Query Azure Resource Graph from Azure Monitor
Azure Monitor now lets you query data in Azure Resource Graph from your Log Analytics workspace. You can utilize this feature to make your Azure Log Analytics queries aware of your resource’s properties such as tags, resource attributes and much more. You can run cross-service queries by using any client tools that support Kusto Query Language (KQL) queries, including the Log Analytics web UI, workbooks, PowerShell, and the REST API. Read more here
Log Analytics results upgrade
Log Analytics team has shipped one of it's most significant updates to date - a new and upgraded results set grid. The new results set boasts a brand new experience and designed aimed at empowering Log Analytics users to do more with Logs. The new result set introduces numerous new features and improvements and is designed to be more accessible and easy to use. Users can now use on grid filters, drag and drop actions and even Pivot mode to easily analyze their query results with no KQL knowledge needed.
Announcing the Public Preview of Azure Monitor health models
Troubleshooting modern cloud-native workloads has become increasingly complex. As applications scale across distributed services and regions, pinpointing the root cause of performance degradation or outages often requires navigating a maze of disconnected signals, metrics, and alerts. This fragmented experience slows down troubleshooting and burdens engineering teams with manual correlation work. We address these challenges by introducing a unified, intelligent concept of workload health that’s enriched with application context. Health models streamline how you monitor, assess, and respond to issues affecting your workloads. Built on Azure service groups, they provide an out-of-the-box model tailored to your environment, consolidate signals to reduce alert noise, and surface actionable insights — all designed to accelerate detection, diagnosis, and resolution across your Azure landscape. Overview Azure Monitor health models enable customers to monitor the health of their applications with ease and confidence. These models use the Azure-wide workload concept of service groups to infer the scope of workloads and provide out-of-the-box health criteria based on platform metrics for Azure resources. Key Capabilities Out-of-the-Box Health Model Customers often struggle with defining and monitoring the health of their workloads due to the variability of metrics across different Azure resources. Azure Monitor health models provide a simplified out-of-the-box health experience built using Azure service group membership. Customers can define the scope of their workload using service groups and receive default health criteria based on platform metrics. This includes recommended alert rules for various Azure resources, ensuring comprehensive monitoring coverage. Improved Detection of Workload Issues Isolating the root cause of workload issues can be time-consuming and challenging, especially when dealing with multiple signals from various resources. The health model aggregates health signals across the model to generate a single health notification, helping customers isolate the type of signal that became unhealthy. This enables quick identification of whether the issue is related to backend services or user-centric signals. Quick Impact Assessment Assessing the impact of workload issues across different regions and resources can be complex and slow, leading to delayed responses and prolonged downtime. The health model provides insights into which Azure resources or components have become unhealthy, which regions are affected, and the duration of the impact based on health history. This allows customers to quickly assess the scope and severity of issues within the workload. Localize the Issue Identifying the specific signals and resources that triggered a health state change can be difficult, leading to inefficient troubleshooting and resolution processes. Health models inform customers which signals triggered the health state change, and which service group members were affected. This enables quick isolation of the trouble source and notifies the relevant team, streamlining the troubleshooting process. Customizable Health Criteria for Bespoke Workloads Many organizations operate complex, bespoke workloads that require their own specific health definitions. Relying solely on default platform metrics can lead to blind spots or false positives, making it difficult to accurately assess the true health of these custom applications. Azure Monitor health models allow customers to tailor health assessments by adding custom health signals. These signals can be sourced from Azure Monitor data such as Application Insights, Managed Prometheus, and Log Analytics. This flexibility empowers teams to tune the health model to reflect the unique characteristics and performance indicators of their workloads, ensuring more precise and actionable health insights. Getting Started Ready to simplify and accelerate how you monitor the health of your workloads? Getting started with Azure Monitor health models is easy — and during the public preview, it’s completely free to use. Pricing details will be shared ahead of general availability (GA), so you can plan with confidence. Start Monitoring in Minutes Define Your Service Group Create your service group and add the relevant resources as members to the service group. If you don’t yet have access to service groups, you can join here. Create Your Health Model In the Azure Portal navigate to Health Models and create your first model. You’ll get out-of-the-box health criteria automatically applied. Customize to Fit Your Needs In many cases the default health signals may suit your needs, but we support customization as well. Investigate and Act Use the health timeline and our alerting integration to quickly assess impact, isolate issues, and take action — all from a single pane of glass. You can access health models today in the Azure portal! For more details on how to get started with health models, please refer to our documentation. We Want to Hear From You Azure Monitor health models are built with our customers in mind — and your feedback is essential to shaping the future of this experience. Whether you're using the out-of-the-box health model or customizing it to fit your unique workloads, we want to know what’s working well and where we can improve. Share Your Feedback Use the “Give Feedback” feature directly within the Azure Monitor health models experience to send us your thoughts in context. Post your ideas in the Azure Monitor community. Prefer email? Reach out to us at azmonhealthmodels@service.microsoft.com — we’re listening. Your insights help us prioritize features, improve usability, and ensure Azure Monitor continues to meet the evolving needs of modern cloud-native operations.How to leverage Azure Monitor to meet functional and non-functional requirements - No.1 overview
Azure Monitor can be used for centralized monitoring and analysis of log data by using Kusto query, thus Azure Monitor allows you to effectively monitor and visualize Azure resources. Azure Arc also empowers Azure Monitor to expand its capability to on-premise and other public clouds. You can monitor every resources across environments, Azure, AWS, GCP, OCI, on-premise and others, with Azure Monitor and Azure Arc, then Azure Monitor minimize your effort to manage all the resources regardless locations or environments. Azure Monitor is a very powerful solution, but customers and partners sometimes have a challenge to map Azure Monitor features to their functional and non-functional requirements. These series articles describe how to use various Azure Monitor features in terms of functional and non-functional requirements. This article answers how to meet the requirements by using Azure Monitor.Announcing preview: Enable Azure Monitor VM insights using Azure Monitor agent
Today, we are announcing preview for configuring Azure Monitor VM insights with the Azure Monitor agent - one more reason to migrate to the Azure Monitor agent and unlock its powerful capabilities! What’s changing? Currently, VM insights requires a Log Analytics agent and Dependency agent installed on each virtual machine or virtual machine scale set to be monitored. This preview introduces a version of VM insights that will use the new Azure Monitor agent and would replace the Log Analytics agent. Additionally, it’s not “just” an agent change, you get much more: Centralized configuration: You can easily set up VM insights using data collection rules (DCR). If you are using Azure portal, VM insights creates a default DCR if one doesn't already exist. You can associate the same DCR with multiple machines for the same set of configurations. Optimize costs: We have introduced a configuration option to enable/disable collection of processes and dependencies data that provides Map view. Earlier, Dependency agent was required to enable VM insights to collect this data. However, with the new configuration options, you can opt out of Dependency agent installation. Thus, collect only what you need and optimize the costs. Enhanced security and performance: Azure Monitor agent uses Managed Identity for virtual machines for authentication and security. These technologies are much more secure and "hack proof" than certificates or workspace keys that legacy agents use. This agent performs better at higher events-per-second upload rates compared to legacy agents. How to get started? You can onboard Azure Monitor VM insights using Azure Portal, ARM templates or Azure policy. The onboarding is governed by data collection rules. You can go to Monitor -> Virtual machines -> Not monitored tab and select ‘Enable’ for a VM to onboard to VM insights using Azure Monitor agent. A default DCR will be created if one doesn’t already exist, or you can select an existing DCR if you want to apply the same configurations. You can also deploy the ARM templates or use Azure policy to configure VMs atscale. What are VM insights DCRs? The data collection rule (DCR) for VM insights has three configuration options: Configuration option Description Guest performance Specifies whether to collect performance data from the guest operating system. This is required for all machines and enables the Performance view. Processes and dependencies Collects details about processes running on the virtual machine and dependencies between machines. This is optional and enables the VM insights map feature for the machine. If you enable this, Dependency agent will also be installed for the supported OS. Log Analytics workspace Specify a workspace to store the data. A unique combination of these options will form a DCR. A few things to keep in mind… We recommend using the DCRs provided in our documentation to enable VM insights. Modifying an existing DCR to enable VM insights may not install the required extensions or configure the required data streams for the VM insights visualizations. While you can edit an existing VM insights DCR to collect additional data such as Windows and Syslog events, however, we recommend creating additional DCRs and associate with the machine. More than one DCRs having same event ID and associated with same VM can result in data duplication. To avoid duplication, please make sure the event selection you make in your Data Collection Rules doesn't contain duplicate events. If you have configured VM insights using Log analytics agent, refer to our migration guidance to move to Azure Monitor agent. For your on-prem machines, we recommend enabling Azure Arc for servers so that the VMs can be enabled for VM insights using processes similar to Azure VMs. Check out our full documentation to get more details. We’d love to hear what you like and don’t like about this feature, and where you’d like us to take it. Please click Provide Feedback in the user experience to share your thoughts.Enabling Full-stack Observability with Azure Monitor and Grafana
Along with the announcement of Azure Managed Grafana, we are excited to introduce new Grafana integrations with Azure Monitor including the ability to pin Azure Monitor visualizations from Azure Portal to Grafana dashboards and new out-of-the-box Azure Monitor dashboards.Accelerate your observability journey with Azure Monitor pipeline (preview)
In the ever-evolving landscape of digital infrastructure, transparency in resource and application performance is imperative. Success hinges on visibility, and that’s true whether you’re operating on Azure, on-premise, or at the edge. As organizations scale their infrastructures and applications, the volume of observability data naturally increases. This surge can complicate the management of networking, data storage and ingestion, often forcing a trade-off between cost management and observability. The complexity doesn’t end there. The very tools designed to ingest, process, and route this data can be both costly and complex, adding layers of operational challenges. Moreover, edge infrastructure is deployed near IoT devices for optimal data processing, high availability, and reduced latency. This adds its own set of challenges when it comes to collecting telemetry from such constrained environments. Recognizing these challenges, our team has been focused on providing a robust, highly scalable, and secure data ingestion solution through Azure Monitor. We are thrilled to announce the preview of the Azure Monitor pipeline at edge. What is Azure Monitor pipeline? Azure Monitor pipeline, similar to ETL (Extract, Transform, Load) process, enhances traditional data collection methods. It streamlines data collection from various sources through a unified ingestion pipeline and utilizes a standardized configuration approach that is more efficient and scalable. This is particularly beneficial for cloud-based monitoring in Azure. We are now extending our Azure Monitor pipeline capabilities from the cloud to the edge, enabling high-scale data ingestion with centralized configuration management. What is Azure Monitor pipeline at edge? Azure Monitor pipeline at edge is a powerful solution designed to facilitate high-scale data ingestion and routing from edge environments to Azure Monitor for observability. It leverages the robust capabilities of the vendor-agnostic tool - OpenTelemetry Collector, which is used by enterprises worldwide to manage high volumes of telemetry each month. With the Azure Monitor pipeline at edge, organizations can tap into the same highly scalable platform with a standardized configuration and reliability. Whether dealing with petabytes of data or seeking consistent observability experience across Azure, edge, and multi-cloud, this solution empowers organizations to reliably collect telemetry and drive operational excellence. The Azure Monitor pipeline at edge is equipped with out-of-the-box capabilities to receive telemetry from a diverse range of resources and route it to Azure Monitor. Here are some key features: High scale data ingestion: Customers have various devices and resources at edge, emitting high volume of data. With Azure Monitor pipeline at edge, you can seamlessly scale to support ingestion of high volume of data in the cloud. Azure Monitor pipeline can be deployed on your on-premises Kubernetes cluster as an Arc Kubernetes cluster extension. This allows it to adapt to your data scaling needs by running multiple replica sets and provides you with full control to define workflows and route high-volume data to Azure Monitor. Observing resources in isolated environments: In the manufacturing sector, resources are often located in isolated network zones without direct cloud connectivity, posing challenges for telemetry collection. With the Azure Monitor pipeline at edge, combined with Azure IoT Layered Network Management, you can facilitate a connection between Azure and Kubernetes clusters in isolated networks, deploy the Azure Monitor pipeline at edge, collect data from resources in segmented networks, and route it to Azure Monitor for comprehensive observability. Reliable data ingestion and prevent data loss: Edge environments frequently encounter intermittent connectivity, leading to potential data loss and disrupting data continuity. The Azure Monitor pipeline at edge allows you to cache logs during periods of intermittent connectivity. When connectivity is re-established, your data is synchronized with Azure Monitor, preventing data loss. Getting started It’s super easy to get started! You need to deploy the Azure Monitor pipeline on a single Arc-enabled Kubernetes cluster in your environment. Once that is done, you can configure your resources to emit the telemetry to Azure Monitor pipeline at edge and ingest into Azure Monitor for observability. Once you Arc-enable your on-prem Kubernetes cluster and the prerequisites are met, go the Extension section, select Azure Monitor pipeline extension (preview) and create the instance. Alternatively, from the search bar in the Azure portal, select Azure Monitor pipeline and then click Create. Enter the information related to the pipeline instance. The Dataflow tab allows you to create and edit dataflows for the pipeline instance. Configure your resources to emit the telemetry to the Azure Monitor pipeline. Learn more in our documentation. Pricing There is no additional cost to use Azure Monitor pipeline to send data to Azure Monitor. You will be only charged for data ingestion as per the current pricing. FAQ What telemetry can be collected using Azure Monitor pipeline? Currently, in public preview, you can collect syslogs and OTLP logs using Azure Monitor pipeline at edge. We will keep expanding the data collection capabilities based on your feedback and requirements. How can I perform transformations on the telemetry that is collected? You can certainly transform your telemetry! Since this is an extension of Azure Monitor pipeline, you can perform the data collection transformations in the Azure Monitor pipeline at cloud. Is this another agent for data collection? Azure Monitor pipeline at edge is engineered to function in environments where installing agents on resources is not feasible, whether due to technical limitations or warranty concerns. It enables you to get the telemetry from these resources and acts as a central forwarding component to ingest high volume data. I have 100 Linux servers in my on-prem environment. Do I need to deploy Azure Monitor pipeline at edge on all of them? You need to deploy the Azure Monitor pipeline at edge on a single Arc-enabled Kubernetes cluster and configure it to ingest data into Azure Monitor. Once that is completed, you can configure your Linux servers to emit telemetry to the Azure Monitor pipeline at edge instance.
