1. Home
  2. Training Library
  3. Designing Secure solutions in AWS - Level 2

Monitoring and Logging

Start course
Overview
Difficulty
Intermediate
Duration
2h 45m
Description

This course covers the core learning objective to meet the requirements of the 'Designing secure solutions in AWS - Level 2' skill

Learning Objectives:

  • Analyze the available options to secure credentials using features of AWS Identity and Access Management (IAM)
  • Evaluate the appropriate routing mechanism to securely access AWS service endpoints or internet-based resources from an Amazon VPC
  • Evaluate the appropriate encryption options available for data in transit and when at rest across AWS services
  • Evaluate the most appropriate key management service and options based on business requirements and governance controls

 

Transcript

Welcome back! In this lesson we’ll explore the monitoring and logging options for App Service.

Let’s start out with application performance monitoring using Application Insights. In the portal, under the monitoring section there’s an option for Application Insights. I’ve pre-enabled this in the app, which you can do in Visual Studio, or in the portal. So if want to use it, you’ll need to enable the monitoring agent.

On this first blade, you can get some basic information about slow requests, as well as a live stream of requests and errors.
At the bottom of this blade you can open up some additional info, however the really interesting stuff is under the analytics section. Clicking on it will open up the Application Insights site in another tab. Application Insights allows you to use a SQL like syntax to query data and even generate charts.

On this home dashboard there are some pre-created queries that you can run. Besides being useful queries, they also help you to get a sense for the query syntax.

Let’s check out the errors query. It starts out by referencing the requests data, followed by a where clause, and then a join to the exceptions table, and then creates a projection for what data you want returned.
Let’s go back to the home page and check out the performance query. Notice unlike the previous query this is showing a chart. Admittedly it’s not populated with much information, however the query syntax has the ability to render charts built right in.
Clicking on table you can see the limited data available to this app. The tables are available to drill into on this side here, where you can start to explore the data a bit. This is a simplistic look at the features, however hopefully it shows the value of Application Insights.

Let’s head back to the portal to check out the live site metrics dashboard.
If you click on Live Stream, it’ll load this dashboard where you can get a glimpse at what’s happening with your app. Let’s see some requests show by loading a page on the site. Now switching back to the app, you can see the request on this top request tile.

So, that’s a high level of application performance monitoring.

Let’s switch gears to cover alerts. Often times you’ll want to be notified when something happens. For example, if your app starts to queue up a lot of HTTP requests, it would help you to know that so you could review your Service Plan.

Alerts are pretty easy to configure, and they allow you to have an email sent, or to have a webhook called. The webhook would allow you to pass the alert off to some of your own code, maybe something like an Azure Function.

You can create alerts at the App Service or application level, and there are different metrics for both.

Under resource you can change to either the service plan or the app. At the moment the resource is set to the service plan, and then click the drop down, you can see there’s a handful of metrics, and then if you switch to the app, you can see there’s some different options. Besides the metrics you could also trigger alerts based on events, which again are different between the app and service plan.

These are all covered in the Azure docs, so I’m going to just put a link to the documentation on what metrics are available on the screen.

Alright, we’ve covered application performance monitoring and alerting, let’s check out logging now.
Before we can start utilizing the logs, we need to enable them, and we can choose which logs we want to enable, and which one we don’t.
And once you have some logs enabled, you can download them via FTP. This uses the same FTP account as the FTP deployment option, so if you’re not using FTP for deployments, you may need to go and create an FTP deployment user first.

Okay, besides the options for monitoring and logging we’ve already covered there’ also some additional basic info under the monitoring section. And there’s always third party tools should you want other options.

Okay, in the next lesson we’ll take a look at scaling options and how to scale up and out. So if you’re ready to cover scaling, then let’s get started in the next lesson.

About the Author
Students
207743
Labs
1
Courses
211
Learning Paths
163

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.

To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.

Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.