CloudAcademy
  1. Home
  2. Training Library
  3. Microsoft Azure
  4. Courses
  5. Analyzing Resource Utilization on Azure

Enabling Diagnostic Logs Using the Azure Portal

The course is part of these learning paths

AZ-103 Exam Preparation: Microsoft Azure Administrator
course-steps 15 certification 6 lab-steps 6

Contents

keyboard_tab
Welcome
2
Azure Advisor Cost Recommendations
Resource Baseline
Monitoring Cost Consumption
Cost Management Report
15
Cloudyn5m 16s
Conclusion
16
play-arrow
Start course
Overview
DifficultyIntermediate
Duration54m
Students478

Description

This course looks into how to capture log data and metrics from Azure services and feed this information into different locations for processing. We take a look at diagnostic logging which can help to troubleshoot services and create queries and alerts based on that data. We also look into Azure Adviser, cost consumption reporting and how we can baseline resources.  This aims to be an introduction to these advanced areas of Azure services.

 

Learning Objectives

  • Understand how to use and configure diagnostic logging for Azure services
  • Gain an understanding of Azure Monitor and how to create and manage alerts
  • Review cost consumption reporting and how to create scheduled reports
  • Investigate different methods for baselining resources

Intended Audience

  • People who want to become Azure cloud architects
  • People preparing for Microsoft’s AZ-100 or AZ-300 exam

Prerequisites

  • General knowledge of Azure services

 

For more MS Azure-related training content, visit our dedicated MS Azure Training Library.

Transcript

So in this resource group, we have our prerequisite destinations for the Diagnostic Logs. We will now return to the Jenkins resource group, and take a look at the Jenkins-NSG. So this is attached to the Linux machines. If we go down here to Diagnostic Settings, we get an option to turn on to collect data. So we're gonna set up one setting per output. So in this case, we'll call this Linux NSG DiagStorage Account So archive to a storage account. Now, we would like to configure the storage account to beAZUREDIAGDEMO. Select okay and then we wanna pick these two logs and their retention setting. So this setting applies to the storage account in terms of the retention. 

If we click save for that, and we return back a screen and refresh, we can now see we have this particular setting and the setting there for storage account, with event hub and log analytics not selected. So next we can add the event hub. That's optional, and we'll pick the default policy. Give it a name. And now we can see that one and we'll create one more for log analytics, which is the easiest. Just pick the workspace, and that's it. Give it a name. LogOMSDiag. So now we have three different policies set up for diagnostic logging for the NSG. So, the next thing we can do, is if we go to the monitor, so you can find this in under services and monitor, and diagnostic settings. So, here we can see these are the different objects within that resource group that we can connect diagnostic settings to diagnostic logging, and in this case, we have it connected to one of the NSGs. 

So if we've also wanted to connect the Windows NSG, click on it from there. So we go to that from monitor, turn on diagnostic settings, and we'll call this all in one. We can create one for diagnostic demo. Stream on events hubs, okay. Configure the event hub again and log analytics. There we go, so now we can see we've enabled diagnostic logging for both NSGs. So what we saw in the NSGs were two different log options. So if we go back and look at what the different settings were within here, there's a network security event and network security group rule counter. So, if we look at the other options we have for a different type of resource - so let's choose the Public IP addresses that are attached to these systems. If we go in here and turn on diagnostic settings, we have a different set of logs and we also have metrics. So this wasn't shown in the last one. The metric counters are numeric n-digit numbers that allow us to track and graph things rather than event-based. So, let's turn on one of these so we can get some other information. Just configure all of them.

 And if we return to the monitor, logging settings have been set up for three resources now. These are address specific resource types. So, if you want to enable guest logging for the machines this is the difference of a resource based monitoring and what we're about to do now is guest logs. So, we'll return to the resource group Jenkins. Type in here so we can easily find it. Then we go to the Linux Virtual Machine to start with and we scroll down to diagnostic settings, enable guest level monitoring. So, we can now see this is a Linux Machine and we're getting different logs which are Linux specific. And if we look at the metrics, we have processor, memory, network file system and disk. You can also choose to do custom. So there are additional, more specific counters, if you want to enable those. In this case, we'll just leave it with the basic.

 And additional SYSLOG levels so you can go to higher levels so you get less information. And then there are additional settings here for the storage account that you have chosen to log that information to. So, let's connect the Windows server where we can go look at the information that we collected. So here's the Windows machine and diagnostic settings. Choose enable guest level monitoring. This takes awhile so we'll just pause the video and return once it's complete. And here we can see the job completed. So, we can also go and look at custom and basic performance counters and add additional Windows counters to that list. There are additional logs so you can directly click IIS logs, if you have that installed, in different levels as well. It does understand .NET applications. One thing worth noting is if you're having trouble with the log collection you may need to remove and reinstall the agent. So, you can do that from this screen here.

About the Author

Students507
Courses2

Matthew Quickenden is a motivated Infrastructure Consultant with over 20 years of industry experience supporting Microsoft systems and other Microsoft products and solutions. He works as a technical delivery lead managing resources, understanding and translating customer requirements and expectations into architecture, and building technical solutions. In recent years, Matthew has been focused on helping businesses consume and utilize cloud technologies with a focus on leveraging automation to rapidly deploy and manage cloud resources at scale.