Welcome back to our deep dive into Azure Arc! In Part 3, we explored how Azure Arc can optimize your Windows and SQL Server licensing costs. Today, in Part 4, we’re focusing on harnessing the power of Azure Monitor for your on-premises machines using Azure Arc.
Imagine having a single dashboard that shows the health and performance of all your servers, whether they’re in Azure, on-premises, or in another cloud. With Azure Arc and Azure Monitor, this isn’t just a dream—it’s your new reality. Let’s unravel how to set up Azure Arc Monitoring for your non-Azure virtual machines and unlock comprehensive insights into your infrastructure.
Understanding Azure Monitor with Azure Arc
Azure Monitor is a powerful service that maximizes the availability and performance of your applications and services. By integrating it with Azure Arc-enabled servers, you can extend Azure’s robust monitoring capabilities to machines residing outside of Azure.
Key Benefits
- Unified Monitoring: Centrally monitor on-premises and cloud resources.
- Deep Insights: Collect and analyze logs and metrics for actionable insights.
- Proactive Alerting: Set up alerts to notify you of critical issues.
- Performance Optimization: Identify and resolve performance bottlenecks.
Setting Up Azure Arc Monitoring for Non-Azure Virtual Machines
Let’s walk through the step-by-step process to set up Azure Monitor for your on-premises Windows or Linux virtual machines using Azure Arc.
Prerequisites
- Azure Subscription: An active subscription to Azure.
- Azure Arc-enabled Servers: Your non-Azure virtual machines should be onboarded to Azure Arc. (Refer to Azure Arc Onboarding for assistance.)
- Network Connectivity: Outbound internet access on port 443 from the servers to Azure.
- Log Analytics Workspace: A workspace in Azure to store collected logs and metrics.
Step 1: Prepare Your Log Analytics Workspace
A Log Analytics Workspace is essential for data ingestion and analysis.
- Create a Log Analytics Workspace
- Navigate: In the Azure Portal, search for and select Log Analytics workspaces.
- Create Workspace:
- Click + Create.
- Subscription: Choose your Azure subscription.
- Resource Group: Select an existing group or create a new one.
- Name: Provide a unique name (e.g.,
ArcMonitoringWorkspace). - Region: Select the closest region to your on-premises infrastructure.
- Review and Create: Validate the information and click Create.
- Note Workspace Details
- Workspace ID and Primary Key: You’ll need these for agent configuration.
Step 2: Install the Azure Monitor Agent
The Azure Monitor Agent (AMA) replaces older monitoring agents and provides enhanced capabilities.
- Add the Azure Monitor Agent Extension
- Navigate: Go to your Arc-enabled server in the Azure Portal.
- Select Extensions: Under Settings, click on Extensions + applications.
- Add Extension:
- Click + Add.
- Choose AzureMonitorWindowsAgent (for Windows) or AzureMonitorLinuxAgent (for Linux).
- Click Next.
- Configure the Agent
- Data Collection Rule (DCR): You can associate the agent with a DCR now or later.
- Review and Install: Confirm the settings and click Install.
Step 3: Create Data Collection Rules
Data Collection Rules define what data is collected by the agent and where it’s sent.
- Create a Data Collection Rule
- Navigate: Search for Data Collection Rules in the Azure Portal.
- Create Rule:
- Click + Create.
- Basics:
- Subscription and Resource Group: Select the same as your workspace.
- Region: Must match the workspace region.
- Name: Provide a name (e.g.,
ArcServerMetricsDCR).
- Click Next.
- Define Resources
- Click + Add resources.
- Scope: Select Arc Server.
- Select Resources: Choose the servers you want to monitor.
- Click Next.
- Configure Data Sources
- Windows Performance Counters (for Windows servers):
- Add counters like
\\Processor(_Total)\\% Processor Time,\\Memory\\Available MBytes,\\LogicalDisk(_Total)\\% Free Space.
- Add counters like
- Syslog and Linux Performance Counters (for Linux servers):
- Define relevant syslog facilities and performance counters.
- Click Next.
- Windows Performance Counters (for Windows servers):
- Set Destinations
- Select Destination: Choose your Log Analytics workspace.
- Review and Create: Validate all settings and click Create.
Step 4: Verify Data Ingestion
Ensure data is flowing into Azure Monitor.
- Run Log Queries
-
Navigate: Go to your Log Analytics workspace.
-
Logs: Under General, select Logs.
-
Sample Queries:
-
Windows Event Logs:
1 2 3Event | where TimeGenerated > ago(1h) | summarize count() by Source -
Performance Metrics:
1 2 3Perf | where TimeGenerated > ago(1h) | summarize avg(CounterValue) by CounterName
-
-
Run Query: Execute the query to see if data is present.
-
- Check Agent Health
- Navigate: In the Azure Portal, go to Azure Monitor > Agents.
- Agent Health: Review the status of your agents to ensure they’re healthy.
Step 5: Create Alerts and Visualize Data
Proactively monitor your servers by setting up alerts and dashboards.
- Set Up Alerts
- Navigate: In Azure Monitor, select Alerts > + New alert rule.
- Define Alert Rule:
- Scope: Select your Log Analytics workspace.
- Condition: Use a Custom log search to define the criteria.
- Action Group: Create or select an action group for notifications.
- Alert Details: Provide a name and description.
- Create Alert: Review and create the alert rule.
- Build Dashboards
- Workbooks: Use Azure Monitor Workbooks to create rich visual reports.
- Templates: Utilize built-in templates like Performance Monitoring or Agent Health.
- Customization: Tailor the workbooks to display metrics and logs relevant to your environment.
- Pin to Dashboard: Add important charts and graphs to your Azure Portal dashboard for quick access.
- Workbooks: Use Azure Monitor Workbooks to create rich visual reports.
Additional Insights
Leverage Insights for Servers
Azure Monitor offers Insights specifically designed for servers.
- Enable VM Insights
- Navigate: Go to your Arc-enabled server.
- Insights: Under Monitoring, select Insights.
- Enable: Click on Enable if not already activated.
- Explore Metrics
- Performance: View CPU, memory, and disk utilization trends.
- Maps: Visualize connections between processes and external systems.
- Logs: Dive deep into collected logs for troubleshooting.
Integrate with Azure Security Center
Enhance security by integrating with Azure Security Center.
- Enable Security Center
- Navigate: In the Azure Portal, go to Azure Security Center.
- Getting Started: Follow prompts to enable it for your subscription.
- Assess Security Posture
- Recommendations: Review suggestions for improving security on your Arc-enabled servers.
- Threat Protection: Enable threat detection features for real-time alerts.
Automate at Scale
For larger environments, automation ensures consistency.
- Scripts: Deploy agents and configure monitoring using scripts.
- Policies: Use Azure Policy to enforce compliance and auto-remediate issues.
- Configuration Management: Integrate with tools like Azure Automation State Configuration or Desired State Configuration (DSC).
Conclusion
By integrating Azure Monitor with your on-premises machines via Azure Arc, you’re breaking down silos and achieving a holistic view of your infrastructure. This unified monitoring approach not only simplifies operations but also empowers you to be proactive in maintaining system health.
Key Takeaways:
- Centralized Visibility: Monitor all servers from a single platform.
- Proactive Management: Detect and resolve issues before they impact users.
- Enhanced Security: Leverage Azure’s security features across your environment.
- Scalable Solutions: Easily extend monitoring as your infrastructure grows.
Learn More
For further reading and detailed tutorials, check out these Microsoft Learn resources: