Deploy and configure Azure Monitor

[Isaiah Izibili]

Introduction​

In today’s dynamic cloud environments, ensuring system health, performance, and security is critical for delivering seamless digital experiences. Azure Monitor provides a powerful, centralized platform for collecting, analyzing, and acting on telemetry data from applications, infrastructure, and network resources. By deploying and configuring Azure Monitor alongside Log Analytics, organizations can gain deep visibility into their cloud ecosystem, identify trends, and quickly address issues before they impact users.

This article provides a step-by-step guide to deploying and configuring Azure Monitor, setting up Log Analytics, monitoring web applications, tracking compute and networking services, and creating custom alerts. Whether you’re an IT administrator, DevOps engineer, or cloud enthusiast, these practices will help you implement a proactive monitoring strategy that supports business continuity and operational efficiency.

In this project, you’ll explore how to configure monitoring for workloads and infrastructure services using Azure Monitor. This article blends learning with hands-on practice, equipping you with practical skills to strengthen your cloud monitoring strategy.

By the end, you’ll be confident in:

• Deploying and configuring Log Analytics to centralize and analyze logs.
• Configuring monitoring for web applications to ensure performance and availability.
• Monitoring compute and networking services for health, traffic, and resource optimization.
• Configuring alerts to respond quickly to potential issues.

1. Prepare your Azure environment​

Prepare your bring-your-own-subscription (BYOS)
This set of lab exercises assumes that you have global administrator permissions to an Azure subscription.

1. In the Azure Portal Search Bar, enter Resource Groups and select Resource groups from the list of results.
2. On the Resource Groups page, select Create.
3. On the Create a Resource Group page, select your subscription and enter the name rg-alpha. Set the region to East US, choose Review + Create, and then choose Create.

[!NOTE] This set of exercises assumes that you choose to deploy in the East US Region, but you can change this to another region if you choose. Just remember that each time you see East US mentioned in these instructions you will need to substitute the region you have chosen.

Create App Log Examiners security group
In this exercise, you create an Entra ID security group.

1. In the Azure Portal Search Bar, enter Azure Active Directory (or Entra ID) from the list of results.
2. On the Default Directory page, select Groups.

3. On the Groups page, choose New Group.
4. On the New Group page, provide the values in the following table and choose Create.

Property : Value
Group type : Security
Group name : App Log Examiners
Group description : App Log Examiners

Deploy and configure WS-VM1
In this exercise, you deploy and configure a Windows Server virtual machine.

1. In the Azure Portal Search Bar, enter Virtual Machines and select Virtual Machines from the list of results.
2. On the Virtual Machines page, choose Create and select Azure Virtual Machine.

3. On the Basics page of the Create A Virtual Machine wizard, select the following settings and then choose Review + Create.









4. Review the settings and select Create.
5. Wait for the deployment to complete. Once deployment completes choose Go to resource.
6. On the WS-VM1 properties page, choose Networking.
7. On the Networking page, select the RDP rule.
8. On the RDP rule space, change the Source to My IP address and choose Save.
This restricts incoming RDP connections to the IP address you’re currently using.



9. On the Networking page, choose Add inbound port rule.
10. On the Add inbound security rule page, configure the following settings and choose Add.







11. On the WS-VM1 page, choose Connect.
12. Under Native RDP, choose Select.



13. On the Native RDP page, choose Download RDP file and then open the file.
Opening the RDP file opens the Remote Desktop Connection dialog box.
14. On the Windows Security dialog box, choose More Choices and then choose Use a different account.
15. Enter the username as .\prime and the password as the secure password you chose in Step 3, and choose OK.



16. When signed into the Windows Server virtual machine, right-click on the Start hint and then choose Windows PowerShell (Admin).



17. At the elevated command prompt, type the following command and press Enter. Install-WindowsFeature Web-Server -IncludeAllSubFeature -IncludeManagementTools
18. When the installation completes run the following command to change to the web server root directory. cd c:\inetpub\wwwroot_
_19. Run the following command. Wget https://raw.githubusercontent.com/Azure-Samples/html-docs-hello-world/master/index.html -OutFile index.html



Deploy and configure LX-VM2
In this exercise you deploy and configure a Linux virtual machine.

1. In the Azure Portal Search Bar, enter Virtual Machines and select Virtual Machines from the list of results.
2. On the Virtual Machines page, choose Create and select Azure Virtual Machine.

3. On the Basics page of the Create A Virtual Machine wizard, select the following settings and then choose Review + Create.





4. Review the information and choose Create.
5. After the VM deploys, open the VM properties page and choose Extensions + Applications under Settings.
6. Choose Add and select the Network Watcher Agent for Linux. Choose Next and then choose Review and Create. Choose Create.





7. Configure the AzureNetworkWatcherExtension and the OmsAgentForLinux extension so that they automatically upgrade.



Deploy a web app with an SQL Database

1. Ensure that you’re signed into the Azure Portal.
2. In your browser, open a new browser tab and navigate to https://github.com/Azure/azure-quic...uickstarts/microsoft.web/web-app-sql-database 3. On the GitHub page, choose Deploy to Azure. 4. A new tab opens. If necessary, re-sign into Azure with the account that has Global Administrator privileges. 5. On the Basics page, select Edit template.

1. In the template editor, delete the contents of lines 158 to 174 inclusive and delete the “,” on line 157. Choose Save.

1. On the Basics page, provide the following information and choose Next.

8. Review the information presented and select Create.


9. After the deployment completes, choose Go to resource group.

Deploy a Linux web app

1. Ensure that you’re signed into the Azure Portal.
2. In your browser, open a new browser tab and navigate to https://learn.microsoft.com/en-us/samples/azure/azure-quickstart-templates/webapp-basic-linux/
3. On the GitHub page, choose Deploy to Azure.

1. On the Basics page, provide the following information and choose Next.

5. Review the information and choose Create.

2.Deploy Log Analytics​

Task 1: Create a Log Analytics workspace

1. In the Azure Portal Search Bar, enter Log Analytics and select Log Analytics workspaces from the list of results.

1. On the Log Analytics workspaces page, choose Create.
2. On the Basics page of the Create Log Analytics workspace wizard, provide the following information and choose Review + Create.

4. Review the information and choose Create.



Task2: Configure Log Analytics data retention and archive policies

1. In the Azure Portal Search Bar, enter Log Analytics and select Log Analytics workspaces from the list of results.
2. On the Log Analytics workspaces page, choose LogAnalytics1.
3. On the Log Analytics workspace page for LogAnalytics1, choose Usage and estimated costs.
4. Select Data Retention and set the slider to 60 days. Choose OK.

1. On the Log Analytics workspace page for LogAnalytics1, choose Usage and estimated costs.
2. Select Daily cap. Choose On. Set the daily cap to 10 GB and choose OK.

Task3: Enable access to a Log Analytics workspace

1. In the Azure Portal Search Bar, enter Log Analytics and select Log Analytics workspaces from the list of results.
2. On the Log Analytics workspaces page, choose LogAnalytics1.
3. Select Access control (IAM).

1. Choose Add and then choose Add role assignment.
2. On the list of roles, select Log Analytics Reader and choose Next.

1. On the Members page, choose Select Members and choose the App Log Examiners security group. Choose Select.
2. On the Members space, choose Review + Assign.

3. Monitor web apps

Task1: Enable Application Insights

1. In the Azure Portal Search Bar, enter rg-alpha and select rg-alpha from the list of results.
2. From the list of items in the resource group, choose App Services for the Web App with an SQL Database.
3. Under Settings choose Application Insights.
4. On the Application Insights page, choose Turn On Application Insights.

1. On the Application Insights page, ensure that Create a new resource is selected and that the Log Analytics Workspace is set to LogAnalytics1 and choose Apply.

1. On the Apply monitoring settings dialog, choose Yes.

Tast2: Disable logging for .NET core snapshot debugger

1. In the Azure Portal Search Bar, enter rg-alpha and select rg-alpha from the list of results.
2. From the list of items in the resource group, choose App Services for the Web App with an SQL Database.
3. Under Settings choose Application Insights.

1. Under Instrument your application, choose .NET Core and then set the Snapshot Debugger setting to Off. Choose Apply.

1. On the Apply Monitoring Settings dialog box, choose Yes.

Task3: Configure web app HTTP logs to be written to a Log Analytics workspace

1. In the Azure Portal Search Bar, enter rg-alpha and select rg-alpha from the list of results.
2. From the list of items in the resource group, choose App Services for the Web App with an SQL Database.
3. Under Monitoring, choose Diagnostic settings.

1. On the Diagnostic settings page, select + Add diagnostic settings.
2. On the Diagnostic settings page, choose the following and select Save.

Task4: Configure SQL Insights data to be written to a Log Analytics workspace

1. In the Azure Portal Search Bar, enter rg-alpha and select rg-alpha from the list of results.
2. From the list of items in the resource group, choose the sample SQL database.
3. Under Monitoring, choose Diagnostic settings.

1. On the Diagnostic settings page, choose Add diagnostic setting.
2. On the Diagnostic setting page, provide the following information and choose Save.

Task5: Enable file and configuration change tracking for web apps

1. In the Azure Portal Search Bar, enter rg-alpha and select rg-alpha from the list of results.
2. From the list of items in the resource group, choose the AzureLinuxAppWXYZ-webapp.
3. Choose Diagnose and Solve Problems.
4. In the search dialog box, type Application Changes.

1. On the Change Analysis page, choose Configure.
2. On the Enable file and configuration change tracking page, change the Status slider to On and then choose Save.

4. Configure monitoring for compute services​

Task1: Create a data collection endpoint

1. In the Azure Portal Search Bar, enter Monitor and select Monitor from the list of results.
2. In the Monitor page, under Settings, choose Data Collection Endpoints.
3. On the Data Collection Endpoints page, choose Create.

1. On the Create Data Collection Endpoint page, provide the following settings and then choose Review + Create.
2. Review the settings and choose Create.

![form8](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/d37gnt4gsx0onei68yq5.png



Task 2: Create a data collection rule

1. In the Azure Portal Search Bar, enter Monitor and select Monitor from the list of results.
2. In the Monitor page, under Settings, choose Data Collection Rules.
3. On the Data Collection Rules page, choose Create.

1. On the Create Data Collection Rule page, configure the following settings and choose Next.

1. On the Resources page, choose Add Resources.

1. On the Select a scope page, enable the WS-VM1 checkbox and choose Apply.

7. On the Create Data Collection Rule page, choose Next.
8. On the Collect and Deliver page, choose Add data source.
9. On the Add data source page, select Windows Event Logs. In the Application category enable the Critical and Error categories. In the Security category, choose the Audit Failure category. In the System category, enable the Critical and Error categories.


10. Choose Next.
11. On the Destination page, configure the following settings:



12. Choose Add data source.
13. Choose Review + Create and then choose Create.



Task3: Add an IIS log collection to an existing data collection rule

1. In the Azure Portal Search Bar, enter Monitor and select Monitor from the list of results.
2. In the Monitor page, under Settings, choose Data Collection Rules.
3. Choose the WinVMDRC rule in rg-alpha.

1. Under Configuration, choose Data Sources.
2. On the Data Sources page, choose Add.
3. On the Add Data Source page, select IIS Logs.
4. Choose Next.

1. On the Destination page, configure the following settings:

9. Choose Add data source.



Task4: Configure Network Connection Monitor for a Linux IaaS virtual machine

1. In the Azure Portal Search Bar, enter Network Watcher and select Network Watcher from the list of results.

1. Under Monitoring, choose Connection Monitor.
2. On the Connection Monitor page, choose Create.
3. On the Basics page of the Create Connection Monitor wizard, provide the following information and choose Next.

5. On the Add test group details page, enter the name LinuxIPTest and choose Add sources.



6. On the Add Sources page, select Azure Endpoints and set the type to Virtual machines. Select Subnet and then enable the Linux-VM checkbox. Choose Add Endpoints.



7. Choose Add Test Configuration.
8. On the Add Test Configuration page, enter the name DefaultHTTP and then choose Add Test Configuration.



9. Choose Add Destinations. Select Azure Endpoints and set the type to Virtual machines. Select Subnet and then enable the WS-VM1 checkbox. Select Add Endpoints.



10. Choose Add Test Group.


11. Choose Review and Create and then choose Create.

5 Configure alerts​

Task1: Create an action group to send an email

1. In the Azure Portal Search Bar, enter Monitor and select Monitor from the list of results.
2. Select Alerts in the navigation menu.
3. Choose Action Groups.

4. On the Action Groups page, choose Create.
5. On the Basics page of the Create Action Group wizard, configure the following settings and choose Next.





6. On the Notifications page, set the notification type to Email/SMS message/Push/Voice and the Name to NotificationEmail. Choose the Edit (pencil) icon.
7. On the Email/SMS message/Push/Voice enable the email checkbox and enter the address [email protected]. Choose OK.
8. Choose Review and Create. Choose Create.



Task2: Create an alert for virtual machine CPU utilization

1. In the Azure Portal Search Bar, enter rg-alpha and select rg-alpha from the list of results.
2. From the list of items in the resource group, choose Linux-VM2.
3. On the Linux-VM2 properties page, choose Alerts under Monitoring.
4. On the Alerts page, choose Create and then choose Alert rule.

1. On the Condition page of the Create an Alert Rule wizard, set the Signal name to Percentage CPU. Use the default settings and choose Next.

1. On the Actions page, choose Select Action Group.
2. On the Select Action Groups page, choose NotifyCPU and choose Select.

1. On the Details page enter the Alert rule name HighCPU. Choose Review and Create and then choose Create.

Conclusion

Effective monitoring is a cornerstone of cloud success. By leveraging Azure Monitor’s integrated tools, IT teams can transform raw telemetry into actionable insights, ensuring that applications remain reliable, scalable, and secure. Configuring Log Analytics provides the foundation for deep analysis, while targeted monitoring of web apps, compute, and networking resources helps maintain optimal performance.

Implementing well-defined alerts ensures rapid response to potential issues, reducing downtime and improving user experience. With this deployment strategy, organizations can shift from reactive troubleshooting to proactive optimization—unlocking the full potential of Microsoft Azure’s cloud ecosystem.

Continue reading...

 

Join 𝕋𝕄𝕋 on Telegram
Channel PREVIEW: