For enterprises, monitoring is a compelling feature and is very important for the cloud-based services that they consume. There are sets of Azure native monitoring capabilities which proactively identify the problem in seconds i.e. unified monitoring, app insights, Azure alerts, network performance monitor of network watcher along with AKS clusters monitoring.

What is Azure Monitoring?

Azure Monitoring collects, analyzes, and acts on telemetry data from Azure environments. Azure Monitor assists in availability of Azure services and enhances the performance of an application. It also proactively identifies the problem in seconds. The Azure Monitor acts and performs calculations based on the data collected by various actions such as alerting, analysis, and transmission to external systems.

Establish proactive infrastructure monitoring with Azure native capabilities.

Azure Unified Monitoring

Metrics, logs, and alerts are the key features for monitoring and now work as ‘ONE’ integrated solution with one metrics, one log, and one alert experience across all our monitoring tools.

• One Metrics: Metrics are collected automatically from most of the utilized Azure services. These metrics are available in near real time, and multi-dimensional custom charts can be created for visualization.
• One Log: Azure Monitor is the central place to collect logs from monitoring, management, audit, security, and all the other log types in Azure. Kusto allows the execution of Kusto query to run diagnostics, root-cause analysis, statistics, and visualizations.
• One Alert: Azure Monitor alerts are capable of proactively notifying critical conditions and potentially taking corrective actions using an action group. It permits to setup logs (either analytics-based or metrics-based), Ping and Azure AD alerts with multi-resource & multiple time series-based rules and configure action groups for notifications along with serverless or automation integration.

Virtual Machine Monitoring

Azure Monitor for Virtual Machines (VMs) monitors the performance and data for Linux and Windows VMs and looks after the health and availability of VMs using customizable alert thresholds. VM Monitor insights ensure performance and maps of virtual machines. The maps further verify VM back-end dependencies are connected properly and notifies if any client of a VM is affected or not. It also extends troubleshooting guest-level issues and gathers information about VM resource utilization. Metrics and alerts are on customizable threshold.

Performance Diagnostics

Performance Diagnostics is a self-help tool for troubleshooting virtual machine performance issues. For instance, it can be utilized to identify slow performance, high disk utilization, and high usage of CPU in a VM. Since long, garbage collection pauses were detected on managed processes, it is always recommended to go through with performance diagnostic prior to raising a Microsoft support request.

Get Insight with Application Insights

A powerful feature of Azure Monitor is an extensible to get Application Performance Management (APM) service with Application Insights. Application Insights can be used to monitor live applications. It detects performance anomalies, nth level dependency, request rates and response time, performance counters, exceptions and includes analytics tools to diagnose issues related to user activities.

Monitor Health & Availability of Apps

Azure Service Health

Service Health apprises the maintenance and service incidents in Azure so that the end-user could take adequate steps to mitigate downtime. A scheduled maintenance for Azure resources and regions may have some impact, and this will be intimated to the users on prior notice so that they can act accordingly.

The below three events of Azure Service Health embrace some unexpected errors and planned downtime:

• Service Issues– Comprises reports of the current issues happening in Azure resources like service outages.
• Planned Maintenance – A scheduled maintenance that contains the reports of services scheduled by Azure.
• Health Advisories – It reports an issue that requires an action to avoid service interruption.

Azure Status

The Azure Status page (https://status.azure.com/en-us/status) provides information about the health of Azure services and regions. It directs to understand the availability of resources in different regions so that the user can choose the right region for better performance and increased efficiency. It works significantly with Azure Service Health for maximum benefits to troubleshoot a service issue and planned maintenance.

Azure App Service & Service Availability

There are ways to verify the availability of an AppService and other services. Ping test alerts identify and verify the availability of AppService across different regions. It is accurate and takes adequate action on that basis.

Azure Alerts Characters

• Metrics Alerts: These are the series of measured values and counts that are collected and stored over time.
• Activity Log Alerts: It triggers as soon as any change of state happens like an administrative event occurs that matches the conditions specified in the alert.
• Scheduled Query Alerts: Language-based log analytics alerts on Kusto query.
• Ping Test Alerts: These alerts help verify the geographical availability of AppService.
• Budget Alert: These are related to cost or usage. It notifies if the cost exceeds the defined threshold unit.
• Sign-in Alert: A user sign-in activity and detailed information about managed application.
• Audit Logs Alert: This alert is based on activity information about users and group managed applications, management, and directory activities.
• Health Alert: It is an Azure Service Health alert based on service outage or downtime.

Network Performance Monitor

Network Performance Monitor for Express Route

Network Performance Monitor (NPM) is a cloud-based network monitoring solution that monitors the connectivity between Azure infrastructure and on-premises locations. NPM for ExpressRoute helps in the identification and elimination of network issues.

Experiencing High Bandwidth Utilization

If the end-user experience high bandwidth utilization, then it has a capability to view the bandwidth utilization for Azure Private Peering for ExpressRoute circuit along with the average latency and packet loss.

Identification of Bottleneck for Connectivity Loss or Downtime Point for Express Route

NPM assists in the identification of connectivity loss, downtime from one end to another. It aids in discovering which hop is generating an issue from Azure VNET to on-premises using topology dashboard. It is a typical topology view where the Azure VM is connected to the on-premise’s VM on the right over primary ExpressRoute connections.

Network Latency Within Subnet Network

NPM allows the identification of network latency. Peak loss can occur. To view the latency, peak loss between node links opt a way to view its subnetwork links e.g. from Azure VNET to on-premises or vice versa. NPM explains it in a fine way for any desired date as well.

Receiving Express Route Connectivity Issues

NPM assists the diagnosis of several circuit connectivity issues, though it happens very rarely. Two endpoints are not connected over the ExpressRoute which includes all the hops. It helps to take adequate action to resolve this issue.

Network Watcher

Connection Troubleshooting– It helps to verify a connection between two VMs, Fully Qualified Domain Name (FQDN), Uniform Resource Identifier (URI) or IP4 addresses. The connection monitor of Network Watcher oversees communication at frequent intervals and communicates about the reachability, latency, and network topology changes between the VM and the endpoint. An example of this phenomenon can be a virtual machine which is communicating with Azure storage, despite the fact that the Azure storage firewall is preventing healthy communication.

Packet Capturing

Network Watcher packet capture allows traffic to capture to and from virtual machine under a subscription resource group. The packet capture output file (.cap) can be stored in a storage account, file, or both. It can be further analyzed by network capturing tool.

Verification IP Flow Verify

Network Watcher IP flow verify whether a packet is allowed or denied to or from a virtual machine. There are a few parameters which should be set up to verify IP flow for virtual machine. These are the virtual machine, network interface, direction (inbound and outbound) local port and remote port. Generally, it returns the rule name that denied the packet (IP flow) managed by a network security group.

Azure Monitor for Containers

Container Insights

Container Insights is a feature designed to monitor the performance of all the container workloads deployed to:

• Azure Kubernetes Service (AKS)
• Self-managed Azure Kubernetes clusters hosted using AKS Engine
• Azure Container Instances (ACI)
• Azure Red Hat OpenShift & Azure Arc-enabled Kubernetes (preview)
• Self-managed Kubernetes clusters hosted on on-premises and Azure Stack

Azure Monitor for containers permits performance visibility after collecting the metrics and processor from nodes, containers and controllers that are available in Azure Kubernetes service using metrics API. Log analytic agent for Linux collects clusters, metrics and logs available in Azure Kubernetes.

Diagnostic settings such as kube-apiserver, kube-audit and others can be enabled and transmitted either to log analytics workspace, storage, or to event hubs.

Log Query and Diagnostic Settings

Monitoring for containers allows the collection of diverse set of data like performance metrics, inventory data, and health state information from container hosts and containers. Every three minutes, system collects information or data and forwards it to the Log Analytics Workspace (LAW) underneath Azure Monitor service. Later it’s available for detailed analysis using query. Data can be queried in Azure Monitor using Kusto query.

Access Kubernetes Resources from the Azure Portal (Preview)

The preview feature includes a Kubernetes resource viewer (preview) for easy access to the Kubernetes resources in Azure Kubernetes Service (AKS) cluster. It assists in reducing the context switching between the kubectl command-line tool and Azure portal, streamlining the experience for viewing and editing Kubernetes resources.

It is further categorized into the below three sections:

• Namespaces display the namespaces of your cluster. It allows to filter and display the namespace resources
• Workloads display information about daemon sets, deployments, replica sets, and pods deployed to the cluster
• Services and ingresses show the service and ingress resources of all the clusters

NOTE: It allows the update of yaml on the fly.

Monitor Deployment Insights

Deployment insights shows Kubernetes resources view, where the users can visualize the status of individual CPU, memory, and deployment usage.

Conclusion

Azure Native Monitoring is an inbuilt, powerful capability to get inner details of a resource, platform and active directory. Details like CPU utilization, app availability, activities, performance without any hassle of integration with third-party tools. With each passing day, Azure continues to get richer and is introducing tools to monitor other cloud providers from Azure interface like Sentinel.