforms every agent run into a reasonable, plan-and-act narrative for faster understanding. On top of these features, the new smart trace search enables faster detection of anomalies—such as policy violations, unexpected cost spikes, or model regressions—so teams can troubleshoot and optimize with confidence. These new agentic experiences build upon a solid observability foundation provided by Azure Monitor. Learn more here. We’re making several additional improvements in Azure Monitor: Simplified Onboarding & More Centralized Visibility Streamlined onboarding: Azure Monitor now offers streamlined onboarding for VMs, containers, and applications with sensible defaults and abstraction layers. This means ITOps teams can enable monitoring across environments in minutes, not hours. Previously, configuring DCRs and linking Log Analytics workspaces was a multi-step process; now, you can apply predefined templates and scale monitoring across hundreds of VMs faster than before. Centralized dashboards: The new Azure Monitor overview page consolidates top suggested actions and Azure Copilot-driven workflows for rapid investigation. Paired with the new monitoring coverage page (public preview), ITOps can quickly identify gaps based on Azure Advisor recommendations, enable VM Insights and Container Insights at scale, and act on monitoring recommendations—all from a single pane of glass. Learn more here. Richer visualizations: Azure Monitor dashboards with Grafana are now in GA, delivering rich visualizations and data transformation capabilities on Prometheus metrics, Azure resource metrics, and more. Learn more here. Cloud to edge visibility: With expanded support for Arc-enabled Kubernetes with OpenShift and Azure Red Hat OpenShift in Container Insights and Managed Prometheus, Azure Monitor offers an even more complete set of services for monitoring the health and performance of different layers of Kubernetes infrastructure and the applications that depend on it. Learn more here. Advanced Logs, Metrics, and Alert Management Logs & metrics innovations: Azure Monitor now supports the log filtering and transformation (GA), as well as the emission of logs to additional destinations (public preview) such as Azure Data Explorer and Fabric—unlocking real-time analytics and more seamless data control. Learn more here. More granular access for managing logs: Granular RBAC for Log Analytics workspaces ensures compliance and least privilege principles across teams, now in general availability. Learn more here. Dynamic thresholds for log search alerts (public preview): Now you can apply the advanced machine learning methods of dynamic threshold calculations to enhance monitoring with log search alerts. Learn more here. Query-based metric alerts (public preview): Get rich and flexible query-based alerting on Prometheus, VM Guest OS, and custom OTel metrics to reduce complexity and unblock advanced alerting scenarios. Learn more here. OpenTelemetry Ecosystem Expansion Azure Monitor doubles down on our commitment to OpenTelemetry with expanded support for monitoring applications deployed to Azure Kubernetes Service (AKS) by using OTLP for instrumentation and data collection. New capabilities include: Auto-instrumentation with the Azure Monitor OpenTelemetry distro for Java and NodeJS apps on AKS (public preview): this reduces friction for teams adopting OTel standards and ensures consistent telemetry across diverse compute environments. Auto-configuration for apps on AKS in any language already instrumented with the open-source OpenTelemetry SDK to emit telemetry to Azure Monitor. Learn more here. Additionally, we are making it easier to gain richer and more consistent visibility across Azure VMs and Arc Servers with OpenTelemetry visualizations, offering standardized system metrics, per-process insights, and extensibility to popular workloads on a more cost-efficient and performant solution. Learn more here. Next Steps These innovations redefine observability from cloud to edge—simplifying onboarding, accelerating troubleshooting, and embracing open standards. For ITOps and DevOps teams, this means fewer blind spots, faster MTTR, and improved operational resilience. Whether you’re joining us at Microsoft Ignite 2025 in-person or online, there are plenty of ways to connect with the Azure Monitor team and learn more: Attend breakout session BRK149 for a deep dive into Azure Monitor’s observability capabilities and best practices for optimizing cloud resources. Attend breakout session BRK145 to learn more about how agentic AI can help you streamline cloud operations and management. Attend breakout session BRK190 to learn about how Azure Monitor and Microsoft Foundry deliver an end-to-end observability experience for your AI apps and agents. Join theater demo THR735 to see a live demo on monitoring AI agents in production. Connect with Microsoft experts at the Azure Copilot, Operations, and Management expert meet-up booth to get your questions answered.
Simplify Application Monitoring for AKS with Azure Monitor (Public Preview)
As cloud-native workloads scale, customers increasingly expect application and infrastructure observability to be unified, automated, and devops-friendly. Azure Monitor is advancing this vision with Application Monitoring for Azure Kubernetes Service (AKS). With seamless onboarding and troubleshooting experiences in the Azure Portal, now in Public Preview. This new capability brings first-class OpenTelemetry support, seamless onboarding from the AKS cluster blade, and auto-instrumentation and auto-configuration options that make it easier than ever to collect application performance data into Azure Monitor and Application Insights—without modifying application code or maintaining custom agents. Enable application monitoring for your AKS deployed apps directly from the Azure Portal in two steps: 1. Enable application monitoring for the AKS cluster in Monitor Settings 2. Choose the namespaces for application monitoring and configure namespace-wide onboarding to route application signals to an App Insights resource. Optionally, leverage Custom Resource Definitions (CRDs) for more granular enablement and per-deployment onboarding. Feature Highlights Auto-instrumentation Auto-instrument Java and NodeJS applications without code changes. This approach instruments workloads with the AzureMonitor OpenTelemetry distro and routes telemetry to Application Insights. Now available in both CLI and Azure portal for addon enablement and namespace configuration. Unified Monitoring and Troubleshooting Switch seamlessly between infrastructure and application layers with improved navigation between Container Insights and Application Insights, curated OpenTelemetry workbooks, and Azure-curated Grafana dashboards. When looking into your deployment controllers from Container Insights, you can also see the application performance metrics alongside to identify problematic requests or failures. From there, you can seamlessly transition over to your Application Insights to get a more detailed diagnosis. View your application performance next to your infrastructure metrics in Container Insights Full-Stack Dashboards with Grafana This new application monitoring capability becomes even more powerful when paired with Dashboards with Grafana for Azure Monitor. With curated, Azure-hosted Grafana dashboards built specifically for Application Insights and OpenTelemetry data, teams can extend their AKS application monitoring experience with rich, full-stack visualizations tailored for cloud-native workloads. Application monitoring dashboards available through Dashboards with Grafana These dashboards allow you to: Bring application traces, requests, dependencies, and exception data from Application Insights into Grafana dashboards optimized for app-centric troubleshooting. Correlate application performance with AKS infrastructure metrics, including node, pod, and container health, to rapidly identify cross-layer issues. Visualize OpenTelemetry signals flowing through Azure Monitor in a unified, standards-based format without needing to build dashboards from scratch. Customize and extend dashboards with your own OTel metrics or additional Application Insights dimensions for deeper app performance analytics. By combining Application Monitoring for AKS with Dashboards for Grafana, developers and operators gain a complete, end-to-end view of application behavior, making it faster and easier to diagnose issues, validate deployments, and understand the health of microservices running on AKS. Call to Action Start simplifying application observability today with Azure Monitor for AKS. Unify your metrics, logs, and traces in a single monitoring experience powered by OpenTelemetry and Azure Monitor. Explore the documentation and get started: https://learn.microsoft.com/azure/azure-monitor/app/kubernetes-codeless Learn more about our new features for OpenTelemetry in Azure Monitor: https://aka.ms/igniteotelblog
Troubleshoot with OTLP signals in Azure Monitor (Limited Public Preview)
As organizations increasingly rely on distributed cloud-native applications, the need for comprehensive standards-based observability has never been greater. OpenTelemetry (OTel) has emerged as the industry standard for collecting and transmitting telemetry data, enabling unified monitoring across diverse platforms and services. Microsoft is among the top contributors to OpenTelemetry. Azure Monitor is expanding its support for the OTel standard with this preview, empowering developers and operations teams to seamlessly capture, analyze, and act on critical signals from their applications and infrastructure. With this limited preview (sign-up here), regardless of where your applications are running, you can channel the OpenTelemetry Protocol (OTLP) logs, metrics and traces to Azure Monitor directly. On Azure compute platforms, we have simpler collection orchestration that also unifies application and infrastructure telemetry collection with the Azure Monitor collection offerings for VM/VMSS or AKS. On Azure VMs/VMSS (or any Azure Arc supported compute), you can use the Azure Monitor Agent (AMA) that you are already using to collect infrastructure logs. On AKS, the Azure Monitor add-ons that orchestrate Container Insights and managed Prometheus, will also auto configure the collection of OTLP signals from your applications (or auto-instrument with Azure Monitor OTel Distro for supported languages). On these platforms or anywhere else, you can choose to use OpenTelemetry Collector, and channel the OTLP signals from your OTel SDK instrumented application directly to Azure Monitor cloud ingestion endpoints. OTLP metrics will be stored in Azure Monitor Workspace, a Prometheus metrics store. Logs and traces will be stored in Azure Monitor Log Analytics Workspace in an OTel semantic conventions-based schema. Application Insights experiences will light up, enabling all distributed tracing and troubleshooting experiences powered by Azure Monitor, as well as out of the box Dashboards with Grafana from the community. With this preview, we are also extending the support for auto-instrumentation of applications on AKS to .NET and Python applications and introducing OTLP metrics collection from all auto-instrumented applications (Java/Node/.NET/Python). Sign-up for the preview here: https://aka.ms/azuremonitorotelpreview.Azure Copilot observability agent: Intelligent Investigations Across Your Azure Stack
Cloud operations require more than reactive troubleshooting; they demand intelligent observability that scales across resources and interfaces and provides actionable insights when services are not operating as expected. We are introducing the Azure Copilot observability agent that materializes this promise. Azure Copilot observability agent extends and builds on top of what was previously known was the Azure Monitor investigation capability and introduces a slick experience, combining the power of agentic investigations with expanded capabilities for deeper visibility and faster resolution. Smarter insights, faster recovery, deeper visibility across your Azure stack. What it is The Azure Copilot observability agent works within your Azure workflows to make troubleshooting faster and smarter. It helps you: Automatically isolate problems in complex applications across the stack Detect and correlate anomalies from metrics, logs and other observability signals to help identify cause of an issue Correlate data from multiple sources for full context. Generate actionable findings and next steps described in clear human language. Preserve results for collaboration and tracking. Integrated with alerts, the Azure portal, and Azure Copilot (gated preview), the Azure Copilot observability agent ensures investigations are seamless and actionable. How it works When you get an alert and need to investigate it quickly and take action, simply click on the ‘Investigate’ button. Next, you’ll see a list of AI-generated findings to select from. Each finding suggests possible causes behind what went wrong and offers a starting point for troubleshooting. In order to get a better understanding of the summary, you can easily access the supporting Data. Behind the scenes, the observability agent uses the power of AI, Machine learning models for anomaly detection and correlation, and large language models (LLMs) to deliver these insights. Expanded intelligence for critical resources The Azure Copilot observability agent now delivers intelligent, AI-driven investigations across your Azure stack, from application services down to the underlying infrastructure. It automatically scopes from the resource to dependent components and infrastructure layers, correlating metrics, logs, and health signals for deeper visibility and faster root cause analysis. This includes support across a customer’s application services and critical Azure resources such as Virtual Machines (VM), Azure Kubernetes Service (AKS) clusters, and more, providing true full-stack coverage for complex environments. For these environments, investigations leverage multiple analysis types to deliver deeper insights: Metric analysis - detect abnormal CPU, memory, or network utilization patterns in VMs and AKS nodes, helping identify resource pressure before it impacts workloads. Recent alerts correlation - when a spike in AKS pod restarts occurs, the observability agent correlates with recent alerts to highlight cascading issues across cluster components. Resource health checks - surface health signals for VMs and AKS nodes alongside anomaly findings, enabling operators to validate whether infrastructure degradation is contributing to application instability. Resource diagnostics tools integration - findings are automatically connected to built-in Azure diagnostics for quick validation and remediation steps without leaving the investigation workflow Log-based metric analysis - for AKS and VM environments, enrich metric anomaly detection with contextual tags and data derived from logs, enabling more precise root cause identification. Extended regional availability The Azure Copilot observability agent is now supported in most Azure regions, so you can leverage its capabilities wherever your workloads run Copilot support With Copilot, you can instantly interact with your alerts in a natural way. Just ask questions like ‘Show me my critical alerts’ or ‘Which alerts need my attention?’ Copilot will surface a clear list of alerts for you. From there, simply click an alert to view its details and access the Investigate button -your gateway to the Azure Copilot observability agent. With one click, you can dive deeper, uncover potential root causes, and get actionable insights to resolve issues faster. Looking ahead The Azure Copilot observability agent is evolving toward a broader role in your observability strategy. While today it focuses on investigations, we have an exciting roadmap to make investigations even smarter and more actionable. Future releases will also expand into advanced scenarios, such as correlating issues and managing monitoring configurations without adding complexity. Start using the Azure Copilot observability agent today Available in preview, the Azure Copilot observability agent is integrated into your existing Azure workflows. Access it from alerts, the Azure portal, or Azure Copilot (gated preview) and experience a smarter way to resolve issues. Learn more: documentation for full details on capabilities and setup. We’re committed to evolving the observability agent based on your feedback. Share your thoughts via azmoninvestigation@microsoft.com or through the Give Feedback form in the experience. Don’t Miss What’s Next Ignite Session: Unlock cloud-scale observability and optimization with Azure December Webinar: Updates, best practices, and live Q&A, 👉 to secure your spot! NEW Deep Preview! In parallel with this preview, we are starting a preview of new exciting investigation capabilities, enabling deeper and more precise investigation insights. We have enabled Azure Copilot observability agent with deep agentic reasoning, also enabling dialog with the developer in natural language, enabling deep, interactive investigation of the issues. Click here to sign up for preview.
Introducing Monitoring Coverage: Assess and Improve Your Monitoring Posture at Scale
As organizations grow their Azure footprint, ensuring consistent monitoring coverage across resources becomes increasingly important. The new Monitoring Coverage (preview) feature in Azure Monitor provides a single, centralized experience to assess, configure at-scale, and enhance monitoring across your environment with ease. A unified view of your monitoring health Monitoring Coverage consolidates insights from Azure Advisor to highlight where monitoring can be improved. You can see which Azure resources already have basic out-of-box telemetry enabled and which could benefit from additional recommended settings, helping you close gaps in your observability strategy at scale. Key capabilities Comprehensive visibility: Get an overview of monitoring coverage across common Azure resource types. Actionable recommendations: Identify and apply Azure Advisor recommendations at-scale to strengthen your monitoring posture. Centralized configuration: Enable recommended monitoring settings for multiple resources from a single pane of glass. Detailed resource insights: Explore individual resource details to review active monitoring configurations and applicable recommendations. How to access In the Azure portal, open Azure Monitor. Under the Settings section of the left navigation, select Monitoring Coverage (preview). You can scope the view using standard Azure filters; Subscriptions, Resource groups, Tags, Locations, and Resource types, allowing you to focus on the resources you manage. Supported resource types During preview, Monitoring Coverage supports Virtual Machines (VMs) and Azure Kubernetes Service (AKS) clusters. Support for additional Azure services will roll out in future updates. Overview tab The Overview tab provides a snapshot of your overall monitoring landscape, showing which resources have: Basic monitoring: Default metrics and logs enabled upon creation. Enhanced monitoring: Microsoft-recommended configurations for deeper insights and improved observability. This view makes it easy to identify coverage gaps and take quick action to enable enhanced monitoring, which may incur additional cost depending on your configuration. Streamlined enablement experience When you choose to enable monitoring: The Enablement screen lists all resources included in the operation. You can deselect specific resources if needed. Selecting View details and configure allows customization by resource type—for example, selecting a Log Analytics workspace. The Review and Enable tab summarizes all changes before application. Once enabled, data typically begins flowing to the designated workspace within 30–60 minutes. During this preview, you can enable monitoring for up to 100 resources at a time, and an existing Log Analytics workspace or Azure Monitor Workspace is required. Monitoring Details page For a deeper look, the Monitoring Details page lets you: View resources as a list or group them by recommendation. Filter using standard Azure filters. See the Monitoring coverage column summarizing enabled recommendations and data collection rules. Enable individual monitoring settings directly from this view when managing resources one at a time. Share your feedback We’re actively evolving Monitoring Coverage based on user input. To share your feedback or suggest new capabilities, use the Feedback link at the top of the page in the Azure portal. Your insights will help shape the future of Azure Monitor. Try Monitoring Coverage (preview) today in the Azure portal to assess your observability coverage and take the next step toward proactive, consistent monitoring across your Azure environment.
Comprehensive VM Monitoring with OpenTelemetry performance counters
Monitoring virtual machines often requires multiple tools and manual investigation. You may see high CPU or memory usage, but identifying the process responsible usually means signing in to the VM and running diagnostic commands. Azure Monitor already provides Guest OS performance monitoring through Log Analytics‑based metrics, trusted for its flexibility, deep integration, and advanced analytics, including custom performance counters, extended retention, and powerful KQL queries. Many customers use LA‑based metrics to correlate performance with other log data sources and build rich operational insights. Today, we’re excited to introduce a new preview capability: OpenTelemetry (OTel) Guest OS metrics for VMs and Arc servers, with metric data stored in the metrics-optimized Azure Monitor Workspace (AMW). OTel provides a standards‑based pipeline with a unified schema, richer system and process counters, and streamlined integration with open‑source and cloud‑native observability tooling. It’s designed for simpler onboarding, cost‑efficient metric storage, and more granular visibility into what’s happening inside the VM. What are OpenTelemetry Guest OS metrics OTel Guest OS metrics are system and process‑level performance counters collected from inside a VM. This includes CPU, memory, disk I/O, network, and per‑process details such as CPU percent, memory percent, uptime, and thread count. This level of visibility helps you diagnose issues without signing into the VM. Why They Matter Azure Monitor continues to support Guest OS metrics through Log Analytics, and you now have the option to use OTel‑based Guest OS metrics. OTel offers richer insights, faster query performance, and lower cost, and is a good fit when you want a modern, standards‑based pipeline with deeper system visibility. Key Benefits Benefit Description Unified data model Consistent metric names and schema across Windows and Linux for easier, reusable queries and dashboards Richer, simplified counters More system and process metrics (e.g., per‑process CPU, memory, disk I/O) and consolidation of legacy counters into clearer OTel metrics. Easy onboarding Collect OTel metrics with minimal setup. Flexible visualization Use the Azure portal, Metrics Explorer, or Azure Monitor Dashboards with Grafana. Cost‑efficient performance Store metrics in Azure Monitor Workspace instead of Log Analytics ingestion for lower cost and faster queries. When to use LA‑based metrics (GA) vs OTel‑based metrics (Preview) LA-based metrics (GA) OTel-based metrics (Preview) Custom performance counters or extended retention Advanced KQL analytics and log‑metric correlation A mature, fully supported pipeline for operational analytics A standards‑based, unified schema across platforms Easier onboarding and broader system/process coverage Cost‑efficient metric storage with improved query performance We recommend evaluating your requirements to determine which approach best fits your needs. LA-based metrics remain the foundation for customers who need advanced analytics and correlation, while OTel-based metrics open new possibilities for modern VM observability. Onboarding VMs to OpenTelemetry performance counters Onboarding your virtual machines and Arc servers to OpenTelemetry-based counters is now both cost-efficient and easier than ever. With the new onboarding experience, you can enable guest-level metrics using a lightweight, standards-based OTel pipeline with no complex setup required. These system-level counters are available at no additional cost and provide deep visibility into CPU, memory, disk, network, and process activity from inside the VM. Azure Monitor automatically configures your Data Collection Rules (DCRs) to route these OpenTelemetry counters through the Monitor pipeline, ensuring you get full monitoring coverage with minimal configuration. Additionally, you can also onboard your VMs at scale using the new Monitoring Coverage experience or Essential Machine Management (EMM). For teams managing large fleets of virtual machines, these capabilities turn onboarding into a one-click operation, eliminating the need to repeat manual steps for each machine. This is especially valuable in enterprises or environments with dynamic VM creation, where maintaining consistent visibility across every machine is critical for performance, compliance, and troubleshooting. After onboarding at scale, you can further customize your monitoring. By editing the Data Collection Rule (DCR) created during onboarding, you can collect additional metrics and logs, then automatically apply those updates across all VMs associated with that DCR. This allows you to extend monitoring coverage beyond the default counters and adapt to your observability as your environment evolves. New Capabilities Powered by OpenTelemetry New VM monitoring experience powered by OpenTelemetry (preview) We're excited to announce the public preview of the enhanced monitoring experience for Azure Virtual Machines (VMs) and Arc servers. This redesign brings comprehensive monitoring capabilities in a single, streamlined view, helping you more efficiently observe, diagnose, and optimize your virtual machines. The new experience offers two levels of insight within one unified interface: Basic view (Host OS based): Available for all Azure VMs with no configuration required. This view surfaces key host level metrics including CPU, disk, and network performance for quick health checks. Detailed view (Guest OS based): Requires a simple onboarding step and is available at no additional cost. Azure Monitor already provides a GA detailed view powered by Log Analytics based Guest OS metrics, and this remains fully supported. This preview option is powered by OTel Guest OS metrics to provide expanded metric coverage and the new, streamlined monitoring experience introduced above Detailed view (Guest OS based with OTel) and enhanced monitoring experience for VMs You can access the new experience directly in the Azure portal under Virtual Machine → Monitoring → Insights. Building Custom Dashboards with Azure Monitor Dashboards in Grafana Azure Monitor Dashboards with Grafana lets you build custom visualizations on top of OTel Guest OS metrics. In addition to the out-of-the-box VM monitoring experience, you can create tailored dashboards to analyze the specific system or process-level signals that matter most to your workloads. For example, you can build a dashboard that breaks down CPU, memory, disk, and network usage at the process level. This helps you quickly identify unusual behavior or resource hotspots without signing in to the VM. Learn more. Query-based metric alerts (preview) Azure Monitor now supports PromQL-based metric alerts for OTel metrics stored in Azure Monitor Workspace, enabling flexible and powerful query-driven alerting. For example, you can configure an alert to notify you when a specific process shows unusual CPU usage, allowing you to detect issues earlier and take action before they impact users. PromQL based metric alert that triggers when the backupdatawarehouse.exe process exceeds 80% memory usage Get Started Explore the new OpenTelemetry-powered experiences today: Get started with VM Monitoring (Preview) Use Azure Monitor Dashboards with Grafana Query Based Metric Alerts Overview (Preview) We are also starting a limited public preview of application monitoring with OpenTelemetry signal collection from Azure VMs, VMSS and Arc Server. Learn more. Together, these previews mark a major step toward a unified and open monitoring platform designed to make observability simpler, faster, and aligned with open standards across every layer of your environment.PUBLIC PREVIEW: Announcing public preview of dynamic thresholds for log search alerts
We’re excited to announce the public preview of dynamic thresholds for log search alerts in Azure Monitor! This capability builds on dynamic thresholds for metric alerts capability and brings the same intelligence to log-based monitoring. Dynamic threshold for log alerts preview chart displayed when setting up a new alert rule What are dynamic thresholds? Dynamic thresholds help remove the guesswork from setting alert conditions. Instead of manually defining static thresholds, Azure Monitor uses advanced machine learning to: Learn historical behavior of your log query results Detect hourly, daily, and weekly seasonal patterns Calculate the most appropriate thresholds for each alert rule Adapt automatically as data patterns change Why it matters Simplified configuration: No need to fine-tune thresholds manually Adaptive monitoring: Alerts adjust automatically to changing trends At-scale intelligence: For multi-dimensional monitoring, thresholds are calculated per dimension combination Example use cases AKS Pod restart spike anomaly detection Scenario: Monitor Kubernetes Pod logs for spikes in pod restarts across clusters. Why dynamic thresholds help: AKS workloads often scale dynamically; static thresholds can’t account for autoscaling patterns. Dynamic thresholds adapt to normal fluctuations in node/pod counts and alert only on true anomalies. Example query: KubePodInventory | summarize restartCount = sum(PodRestartCount) by bin(TimeGenerated, 10m), ClusterName, Namespace, Name Dynamic threshold settings: Measure: restartCount (the aggregated column from the query). Split by dimensions (optional): Namespace (for workload-level baselines). Name (for per-pod granularity if needed). Resource Inventory Drift Detection (Azure Resource Graph) Scenario: Detect sudden spikes in resource creation or deletion across subscriptions or management groups utilizing Log search alerts integration with Azure Resource Graph that may indicate runaway deployments. Why dynamic thresholds help: Large organizations often have thousands of resources with varying deployment patterns. Static thresholds can’t account for seasonal changes (e.g., monthly deployments, scaling events). Dynamic thresholds adapt per subscription or resource type, reducing false positives. Example query: arg("").Resources | summarize resourceCount = count() by type, subscriptionId Dynamic threshold settings: Measure: resourceCount (the aggregated column from the query). Split by dimensions (optional): type (for specific resource type changes). subscriptionId (for per-subscription granularity). Getting Started Learn more about Log Search Alerts with Dynamic Thresholds and how to set up alert rules in Azure Monitor.Public Preview: Azure Monitor Integration with Fabric Real Time Intelligence Eventhouse
Customers need to enable different scenarios to successfully operate their IT/OT environments and business processes for meeting business objectives. Building solutions to solve these problems requires deriving rich insights from telemetry data emitted by devices, assets, applications, typically, by combining with other data to answer business questions. The common need for the systems that produce the insights is the ability to obtain the data they need within acceptable latency, to process, produce and serve up the insights in the most actionable manner. Integrating Azure Monitor with Fabric Real Time Intelligence Eventhouseenables customers to build solutions to uncover business insights and trends. What's New The demand for leveraging telemetry data beyond observability scenarios is steadily increasing. Some examples include: To drive capacity management processes, utilization telemetry is mapped to inventory data. Correlating support ticket and resolution times with service performance telemetry to estimate engineering hours per dollar. With this new capability, customers can seamlessly leverage telemetry data collected via Azure Monitor for advanced analytics through a Fabric Real Time Intelligence Eventhouse, enabling comprehensive visualization and analysis of such scenarios. This public preview supports various event types from Windows and Linux-based Virtual Machines. Through the use of Data Collection Rules (DCR), customers maintain granular control over sending data to a Fabric Real Time Intelligence Eventhouse. By leveraging these platforms, organizations can monitor and enhance data-driven decision-making, boost operational efficiency, and strengthen business process and insights. Key Benefits Extensive Data Ingestion: Supports a wide range of telemetry types, including Windows event logs, Linux syslog, performance counters, IIS logs, and custom logs. Comprehensive Advanced Analytics: Leverage Fabric Real Time Intelligence Eventhouse for robust querying and visualization capabilities across Azure Monitor collected telemetry and other business data. Seamless Integration: Reduce implementation time by easily connecting existing Azure Monitor setups with Fabric Real Time Intelligence Eventhouse. You can access this feature directly from the Azure Portal in just a few steps: 1. Use the new Data Collection Rule creation experience to add a dataflow for any of the supported telemetry types. 2. Configure an existing Fabric Real Time Intelligence Eventhouse database as your destination. Optionally, you may create a new destination from this UI. 3. Within minutes after your Data Collection Rule (DCR) is deployed, you will see logs in your Fabric environment. From here you can query or build analytics on this and other available datasets. We invite you to explore this new feature in public preview and experience how it can transform your data monitoring and analytics workflows. For more details on getting started, please visit the Azure Monitor documentation.
