AZ-900 Module 11: Describe monitoring tools in Azure


Justin Peterson

Securing Azure

Describe monitoring tools in Azure

This is what I learned:

  • Describe the purpose of Azure Advisor
  • Describe Azure Service Health
  • Describe Azure Monitor, including Log Analytics, Azure Monitor alerts, and Application Insights

Describe the purpose of Azure Advisor

Azure Advisor evaluates your Azure resources and makes recommendations to help improve reliability, security, and performance, achieve operational excellence, and reduce costs. Azure Advisor is designed to help you save time on cloud optimization. The recommendation service includes suggested actions you can take right away, postpone, or dismiss.

The recommendations are available via the Azure portal and the API, and you can set up notifications to alert you to new recommendations.

When you're in the Azure portal, the Advisor dashboard displays personalized recommendations for all your subscriptions. You can use filters to select recommendations for specific subscriptions, resource groups, or services. The recommendations are divided into five categories:

  • Reliability is used to ensure and improve the continuity of your business-critical applications.
  • Security is used to detect threats and vulnerabilities that might lead to security breaches.
  • Performance is used to improve the speed of your applications.
  • Operational Excellence is used to help you achieve process and workflow efficiency, resource manageability, and deployment best practices.
  • Cost is used to optimize and reduce your overall Azure spending.

Describe Azure Service Health

Microsoft Azure provides a global cloud solution to help you manage your infrastructure needs, reach your customers, innovate, and adapt rapidly. Knowing the status of the global Azure infrastructure and your individual resources may seem like a daunting task. Azure Service Health helps you keep track of Azure resource, both your specifically deployed resources and the overall status of Azure. Azure service health does this by combining three different Azure services:

  • Azure Status is a broad picture of the status of Azure globally. Azure status informs you of service outages in Azure on the Azure Status page. The page is a global view of the health of all Azure services across all Azure regions. It’s a good reference for incidents with widespread impact.
  • Service Health provides a narrower view of Azure services and regions. It focuses on the Azure services and regions you're using. This is the best place to look for service impacting communications about outages, planned maintenance activities, and other health advisories because the authenticated Service Health experience knows which services and resources you currently use. You can even set up Service Health alerts to notify you when service issues, planned maintenance, or other changes may affect the Azure services and regions you use.
  • Resource Health is a tailored view of your actual Azure resources. It provides information about the health of your individual cloud resources, such as a specific virtual machine instance. Using Azure Monitor, you can also configure alerts to notify you of availability changes to your cloud resources.

Describe Azure Monitor, including Log Analytics, Azure Monitor alerts, and Application Insights

Azure Monitor detects a threshold being crossed. You set the alert conditions, the notification actions, and then Azure Monitor Alerts notifies when an alert is triggered. Depending on your configuration, Azure Monitor Alerts can also attempt corrective action.

Log Analytics

Alerts can be set up to monitor the logs and trigger on certain log events, or they can be set to monitor metrics and trigger when certain metrics are crossed

Azure Monitor Alerts

Azure Monitor Alerts use action groups to configure who to notify and what action to take. An action group is simply a collection of notification and action preferences that you associate with one or multiple alerts. Azure Monitor, Service Health, and Azure Advisor all use actions groups to notify you when an alert has been triggered.

Application Insights

Application Insights, an Azure Monitor feature, monitors your web applications. Application Insights is capable of monitoring applications that are running in Azure, on-premises, or in a different cloud environment.


Securing Azure

Write-ups to share my knowledge as I continue my journey to become an Azure Security Engineer

Read more from Securing Azure

Justin Peterson Securing Azure Describe identity protection and governance capabilities of Microsoft Entra This is what I learned: Describe Azure distributed denial-of-service (DDoS) Protection Describe Azure Firewall Describe Web Application Firewall (WAF) Describe network segmentation with Azure virtual networks Describe network security groups (NSGs) Describe Azure Bastion Describe Azure Key Vault Describe Azure distributed denial-of-service (DDoS) Protection The aim of a Distributed...

Justin Peterson Securing Azure Describe identity protection and governance capabilities of Microsoft Entra This is what I learned: Describe Microsoft Entra ID Governance Describe access reviews Describe entitlement management Describe the capabilities of Microsoft Entra Privileged Identity Management Describe Microsoft Entra ID Protection Describe Microsoft Entra Permissions Management Describe Microsoft Entra Verified ID Describe Microsoft Entra integration with Microsoft Copilot for...

Justin Peterson Securing Azure Describe access management capabilities of Microsoft Entra ID This is what I learned: Describe Conditional Access Describe Global Secure Access in Microsoft Entra Describe Microsoft Entra roles and role-based access control (RBAC) Describe Conditional Access One of the main features of an identity platform is to verify, or authenticate, credentials when a user signs in to a device, application, or service. Microsoft Entra ID offers different methods of...