Azure monitor is a dashboard for all of the diagnostics activities within the Azure account to monitor applications and the infrastructure all in one place. One the main features of the monitor is to be able to create a baseline for resources.
A typical account may contain a large number of resources. If something were to happen to any of them then how do you recover from that?
The concept of the baseline is having each of your resources stored as either a script in the form of a PowerShell script or a CLI or stored as a template in an ARM template. This is referred to as Infrastructure as Code (IaC).
When you need to make changes to it, instead of going the Azure portal and modifying the resources directly you would modify the template and just redeploy them.
One way to get started would be to go to an existing resource group in Azure portal and take a look at the list of deployments. Each deployment will consist of the template and the parameters files along with the code to execute it. You can download these or add to your template library in Azure portal.
When we create a resource groups the Diagnostic Settings allow us to create visualisations based on selected metrics that helps us monitor resources. Alerts is another important part of this. You can create an alert rule with a target to monitor. This will notify you of an event that fits your criteria. The alerts you create a placed within a new resource group
Alerts are basically a notifications that happen behind the scenes just fire off a message when something meets a criteria but metrics is a little bit different. You can’t create a chart of a bunch of metrics such as network in and out and save it in the Azure monitor area. They are not save. So if you want to keep the ones you create then you to create them and add them to the dashboard by clicking on ‘Pin to dashboard’.
At the top of the Azure monitor area there is Manage action groups. An action group is a collection of notification preferences in an Azure account. Azure Monitor and Service Health alerts use action groups to notify users that an alert has been triggered. Various alerts may use the same action group or different action groups depending on the user’s requirements.
The fundamental resource that log analytics needs to operate is called the workspace. It’s just a storage container in to where the logs will be pulled into. This is done by identifying the workspace data sourced (from VMs, storage account logs Azure activity logs etc.).