Intro

• Before: ‘Application Insights’ and ‘Log Analytics’ were independent offerings/services
• Now: Microsoft merged ‘Application Insights’ & ‘Log Analytics’ and re-branded as ‘Azure Monitor’
• Log Analytics is renamed as ‘Azure Monitor Logs’ and available as ‘Logs’ page of ‘Monitoring’ section on left panel
• Azure Monitor is is built on top of Azure Log Analytics (Metrics data and Log data are managed by Log Analytics Workspace)
• Azure Monitor is designed to be the single place for monitoring all your Azure IaaS and PaaS services along with applications and code

Components of Azure Monitor

Azure monitor can be described as consists of following 3 components/layers:

• Data Source
  • Azure resource monitoring data
  • Azure subscription monitoring data
  • Azure tenant monitoring data
  • Application monitoring data
  • Guest OS monitoring data
  • Custom data
    • Azure monitoring packages (SDKs) installed in apps running in other cloud or on-premise
    • Data collected by Azure Monitor REST API
• Data Store
  • Metrics
  • Logs
• Functions/operations on data
  • Insights (Application, Container, VM, Monitoring Solutions)
  • Analyze (Metric Analytics, Log Analytics)
  • Visualize (Views, Dashboards, Workbooks, PowerBI)
  • Respond (Alerts, Auto-scale)
  • Integrate (Logic Apps)

My own conceptual diagram for Azure Monitor

Telemetry

• Collecting information in the form of measurements or statistical data, and forward it to IT systems in a remote location
• Automatic recording and transmission of data from remote or inaccessible sources to an IT system in a different location for monitoring and analysis
• Measurement of data at a remote source and transmission of the data to a monitoring station
• Telemetry is the automated communication processes from multiple data sources. Telemetry data is used to monitor security, application health, performance etc.

Telemetry data

• Metrics data
• Log data

Metrics and Metrics Explorer

• Metrics: Metrics are numerical values that describe some aspect of a system at a particular point in time
• Metrics Explorer
  • A dedicated page in ‘Monitoring’ section of settings panel
  • Can do
    • Charts using metrics
    • Alerts
    • Drill into logs
    • etc.
• Details: Azure monitor metrics

Insights

• Word meaning
  • Insight is the understanding of a specific cause and effect within a particular context
  • An accurate and deep understanding
• Insights in Azure Monitor
  • A curated list of pre-prepared queries, visualizations and dashboards (also contain Workbooks)
  • A customized monitoring experience for particular applications and services
  • Different kind of presentations of data related to performance and operation
  • Different kinds of Insights for Azure resources
    • Application Insights
    • VM Insights
    • Storage Insights
    • Etc.
• Details: Azure Monitor Insights

Logs and Log Analytics

• What is Log? :
  • Word meaning:
    • A part of the trunk or a large branch of a tree that has fallen or been cut off
    • Official record of somethings that has happened
    • An official record of events during the voyage of a ship or aircraft
  • In context of computer:
    • Systematic way of recording/storing informations (application information, system performance, user activities etc.)
    • Process of recording logs is called logging
    • Logging is done for diagnosis and auditing purposes
      • Diagnostic Log :
        • Recording the events that happen during runtime ( method calls, input/outputs, HTTP calls, SQL executions )
        • To find out why something went wrong
      • Audit Log :
        • Responsible for recording more abstract, business logic events
        • Events can be user actions (adding/editing/removal of content, transactions, access data) or other things that have either managerial value or, more importantly, legal value
• Logs in Azure Monitor:
  • Telemetry data (such as events and traces are stored as logs)
  • Performance data
• Analytics : Systematic computational analysis of data to discover meaningful patterns and to extract insights
• Log Analytics :
  • Process of analyzing aggregated log data to extract insights
  • Log analytics involves searching, analyzing and visualizing log data to gain operational insights
• Log Analytics in Azure monitor
  • Primary tool in the Azure portal for editing log queries and interactively analyzing their results
  • Performing different kinds of operations on log data to analyze and get insights
• Details: Azure monitor Log Analytics

Log Analytics Workspace

• Workspace
  • Word meaning: An area used or allocated for one’s work (or an area rented or sold for commercial purposes)
  • In context of computer
    • A temporary digital storage area that contains related data and software files: You can create and store images in your workspace
    • Wikipedia: A workspace is (often) a file or directory that allows a user to gather various source code files and resources and work with them as a cohesive unit. Often these files and resources represent the complete state of an integrated development environment (IDE) at a given time, a snapshot
• Azure Monitor stores log data in a Log Analytics workspace
• Log Analytics Workspace is an Azure resource and a container where data is collected, aggregated, and serves as an administrative boundary
• Details: Azure Monitor Log Analytics Workspace

Metrics vs Logs

• Metrics are something that has a count of a particular value with very little additional data attached, such as packets per second or CPU percentage and logs, which carry more details and are more verbose.
• Time takes for data to flow into Azure Monitor, and thus for your alerts to kick off if something isn’t right is much shorter for metrics than for logs
• Metric alerts tells you that something isn’t behaving as it should and logs lets you investigate why it’s happening

Charts

• To visualize data, charts can be created from Metrics and log query results
• Charts are automatically created from Azure monitor data in Insights
• Charts can be pinned in Dashboards
• More: Azure monitor metrics

Dashboards

• Azure dashboards are the primary dashboarding technology for Azure
• Azure dashboards allow you to combine different kinds of data into a single pane in the Azure portal
• Details: Azure monitor Dashboards

Workbooks

• Workbooks are interactive documents that provide deep insights into your data, investigation, and collaboration inside the team
• They allow you to tap into multiple data sources from across Azure, and combine them into unified interactive experiences
• Workbooks provide deeper insights into your data helping you with investigations and understanding your infrastructure
• Details: Azure monitor Workbooks

Alerts

• Alerts are about notifying when issues are found with your infrastructure or application using your monitoring data
• Details: Azure Monitor Alerts

Views and Solutions

• Views are being deprecated in favor of Workbooks
• Solutions are being deprecated in favor of Insights

Links

• https://www.altaro.com/hyper-v/azure-log-analytics-azure-monitor/
• https://stackoverflow.com/questions/55112648/azure-application-insights-or-log-analytics
• https://github.com/MicrosoftDocs/azure-docs/issues/27590