1. Home
  2. Training Library
  3. Microsoft Azure
  4. Courses
  5. Analyzing Resource Utilization on Azure

Analyzing and Creating Alerts

Start course

This course looks into how to capture log data and metrics from Azure services and feed this information into different locations for processing. We take a look at diagnostic logging, which can help to troubleshoot services and create queries and alerts based on that data. We also look into Azure Adviser, cost consumption reporting, and how we can baseline resources. This is an introduction to these advanced areas of Azure services.

Learning Objectives

  • Understand how to use and configure diagnostic logging for Azure services
  • Gain an understanding of Azure Monitor and how to create and manage alerts
  • Review cost consumption reporting and how to create scheduled reports
  • Investigate different methods for baselining resources

Intended Audience

  • People who want to become Azure cloud architects
  • People preparing for Microsoft’s AZ-303 exam


  • General knowledge of Azure services

For more MS Azure-related training content, visit our Microsoft Azure Training Library.


For this next example, let's use a WordPress website running as a PaaS service to create an alert looking for page 404 HTTP responses and send ourselves an email. So, the first thing you want to do is go to the Monitor in Azure and select Alerts. Again, this is a central place to record all the alerts. We can see here we've got a total of alert rules (14), and 8 are enabled. You'll also notice here that there are different severities, so when you create your alert, you can choose your severity. This helps you collect all your infrastructure into a single place and gives you an idea of what's critical and what's not. So, we're going to create a new rule, and here are the conditions we mentioned earlier: an alert condition, which is a target, and criteria. There's the alert action, where you define the rules, severity, and the action group. So, the first thing we do is select a target, and select App Services, and we can see Azurefieldnotes. We’ll select that. We can now see what's our target, and we want to add the criteria. So what we do notice here is there are 168 different signals we can alert on.

So as we said, there are some metrics, these come from the platform itself, and there are also activity logs. Within the activity logs, there are different categories. So here's Administrative, Security, Recommendations, and Policy. In our case, we want to alert on Http 404. When we select the metric signal, we get a sample graph of data collected over the last 6 hours. We also see, in this case, there happen to be multiple instances because, in the App Services plan, there are three instances that run this website. So we want to select all of them, and what this allows us to see is a sum of the time of each of these. So before, when we had the aggregation, we can see that above 40 is where we want alerts.

So we want to ignore these bumps and just alert when we have this kind of spike. So, we'll make it 50. We're not going to select a specific instance, and we're just going to say when greater than a total aggregation of 50, and select Done. Now we're going to put in an alert name for our rule. We’ll call it Page404 Greater than 50. And we'll set it to severity 3. Enable the rule upon creation. And now we need to create an action group. We're going to do a new action group. We're going to call this WebAlerts and also have a short name of WebAlerts. We need to choose a resource group to put this in. We have a default resource group here that’s already set up. Then we choose email, and we're going to send an email to Matt. Select OK...and OK.

So we need to wait for that action group to get created. It’s done, so it added that for us. If we already had an action group we wanted to use, we could say “Select action group” and see our existing action groups that we've already created. In this case, we're using a new one. Click “Create rule”. As we wait for that rule to be created, we should get an email that tells us we've been added to the action monitor group. This allows us to know that we can receive the email and that the alert is set up. If we go back to Manage alerts, we can see our “Page404 Greater than 50” response. Here’s the Target Resource, Target Resource Type, and the Signal. So that's our alert. If we look in here, we can go and modify the conditions if we need to. Here we can see the bar where it's going to get triggered. And that's it for creating an alert.


About the Author

Matthew Quickenden is a motivated Infrastructure Consultant with over 20 years of industry experience supporting Microsoft systems and other Microsoft products and solutions. He works as a technical delivery lead managing resources, understanding and translating customer requirements and expectations into architecture, and building technical solutions. In recent years, Matthew has been focused on helping businesses consume and utilize cloud technologies with a focus on leveraging automation to rapidly deploy and manage cloud resources at scale.