AZ-104-MicrosoftAzureAdministrator/LAB_11-Implement_Monitoring.md at master · MicrosoftLearning/AZ-104-MicrosoftAzureAdministrator · GitHub

Task 1: Provision the lab environment
Task 2: Register the Microsoft.Insights and Microsoft.AlertsManagement resource providers
Task 3: Create and configure an Azure Log Analytics workspace and Azure Automation-based solutions
Task 4: Review default monitoring settings of Azure virtual machines
Task 5: Configure Azure virtual machine diagnostic settings
Task 6: Review Azure Monitor functionality
Task 7: Review Azure Log Analytics functionality

Task 1: Provision the lab environment

Files

$location = "West Europe"
$rgName = "az-104-11-rg0"
New-AzResourceGroup -Name $rgName -Location $location -Force

New-AzResourceGroupDeployment `
   -ResourceGroupName $rgName `
   -TemplateFile az104-11-vm-template.json `
   -TemplateParameterFile az104-11-vm-parameters.json `
   -AsJob

Done


Task 2: Register the Microsoft.Insights and Microsoft.AlertsManagement resource providers

From cloud shell

Register-AzResourceProvider -ProviderNamespace Microsoft.Insights

Register-AzResourceProvider -ProviderNamespace Microsoft.AlertsManagement


Task 3: Create and configure an Azure Log Analytics workspace and Azure Automation-based solutions

In this task, you will create and configure an Azure Log Analytics workspace and Azure Automation-based solutions

Create Log Analytics workspace

Same region


Create an Automation Account

same region

On the Automation account blade, in the Configuration Management section, click Inventory.

In the Inventory pane, in the Log Analytics workspace drop-down list, select the Log Analytics workspace you created earlier in this task and click Enable.

On the Automation account blade, in the Update Management section, click Update management and click Enable.

Task 4: Review default monitoring settings of Azure virtual machines

In this task, you will review default monitoring settings of Azure virtual machines

On the az104-11-vm0 | Metrics blade, on the default chart, note that the only available Metrics Namespace is Virtual Machine Host.

Note: This is expected, since no guest-level diagnostic settings have been configured yet. You do have, however, the option of enabling guest memory metrics directly from the Metrics Namespace drop down-list. You will enable it later in this exercise.


Task 5: Configure Azure virtual machine diagnostic settings

In this task, you will configure Azure virtual machine diagnostic settings.

On the Overview tab of the az104-11-vm0 | Diagnostic settings blade, select a Diagnostic storage account, and then click Enable guest-level monitoring.

Installing diagnostics settings for az-104-11-vm0

Switch to the Performance counters tab of the az104-11-vm0 | Diagnostic settings blade and review the available counters.

It comes up automatically, Note: By default, CPU, memory, disk, and network counters are enabled. You can switch to the Custom view for more detailed listing.

Switch to the Logs tab of the az104-11-vm0 | Diagnostic settings blade and review the available event log collection options.

Note: By default, log collection includes critical, error, and warning entries from the Application Log and System log, as well as Audit failure entries from the Security log. Here as well you can switch to the Custom view for more detailed configuration settings.

On the az104-11-vm0 blade, in the Monitoring section, click Logs and then click Enable.

On the az104-11-vm0 – Logs blade, ensure Azure Monitor agent (Recommended) is selected, and then click Configure.

Enable it and see the options, takes 5 min go next.

On the az104-11-vm0 | Logs blade, in the Monitoring section, click Metrics.

On the az104-11-vm0 | Metrics blade, on the default chart, note that at this point, the Metrics Namespace drop-down list, in addition to the Virtual Machine Host entry includes also the Guest (classic) entry.

Note: This is expected, since you enabled guest-level diagnostic settings. You also have the option to Enable new guest memory metrics.

CPU, memory, disk, and network counters are enabled here now

Task 6: Review Azure Monitor functionality

In the Azure portal, search for and select Monitor and, on the Monitor | Overview blade, click Metrics.

On the Select a scope blade, on the Browse tab, navigate to the az104-11-rg0 resource group, expand it, select the checkbox next to the az104-11-vm0 virtual machine entry within that resource group, and click Apply.


Note: This gives you the same view and options as those available from the az104-11-vm0 – Metrics blade.

On the Monitor | Metrics blade, on the Avg Percentage CPU for az104-11-vm0 pane, click New alert rule.

On the Create alert rule blade, in the Condition section, click the existing condition entry.

On the Configure signal logic blade, in the list of signals, in the Alert logic section, specify the following settings (leave others with their default values)

Click Next: Actions >, on the Create an alert rule blade, in the Action group section, click the + Create action group button.

On the Notifications tab of the Create an action group blade, in the Notification type drop-down list, select Email/SMS message/Push/Voice. In the Name text box, type admin email. Click the Edit details (pencil) icon.

On the Email/SMS message/Push/Voice blade, select the Email checkbox, type your email address in the Email textbox, leave others with their default values, click OK

, back on the Notifications tab of the Create an action group blade, select Next: Actions >.

On the Actions tab of the Create action group blade, review items available in the Action type drop-down list without making any changes and select Review + create.

On the Review + create tab of the Create action group blade, select Create.

Back on the Create alert rule blade, click Next: Details >, and in the Alert rule details section, specify the following settings (leave others with their default values):

Create it

Note: It can take up to 10 minutes for a metric alert rule to become active.

In the Azure portal, search for and select Virtual machines, and on the Virtual machines blade, click az104-11-vm0.

RDP to it

# From the Command Prompt, run the following to trigger increased CPU utilization on the az104-11-vm0 Azure VM:

for /l %a in (0,0,1) do echo a

Leave the Remote Desktop session open and switch back to the browser window displaying the Azure portal on your lab computer.

(All rules are stored here, look while we wait)

In the Azure portal, navigate back to the Monitor blade and click Alerts.

Note the number of Sev 3 alerts and then click the Sev 3 row.

Note: You might need to wait for a few minutes and click Refresh.

On the All Alerts blade, review generated alerts.

Task 7: Review Azure Log Analytics functionality

In the Azure portal, navigate back to the Monitor blade, click Logs.

Note: You might need to click Get Started if this is the first time you access Log Analytics = no, have it from before

If necessary, click Select scope, on the Select a scope blade, select the Recent tab, select az104-11-vm0, and click Apply.

In the query window, paste the following query, click Run, and review the resulting chart:

// Virtual Machine available memory
// Chart the VM's available memory over the last hour.
InsightsMetrics
| where TimeGenerated > ago(1h)
| where Name == "AvailableMB"
| project TimeGenerated, Name, Val
| render timechart

Click Queries in the toolbar,

on the Queries pane,

search for it

locate the Track VM availability tile and double-click it to fill the query window, click the Run command button in the tile, and review the results.

On the New Query 1 tab, select the Tables header, and review the list of tables in the Virtual machines section.

Note: The names of several tables correspond to the solutions you installed earlier in this lab.

Hover the mouse over the VMComputer entry and click the See Preview data icon.

If any data is available, in the Update pane, click Use in editor.

Note: You might need to wait a few minutes before the update data becomes available.

Last lab done

Extra: save the query for the coin app

Eeeek, check the code for the format

ALERTMSG-COIN

Edit time range to last 7 days

Save the query

Then the query is saved in a pack in rg rg-loganalyticswsqa, next to the workspace