Introduction to Azure Monitoring

Monitoring is the practice of collecting, analysing, and acting on telemetry data from your cloud infrastructure and applications. In Azure, monitoring is essential for maintaining the health, performance, and security of your workloads. Without monitoring, you are operating blind — unable to detect failures, understand usage patterns, or optimise costs.

---

Why Monitor Azure Workloads?

Cloud workloads are dynamic. Resources scale up and down, deployments happen frequently, and failures can cascade across services. Monitoring addresses several critical needs:

• Availability — detect outages and service degradation before users report them
• Performance — identify slow queries, high latency, and resource bottlenecks
• Security — spot anomalous activity, unauthorised access, and configuration drift
• Cost — track resource consumption and identify waste
• Compliance — maintain audit trails and prove adherence to regulatory requirements

The Cost of Not Monitoring

Without proper monitoring:

• Incidents go undetected for hours or days
• Root cause analysis becomes guesswork
• Capacity planning is based on assumptions rather than data
• Compliance audits become painful and time-consuming
• Costs spiral due to orphaned or over-provisioned resources

---

The Azure Monitoring Ecosystem

Azure provides a comprehensive set of monitoring tools that work together:

Service	Purpose
Azure Monitor	The unified monitoring platform — collects metrics, logs, and traces
Log Analytics	Query engine for log data using Kusto Query Language (KQL)
Application Insights	Application performance management (APM) for web apps
Azure Activity Log	Control-plane audit trail — who did what and when
Azure Advisor	Personalised recommendations for cost, security, and reliability
Azure Service Health	Status of Azure services and planned maintenance
Microsoft Sentinel	Cloud-native SIEM for security monitoring
Azure Network Watcher	Network diagnostics and monitoring

How They Relate

                     Azure Monitor (unified platform)
                     /            |             \
              Metrics          Logs           Traces
               |                |                |
        Metrics Explorer   Log Analytics   Application Insights
               |                |                |
            Alerts          Workbooks        App Map

Azure Monitor sits at the centre. It ingests data from virtually every Azure resource and provides the foundation for alerting, visualisation, and analysis.

---

Key Concepts

Telemetry Types

Azure Monitor collects three types of telemetry:

Type	Description	Examples
Metrics	Numerical time-series data collected at regular intervals	CPU percentage, memory usage, request count
Logs	Timestamped event records with structured or unstructured data	Application errors, audit events, diagnostic output
Traces	Records of a request's path through distributed services	End-to-end transaction flow across microservices

Data Sinks

Telemetry data flows into specific destinations:

Destination	Data Type	Retention
Azure Monitor Metrics	Platform and custom metrics	93 days (standard)
Log Analytics Workspace	Logs and traces	Configurable (30 days to 2 years+)
Storage Account	Archived logs and metrics	Unlimited (you manage lifecycle)
Event Hubs	Streaming telemetry to external systems	Real-time

Resource Providers and Diagnostic Settings

Every Azure resource type exposes telemetry through its resource provider. To route this telemetry to Log Analytics, a storage account, or Event Hubs, you configure diagnostic settings:

# Enable diagnostic settings for a storage account
az monitor diagnostic-settings create \
  --name "send-to-log-analytics" \
  --resource /subscriptions/<sub>/resourceGroups/<rg>/providers/Microsoft.Storage/storageAccounts/<account> \
  --workspace /subscriptions/<sub>/resourceGroups/<rg>/providers/Microsoft.OperationalInsights/workspaces/<workspace> \
  --logs '[{"category": "StorageRead", "enabled": true}]' \
  --metrics '[{"category": "Transaction", "enabled": true}]'

---

Azure Service Health

Azure Service Health keeps you informed about the status of Azure services that affect your resources:

Feature	Description
Service issues	Active problems affecting Azure services in your regions
Planned maintenance	Upcoming maintenance that may impact your resources
Health advisories	Changes in Azure services that require your attention
Health history	A 90-day record of past incidents

You can configure Service Health alerts to be notified when issues affect the specific services and regions you use.

---

Azure Advisor

Azure Advisor is a free, personalised recommendation engine that analyses your resource configuration and usage:

Category	Example Recommendations
Reliability	Enable zone redundancy, configure backup policies
Security	Enable MFA, restrict public network access
Performance	Upgrade to Premium SSD, enable caching
Cost	Resize underutilised VMs, delete unused public IPs
Operational Excellence	Fix expiring certificates, enable diagnostic settings

Advisor recommendations are based on Microsoft best practices and are continuously updated as your resources change.

---

Monitoring Strategy

A well-designed monitoring strategy covers four layers:

1. Infrastructure Monitoring

Monitor the health of your Azure resources:

• Virtual machine CPU, memory, disk, and network
• App Service response times and error rates
• Database DTU/vCore utilisation and connection counts
• Storage account capacity and transaction rates

2. Application Monitoring

Monitor the behaviour of your applications:

• Request rates, response times, and failure rates
• Dependency call performance (databases, APIs, caches)
• Exception tracking with stack traces
• User experience metrics (page load time, availability)

3. Security Monitoring

Monitor for threats and compliance:

• Sign-in anomalies and failed authentication attempts
• Resource configuration changes
• Network traffic anomalies
• Compliance policy violations

4. Cost Monitoring

Monitor spending and optimise costs:

• Daily and monthly spending trends
• Budget alerts when approaching limits
• Resource utilisation for right-sizing opportunities
• Advisor cost recommendations

---

Getting Started

To begin monitoring an Azure environment:

1. Create a Log Analytics workspace — this is the central repository for log data
2. Enable diagnostic settings on your resources to send telemetry to the workspace
3. Configure Activity Log export to capture control-plane operations
4. Set up alerts for critical conditions (high CPU, failed deployments, security events)
5. Enable Application Insights for your web applications
6. Review Azure Advisor recommendations regularly

# Create a Log Analytics workspace
az monitor log-analytics workspace create \
  --resource-group rg-monitoring \
  --workspace-name law-production \
  --location uksouth \
  --retention-time 90

---

Summary

Azure provides a rich monitoring ecosystem centred on Azure Monitor. By collecting metrics, logs, and traces from your infrastructure and applications, you gain the visibility needed to detect issues, diagnose root causes, and optimise performance and cost. A good monitoring strategy covers infrastructure, application, security, and cost layers. In the next lesson, we will dive deep into Azure Monitor metrics and alerts — the foundation of proactive monitoring.