Monitor Logs And Analytics In Azure Monitor

Introduction

When we are the administrator of the company's Azure cloud infrastructure and responsible for systems that are critical to our company's operations, we will set up monitoring and diagnostics to help watch for problems.

Azure Monitor helps you maximize the availability and performance of your applications and services. It delivers a comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments. - Definition provided in Azure Docs

Prerequisites

  • Azure account (You can get a free Azure account from the Microsoft developer essentials program)
  • Already need to have an Azure Storage account. If you don't kindly create an account referring to the articles.

Creating a Log Analytics Workspace

After logging into the Azure Portal.

In the top search bar, type in and click on Log Analytics workspaces

Right under the Log Analytics workspaces title, click on + Create.

  1. For the Resource group, create a new one or else chose the available one. For Name, Kindly use the unique name.
  2. For Region, chose East-us. Click Review + Create and then press Create

After the deployment is complete, click on Go to the resource.

Configuring the Diagnostics Settings

  1. On the monitor-wa page, in the left-hand menu scroll down to the Monitoring section, then click Diagnostic settings. Click + Add diagnostic setting

On the Diagnostic setting page, enter the following:

  • Diagnostic setting name: AuditToAnalytics
  • Logs: Check audit
  • Destination details: Check to Send to Log Analytics workspace

In the top-left, click Save.

Monitor Logs and Analytics in Azure Monitor

Configure Log Analytics and Create a Query

On the top search bar, type in and click on Monitor, and on the left-hand menu, click on Logs.

In the Select a scope page, type in monitor-wa in the Search to filter items... bar, press enter, and select monitor-wa, then click Apply.

Monitor Logs and Analytics in Azure Monitor

On the right of the page under the Run button, in the query editor which says Type your query here, paste in the following:

LAQueryLogs | where TimeGenerated > ago(1h) | summarring(ResponseCode), bin(TimeGenerated, 1m) | render columnchart with (kind=stacked)ize count() by tost

Monitor Logs and Analytics in Azure Monitor

On the top, click on Save > Save as a query. Then, in the Save as query pop-up, for Query name type in AnalyticsLogResponseCodes and click Save.

Click on the first line of the query you entered earlier to select it, then click Run

Below the query, in the Chart tab, you will see a bar graph. If not, wait for about five minutes, then run it again; the query uses data created from this lab. so no results may have been logged when you first run the query.

Monitor Logs and Analytics in Azure Monitor

Set up Alerts

In the left-hand menu, click Alerts. Click + New Alert Rule. At the Create an alert rule page, at the Scope tab, click + Select scope.

On the Select a resource panel, from Filter by resource type select Storage accounts, then click the row with the Resource and chose the desired resource group. Click Done.

Back at the Create an alert rule page, click the Condition tab.

A Select signal panel will show up. You may need to wait a few seconds for the signals to show up.

In Select a signal panel, and click the row with a Signal name of Egress, This will cause a Configure signal logic panel to appear.

Monitor Logs and Analytics in Azure Monitor

In the Configure signal logic panel, scroll down to the bottom of the panel, and at the end of the Alert logic section, leave Threshold as Static, and for Threshold value enter 0. Then Press Done.

Back at the Create an alert rule page, click the Actions tab, then click + Create an action group. Chose the desired resource group and then Click Review + Create and Create.

Monitor Logs and Analytics in Azure Monitor

Back on the Create an alert rule page, click the Details tab, then enter the following:

  • Alert rule name: StorageAcountAnyEgressAlert
  • Alert rule description: Alert triggers every minute there is any egress from the storage account.

Then Click Review + create, then click Create.

Monitor Logs and Analytics in Azure Monitor

You will be back at the Monitor | Alerts page. Click Alert rules.

Monitor Logs and Analytics in Azure Monitor

Configuring the Applications Insights

We need to create an Application Insights resource that will monitor an application that we are going to create in the upcoming section.

On the top search bar, type in and click on Application Insights, and Click Create Application Insights apps

At the Application Insights page, enter the following:

  • Resource Group: As the same resource group that we used previously
  • Name: monitor-aw
  • Region: (US) East US
  • Log Analytics Workspace: monitor-wa(the name of the workspace you created earlier)

Click Review + create, then click Create.

When the deployment is done, then navigate to the resource page.

Creating an Application to Monitor

We are going to create an ASP.NET Core application and will configure it to monitor the account using the Application Insights resource we have created.

Copy down the Connection String from the monitor-aw insight for further use.

Monitor Logs and Analytics in Azure Monitor

We are going to create an application using Azure Cloud Shell.

On the top of the screen, click on the Cloud Shell button and chose the PowerShell in the prompt

Monitor Logs and Analytics in Azure Monitor

In the You have no storage mounted window, click on Show advanced settings, and enter the following:

Click Create storage.

  • Cloud Shell region: East US
  • Resource group: Select Use existing
  • Storage Account: Select Use existing and choose the desired one
  • File share: powershell (Leave Create new selected.)

Press Create storage.

Once the PowerShell command prompt is available, run the command dotnet new mvc -o mvc --no-https

Enter cd mvc, then enter dotnet add package Microsoft.ApplicationInsights.AspNetCore

After this, we have a simple ASP.NET Core MVC application created, and the Application Insights package installed.

Enter code .

To open the project in the VS Code.

Monitor Logs and Analytics in Azure Monitor

On the editor, on the left under FILES, click on appsettings.json.

We are going to Overwrite the contents of appsettings.json with the JSON below, then replace <Connection String> on line 11 with the value you stored earlier (make sure to enter the connection string within double quotes).

{
    "Logging": {
        "LogLevel": {
            "Default": "Information",
            "Microsoft": "Warning",
            "Microsoft.Hosting.Lifetime": "Information"
        }
    },
    "AllowedHosts": "*",
    "ApplicationInsights": {
        "ConnectionString": "<Connection String>"
    }
}

We are adding the ApplicationInsights setting, which will allow the Application Insights to monitor this application.

Save the file using the ctrl + S command

Click on the Startup.cs file and the services.AddApplicationInsightsTelemetry(); under the ConfigureServices() method and Save it.

Navigate to FILES >Controllers >HomeController.cs. Overright the existing Index() method with the below code.

public IActionResult Index() {
    _logger.LogWarning("Index accessed successfully");
    return View();
}

Back on the command prompt, run the command dotnet run

On the top of the PowerShell panel, click the Web preview button and then click on the Configure

On the Configure port to preview window, type 5000 into the field, and click Open and browse.

It opens a welcome page in a new tab.

Then refresh the tab several times then close the windows. It will generate a log event which we will monitor through Application insights

Monitor Logs and Analytics in Azure Monitor

Back to the portal browser tab and close the PowerShell. 

On the left-hand menu click on Transaction search and Click See all data in the last 24 hours.

Monitor Logs and Analytics in Azure Monitor

We will see under Results various events, including the log warning our code printed, Index accessed successfully.

Conclusion

Now it's everything is set up for developers to be able to produce a proper web application with application insights enabled.