| title | description | services | documentationcenter | author | manager | editor | ms.assetid | ms.service | ms.devlang | ms.topic | ms.tgt_pltfrm | ms.workload | ms.date | ms.author |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Onboard Azure Monitor for VMs (Preview) | Microsoft Docs |
This article describes how you onboard and configure Azure Monitor for VMs so you can start understanding how your distributed application is performing and what health issues have been identified. |
azure-monitor |
mgoedtel |
carmonm |
azure-monitor |
na |
conceptual |
na |
infrastructure-services |
11/13/2018 |
magoedte |
This article describes how to set up Azure Monitor for VMs to monitor the operating system health of your Azure virtual machines and virtual machine scale sets, and virtual machines in your environment, including discovery and mapping of application dependencies that may be hosted on them.
Enabling Azure Monitor for VMs is accomplished by using one of the following methods, and details on using each method are provided later in the article.
- A single Azure virtual machine by selecting Insights (preview) directly from the VM.
- Multiple Azure VMs using Azure Policy to ensure existing and new VMs evaluated have the required dependencies installed and are properly configured. Non-compliant VMs are reported so you can decide based on what isn't compliant, how you want to remediate.
- Multiple Azure VMs or virtual machine scale sets across a specified subscription or resource group using PowerShell.
Before you start, make sure that you understand the following as described in the subsections below.
A Log Analytics workspace in the following regions is currently supported:
- West Central US
- East US
- West Europe
- Southeast Asia1
1 This region does not currently support the Health feature of Azure Monitor for VMs
Note
Azure virtual machines can be on-boarded from any region and are not limited to the supported regions for the Log Analytics workspace.
If you do not have a workspace, you can create it through Azure CLI, through PowerShell, in the Azure portal, or with Azure Resource Manager. If you are enabling monitoring for a single Azure VM from the Azure portal, you have the option to create a workspace during this process.
Enabling the solution for the at scale scenario first requires configuring the following in your Log Analytics workspace:
- Install the ServiceMap and InfrastructureInsights solutions. This can only be accomplished by using an Azure Resource Manager template provided in this article.
- Configure the Log Analytics workspace to collect performance counters.
To configure your workspace for the at scale scenario, see Setup Log Analytics workspace for the at scale deployment.
The following table lists the Windows and Linux operating systems that are supported with Azure Monitor for VMs. A full list detailing the major and minor Linux OS release and kernel versions supported are provided later in this section.
| OS version | Performance | Maps | Health |
|---|---|---|---|
| Windows Server 2016 1803 | X | X | X |
| Windows Server 2016 | X | X | X |
| Windows Server 2012 R2 | X | X | |
| Windows Server 2012 | X | X | |
| Windows Server 2008 R2 | X | X | |
| RHEL 7, 6 | X | X | X |
| Ubuntu 18.04, 16.04, 14.04 | X | X | X |
| Cent OS Linux 7, 6 | X | X | X |
| SLES 12 | X | X | X |
| Oracle Linux 7 | X1 | X | |
| Oracle Linux 6 | X | X | X |
| Debian 9.4, 8 | X1 | X |
1 The Performance feature of Azure Monitor for VMs is only available from Azure Monitor, it is not available when you access it from the left-hand pane of the Azure VM directly.
Note
The following information applies to support of the Linux operating system:
- Only default and SMP Linux kernel releases are supported.
- Nonstandard kernel releases, such as PAE and Xen, are not supported for any Linux distribution. For example, a system with the release string of "2.6.16.21-0.8-xen" is not supported.
- Custom kernels, including recompiles of standard kernels, are not supported.
- CentOSPlus kernel is not supported.
| OS version | Kernel version |
|---|---|
| 7.0 | 3.10.0-123 |
| 7.1 | 3.10.0-229 |
| 7.2 | 3.10.0-327 |
| 7.3 | 3.10.0-514 |
| 7.4 | 3.10.0-693 |
| 7.5 | 3.10.0-862 |
| OS version | Kernel version |
|---|---|
| 6.0 | 2.6.32-71 |
| 6.1 | 2.6.32-131 |
| 6.2 | 2.6.32-220 |
| 6.3 | 2.6.32-279 |
| 6.4 | 2.6.32-358 |
| 6.5 | 2.6.32-431 |
| 6.6 | 2.6.32-504 |
| 6.7 | 2.6.32-573 |
| 6.8 | 2.6.32-642 |
| 6.9 | 2.6.32-696 |
| OS version | Kernel version |
|---|---|
| Ubuntu 18.04 | kernel 4.15.* |
| Ubuntu 16.04.3 | kernel 4.15.* |
| 16.04 | 4.4.* 4.8.* 4.10.* 4.11.* 4.13.* |
| 14.04 | 3.13.* 4.4.* |
| OS version | Kernel version |
|---|---|
| 6.2 | Oracle 2.6.32-300 (UEK R1) |
| 6.3 | Oracle 2.6.39-200 (UEK R2) |
| 6.4 | Oracle 2.6.39-400 (UEK R2) |
| 6.5 | Oracle 2.6.39-400 (UEK R2 i386) |
| 6.6 | Oracle 2.6.39-400 (UEK R2 i386) |
| OS version | Kernel version |
|---|---|
| 5.10 | Oracle 2.6.39-400 (UEK R2) |
| 5.11 | Oracle 2.6.39-400 (UEK R2) |
| OS version | Kernel version |
|---|---|
| 12 SP2 | 4.4.* |
| 12 SP3 | 4.4.* |
Azure Monitor for VMs Map gets its data from the Microsoft Dependency agent. The Dependency agent relies on the Log Analytics agent for its connection to Log Analytics and therefore, a system must have the Log Analytics agent installed and configured with the Dependency agent. When you enable Azure Monitor for VMs for a single Azure VM or when using the methods for the at scale deployment, the Azure VM Dependency agent extension is used to install the agent as part of that onboarding experience. With a hybrid environment, the Dependency agent can be downloaded and installed manually or using an automated deployment method to those virtual machines hosted outside of Azure.
The following table describes the connected sources that the Map feature supports in a hybrid environment.
| Connected source | Supported | Description |
|---|---|---|
| Windows agents | Yes | In addition to the Log Analytics agent for Windows, Windows agents require the Microsoft Dependency agent. See the supported operating systems for a complete list of operating system versions. |
| Linux agents | Yes | In addition to the Log Analytics agent for Linux, Linux agents require the Microsoft Dependency agent. See the supported operating systems for a complete list of operating system versions. |
| System Center Operations Manager management group | No |
The Dependency agent can be downloaded from the following location.
| File | OS | Version | SHA-256 |
|---|---|---|---|
| InstallDependencyAgent-Windows.exe | Windows | 9.7.1 | 55030ABF553693D8B5112569FB2F97D7C54B66E9990014FC8CC43EFB70DE56C6 |
| InstallDependencyAgent-Linux64.bin | Linux | 9.7.1 | 43C75EF0D34471A0CBCE5E396FFEEF4329C9B5517266108FA5D6131A353D29FE |
The following access needs to be granted to your users in order to enable and access features in Azure Monitor for VMs.
-
To enable the solution, you need to be added as a member of the Log Analytics contributor role.
-
To view the performance, health, and map data, you need to added as a member of the Monitoring Reader role for the Azure VM and the Log Analytics workspace configured with Azure Monitor for VMs.
For more information about how to control access to a Log Analytics workspace, see Manage workspaces.
To enable monitoring of your Azure VM in the Azure portal, do the following:
-
Sign in to the Azure portal at https://portal.azure.com.
-
In the Azure portal, select Virtual Machines.
-
From the list, select a VM.
-
On the VM page, in the Monitoring section, select Insights (preview).
-
On the Insights (preview) page, select Try now.
-
On the Azure Monitor Insights Onboarding page, if you have an existing Log Analytics workspace in the same subscription, select it in the drop-down list. The list preselects the default workspace and location that the virtual machine is deployed to in the subscription.
[!NOTE] If you want to create a new Log Analytics workspace for storing the monitoring data from the VM, follow the instructions in Create a Log Analytics workspace in one of the supported regions listed earlier.
After you've enabled monitoring, it might take about 10 minutes before you can view health metrics for the virtual machine.
In this section instructions on how to perform the at scale deployment of Azure Monitor for VMs using either Azure Policy or with Azure PowerShell.
Summarized are the steps you need to perform to pre-configure your Log Analytics workspace before you can proceed with onboarding your virtual machines.
- Create a new workspace if one does not already exist that can be used to support Azure Monitor for VMs. Review Manage workspaces before creating a new workspace to understand the cost, management, and compliance considerations before proceeding.
- Enable performance counters in the workspace for collection on Linux and Windows VMs.
- Install and enable the ServiceMap and InfrastructureInsights solution in your workspace.
If you do not have a Log Analytics workspace, review the available methods suggested under the Prerequisites section to create one.
If the Log Analytics workspace referenced by the solution isn't configured to already collect the performance counters required by the solution, they will need to be enabled. This can be accomplished manually as described here, or by downloading and running a PowerShell script available from Azure Powershell Gallery.
This method includes a JSON template that specifies the configuration to enable the solution components to your Log Analytics workspace.
If you are unfamiliar with the concept of deploying resources by using a template, see:
- Deploy resources with Resource Manager templates and Azure PowerShell
- Deploy resources with Resource Manager templates and the Azure CLI
If you choose to use the Azure CLI, you first need to install and use the CLI locally. You must be running the Azure CLI version 2.0.27 or later. To identify your version, run az --version. If you need to install or upgrade the Azure CLI, see Install the Azure CLI.
-
Copy and paste the following JSON syntax into your file:
{ "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "WorkspaceName": { "type": "string" }, "WorkspaceLocation": { "type": "string" } }, "resources": [ { "apiVersion": "2017-03-15-preview", "type": "Microsoft.OperationalInsights/workspaces", "name": "[parameters('WorkspaceName')]", "location": "[parameters('WorkspaceLocation')]", "resources": [ { "apiVersion": "2015-11-01-preview", "location": "[parameters('WorkspaceLocation')]", "name": "[concat('ServiceMap', '(', parameters('WorkspaceName'),')')]", "type": "Microsoft.OperationsManagement/solutions", "dependsOn": [ "[concat('Microsoft.OperationalInsights/workspaces/', parameters('WorkspaceName'))]" ], "properties": { "workspaceResourceId": "[resourceId('Microsoft.OperationalInsights/workspaces/', parameters('WorkspaceName'))]" }, "plan": { "name": "[concat('ServiceMap', '(', parameters('WorkspaceName'),')')]", "publisher": "Microsoft", "product": "[Concat('OMSGallery/', 'ServiceMap')]", "promotionCode": "" } }, { "apiVersion": "2015-11-01-preview", "location": "[parameters('WorkspaceLocation')]", "name": "[concat('InfrastructureInsights', '(', parameters('WorkspaceName'),')')]", "type": "Microsoft.OperationsManagement/solutions", "dependsOn": [ "[concat('Microsoft.OperationalInsights/workspaces/', parameters('WorkspaceName'))]" ], "properties": { "workspaceResourceId": "[resourceId('Microsoft.OperationalInsights/workspaces/', parameters('WorkspaceName'))]" }, "plan": { "name": "[concat('InfrastructureInsights', '(', parameters('WorkspaceName'),')')]", "publisher": "Microsoft", "product": "[Concat('OMSGallery/', 'InfrastructureInsights')]", "promotionCode": "" } } ] } ] -
Save this file as installsolutionsforvminsights.json to a local folder.
-
Edit the values for WorkspaceName, ResourceGroupName, and WorkspaceLocation. The value for WorkspaceName is the full resource ID of your Log Analytics workspace, which includes the workspace name, and the value for WorkspaceLocation is the region the workspace is defined in.
-
You are ready to deploy this template using the following PowerShell command:
New-AzureRmResourceGroupDeployment -Name DeploySolutions -TemplateFile InstallSolutionsForVMInsights.json -ResourceGroupName ResourceGroupName> -WorkspaceName <WorkspaceName> -WorkspaceLocation <WorkspaceLocation - example: eastus>
The configuration change can take a few minutes to complete. When it's completed, a message is displayed that's similar to the following and includes the result:
provisioningState : Succeeded
To enable Azure Monitor for VMs at scale that ensures consistent compliance and automatic enablement for new VMs provisioned, Azure Policy is recommended. These policies:
- Deploy Log Analytics agent and Dependency agent
- Report on compliance results
- Remediate for non-compliant VMs
Enable Azure Monitor for VMs via policy to your tenant requires:
- Assign the initiative to a scope – management group, subscription, or resource group
- Review and remediation of compliance results
For more information on Azure Policy assignment, see Azure Policy overview and review the overview of management groups before continuing.
The following table lists the policy definitions provided.
| Name | Description | Type |
|---|---|---|
| [Preview]: Enable Azure Monitor for VMs | Enable Azure Monitor for the Virtual Machines (VMs) in the specified scope (Management group, subscription, or resource group). Takes Log Analytics workspace as parameter. | Initiative |
| [Preview]: Audit Dependency Agent Deployment – VM Image (OS) unlisted | Reports VMs as non-compliant if the VM Image (OS) is not in the list defined and the agent is not installed. | Policy |
| [Preview]: Audit Log Analytics Agent Deployment – VM Image (OS) unlisted | Reports VMs as non-compliant if the VM Image (OS) is not in the list defined and the agent is not installed. | Policy |
| [Preview]: Deploy Dependency Agent for Linux VMs | Deploy Dependency Agent for Linux VMs if the VM Image (OS) is in the list defined and the agent is not installed. | Policy |
| [Preview]: Deploy Dependency Agent for Windows VMs | Deploy Dependency Agent for Windows VMs if the VM Image (OS) is in the list defined and the agent is not installed. | Policy |
| [Preview]: Deploy Log Analytics Agent for Linux VMs | Deploy Log Analytics Agent for Linux VMs if the VM Image (OS) is in the list defined and the agent is not installed. | Policy |
| [Preview]: Deploy Log Analytics Agent for Windows VMs | Deploy Log Analytics Agent for Windows VMs if the VM Image (OS) is in the list defined and the agent is not installed. | Policy |
Stand-alone policy (Not included with the initiative)
| Name | Description | Type |
|---|---|---|
| [Preview]: Audit Log Analytics Workspace for VM - Report Mismatch | Report VMs as non-compliant if they are not logging to the LA workspace specified in the policy/initiative assignment. | Policy |
With this initial release, you can only create the policy assignment from the Azure portal. To understand how to complete these steps, see Create a policy assignment from the Azure portal.
-
Launch the Azure Policy service in the Azure portal by clicking All services, then searching for and selecting Policy.
-
Select Assignments on the left side of the Azure Policy page. An assignment is a policy that has been assigned to take place within a specific scope.
-
Select Assign Initiative from the top of the Policy - Assignments page.
-
On the Assign Initiative page, select the Scope by clicking the ellipsis and select either a management group, or subscription and optionally a resource group. A scope limits the policy assignment in our case to a grouping of virtual machines for enforcement. Click Select at the bottom of the Scope page to save your changes.
-
Exclusions allow you to omit one or more resources from the scope, which is optional.
-
Select the Initiative definition ellipsis to open the list of available definitions and select [Preview] Enable Azure Monitor for VMs from the list, and then click Select.
-
The Assignment name is automatically populated with the initiative name you selected, but you can change it. You can also add an optional Description. Assigned by is automatically populated based on who is logged in, and this field is optional.
-
Select a Log Analytics workspace from the dropdown list that is available in the supported region.
[!NOTE] If the workspace is outside of the scope of the assignment, you must grant Log Analytics Contributor permissions to the policy assignment's Principal ID. If you don't do this you may see a deployment failure such as:
The client '343de0fe-e724-46b8-b1fb-97090f7054ed' with object id '343de0fe-e724-46b8-b1fb-97090f7054ed' does not have authorization to perform action 'microsoft.operationalinsights/workspaces/read' over scope ...Review how to manually configure the managed identity to grant access. -
Notice the Managed Identity option is checked. This is checked when the initiative being assigned includes a policy with the deployIfNotExists effect. From the Manage Identity location dropdown list, select the appropriate region.
-
Click Assign.
You can learn how to review compliance results by reading identify non-compliance results. Select Compliance in the left side of the page and locate the [Preview] Enable Azure Monitor for VMs initiative that are not compliant per the assignment you created.
Based on the results of the policies included with the initiative, VMs are reported as non-compliant in following scenarios:
-
Log Analytics or Dependency Agent is not deployed.
This is typical for a scope with existing VMs. To mitigate it, create remediation tasks on a non-compliant policy to deploy the required agents.- [Preview]: Deploy Dependency Agent for Linux VMs
- [Preview]: Deploy Dependency Agent for Windows VMs
- [Preview]: Deploy Log Analytics Agent for Linux VMs
- [Preview]: Deploy Log Analytics Agent for Windows VMs
-
VM Image (OS) is not in the list identified in policy definition.
Criteria of the deployment policy only includes VMs that are deployed from well-known Azure VM images. Check the documentation if the VM OS is supported or not. If it is not, then you need to duplicate the deployment policy and update/modify it to make the image compliant.- [Preview]: Audit Dependency Agent Deployment – VM Image (OS) unlisted
- [Preview]: Audit Log Analytics Agent Deployment – VM Image (OS) unlisted
-
VMs are not logging to the specified LA workspace.
It is possible that some VMs in the initiative scope are logging to a LA workspace different from the once specified in policy assignment. This policy is a tool to identify which VMs are reporting to a non-compliant workspace.- [Preview]: Audit Log Analytics Workspace for VM - Report Mismatch
To enable Azure Monitor for VMs for multiple VMs or virtual machine scale sets, you can use a provided PowerShell script - Install-VMInsights.ps1 available from the Azure PowerShell Gallery to complete this task. This script will iterate through every virtual machine and virtual machine scale set in your subscription, in the scoped resource group specified by ResourceGroup, or to a single VM or virtual machine scale set specified by Name. For each VM or virtual machine scale set, the script verifies if the VM extension is already installed, and if not attempt to reinstall it. Otherwise, it proceeds to install the Log Analytics and Dependency Agent VM extensions.
This script requires Azure PowerShell module version 5.7.0 or later. Run Get-Module -ListAvailable AzureRM to find the version. If you need to upgrade, see Install Azure PowerShell module. If you are running PowerShell locally, you also need to run Connect-AzureRmAccount to create a connection with Azure.
To get help about the script, you can run Get-Help to get a list of argument details and example usage.
Get-Help .\Install-VMInsights.ps1 -Detailed
SYNOPSIS
This script installs VM extensions for Log Analytics and Dependency Agent as needed for VM Insights.
SYNTAX
.\Install-VMInsights.ps1 [-WorkspaceId] <String> [-WorkspaceKey] <String> [-SubscriptionId] <String> [[-ResourceGroup]
<String>] [[-Name] <String>] [[-PolicyAssignmentName] <String>] [-ReInstall] [-TriggerVmssManualVMUpdate] [-Approve] [-WorkspaceRegion] <String>
[-WhatIf] [-Confirm] [<CommonParameters>]
DESCRIPTION
This script installs or re-configures following on VM's and VM Scale Sets:
- Log Analytics VM Extension configured to supplied Log Analytics Workspace
- Dependency Agent VM Extension
Can be applied to:
- Subscription
- Resource Group in a Subscription
- Specific VM/VM Scale Set
- Compliance results of a policy for a VM or VM Extension
Script will show you list of VM's/VM Scale Sets that will apply to and let you confirm to continue.
Use -Approve switch to run without prompting, if all required parameters are provided.
If the extensions are already installed will not install again.
Use -ReInstall switch if you need to for example update the workspace.
Use -WhatIf if you would like to see what would happen in terms of installs, what workspace configured to, and status of the extension.
PARAMETERS
-WorkspaceId <String>
Log Analytics WorkspaceID (GUID) for the data to be sent to
-WorkspaceKey <String>
Log Analytics Workspace primary or secondary key
-SubscriptionId <String>
SubscriptionId for the VMs/VM Scale Sets
If using PolicyAssignmentName parameter, subscription that VM's are in
-ResourceGroup <String>
<Optional> Resource Group to which the VMs or VM Scale Sets belong to
-Name <String>
<Optional> To install to a single VM/VM Scale Set
-PolicyAssignmentName <String>
<Optional> Take the input VM's to operate on as the Compliance results from this Assignment
If specified will only take from this source.
-ReInstall [<SwitchParameter>]
<Optional> If VM/VM Scale Set is already configured for a different workspace, set this to change to the new workspace
-TriggerVmssManualVMUpdate [<SwitchParameter>]
<Optional> Set this flag to trigger update of VM instances in a scale set whose upgrade policy is set to Manual
-Approve [<SwitchParameter>]
<Optional> Gives the approval for the installation to start with no confirmation prompt for the listed VM's/VM Scale Sets
-WorkspaceRegion <String>
Region the Log Analytics Workspace is in
Suported values: "East US","eastus","Southeast Asia","southeastasia","West Central US","westcentralus","West Europe","westeurope"
For Health supported is: "East US","eastus","West Central US","westcentralus"
-WhatIf [<SwitchParameter>]
<Optional> See what would happen in terms of installs.
If extension is already installed will show what workspace is currently configured, and status of the VM extension
-Confirm [<SwitchParameter>]
<Optional> Confirm every action
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
-------------------------- EXAMPLE 1 --------------------------
.\Install-VMInsights.ps1 -WorkspaceRegion eastus -WorkspaceId <WorkspaceId>-WorkspaceKey <WorkspaceKey> -SubscriptionId <SubscriptionId>
-ResourceGroup <ResourceGroup>
Install for all VM's in a Resource Group in a subscription
-------------------------- EXAMPLE 2 --------------------------
.\Install-VMInsights.ps1 -WorkspaceRegion eastus -WorkspaceId <WorkspaceId>-WorkspaceKey <WorkspaceKey> -SubscriptionId <SubscriptionId>
-ResourceGroup <ResourceGroup> -ReInstall
Specify to ReInstall extensions even if already installed, for example to update to a different workspace
-------------------------- EXAMPLE 3 --------------------------
.\Install-VMInsights.ps1 -WorkspaceRegion eastus -WorkspaceId <WorkspaceId>-WorkspaceKey <WorkspaceKey> -SubscriptionId <SubscriptionId>
-PolicyAssignmentName a4f79f8ce891455198c08736 -ReInstall
Specify to use a PolicyAssignmentName for source, and to ReInstall (move to a new workspace)The following example demonstrates using the PowerShell commands in the folder to enable Azure Monitor for VMs and understand the expected output:
$WorkspaceId = "<GUID>"
$WorkspaceKey = "<Key>"
$SubscriptionId = "<GUID>"
.\Install-VMInsights.ps1 -WorkspaceId $WorkspaceId -WorkspaceKey $WorkspaceKey -SubscriptionId $SubscriptionId -WorkspaceRegion eastus
Getting list of VM's or VM ScaleSets matching criteria specified
VM's or VM ScaleSets matching criteria:
db-ws-1 VM running
db-ws2012 VM running
This operation will install the Log Analytics and Dependency Agent extensions on above 2 VM's or VM Scale Sets.
VM's in a non-running state will be skipped.
Extension will not be re-installed if already installed. Use -ReInstall if desired, for example to update workspace
Confirm
Continue?
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
db-ws-1 : Deploying DependencyAgentWindows with name DAExtension
db-ws-1 : Successfully deployed DependencyAgentWindows
db-ws-1 : Deploying MicrosoftMonitoringAgent with name MMAExtension
db-ws-1 : Successfully deployed MicrosoftMonitoringAgent
db-ws2012 : Deploying DependencyAgentWindows with name DAExtension
db-ws2012 : Successfully deployed DependencyAgentWindows
db-ws2012 : Deploying MicrosoftMonitoringAgent with name MMAExtension
db-ws2012 : Successfully deployed MicrosoftMonitoringAgent
Summary:
Already Onboarded: (0)
Succeeded: (4)
db-ws-1 : Successfully deployed DependencyAgentWindows
db-ws-1 : Successfully deployed MicrosoftMonitoringAgent
db-ws2012 : Successfully deployed DependencyAgentWindows
db-ws2012 : Successfully deployed MicrosoftMonitoringAgent
Connected to different workspace: (0)
Not running - start VM to configure: (0)
Failed: (0)This section explains how to onboard virtual machines or physical computers hosted in your datacenter or other cloud environment for monitoring by Azure Monitor for VMs.
The Azure Monitor for VMs Map Dependency agent does not transmit any data itself, and it does not require any changes to firewalls or ports. The map data is always transmitted by the Log Analytics agent to the Azure Monitor service, either directly or through the OMS Gateway if your IT security policies do not allow computers on the network to connect to the Internet.
Review the requirements and deployment methods for the Log Analytics Linux and Windows agent.
[!INCLUDE log-analytics-agent-note]
Summarized steps:
- Install Log Analytics Agent for Windows or Linux
- Download and install Azure Monitor for VMs Map Dependency agent for Windows or Linux.
- Enable collection of performance counters
- Onboard Azure Monitor for VMs
The Dependency agent can be installed manually on Windows computers by running InstallDependencyAgent-Windows.exe. If you run this executable file without any options, it starts a setup wizard that you can follow to install interactively.
Note
Administrator privileges are required to install or uninstall the agent.
The following table highlights the specific parameters supported by setup for the agent from the command line.
| Parameter | Description |
|---|---|
| /? | Returns a list of the command-line options. |
| /S | Perform a silent installation with no user interaction. |
For example, to run the installation program with the /? parameter, type InstallDependencyAgent-Windows.exe /?
Files for the Windows Dependency agent are installed in C:\Program Files\Microsoft Dependency Agent by default. If the Dependency agent fails to start after setup is complete, check the logs for detailed error information. The log directory is %Programfiles%\Microsoft Dependency Agent\logs.
The Dependency agent is installed on Linux servers from InstallDependencyAgent-Linux64.bin, a shell script with a self-extracting binary. You can run the file by using sh or add execute permissions to the file itself.
Note
Root access is required to install or configure the agent.
| Parameter | Description |
|---|---|
| -help | Get a list of the command-line options. |
| -s | Perform a silent installation with no user prompts. |
| --check | Check permissions and the operating system but do not install the agent. |
For example, to run the installation program with the -help parameter, type InstallDependencyAgent-Linux64.bin -help.
Install the Linux Dependency agent as root by running the following command, sh InstallDependencyAgent-Linux64.bin
If the Dependency agent fails to start, check the logs for detailed error information. On Linux agents, the log directory is /var/opt/microsoft/dependency-agent/log.
Files for the Dependency agent are placed in the following directories:
| Files | Location |
|---|---|
| Core files | /opt/microsoft/dependency-agent |
| Log files | /var/opt/microsoft/dependency-agent/log |
| Config files | /etc/opt/microsoft/dependency-agent/config |
| Service executable files | /opt/microsoft/dependency-agent/bin/microsoft-dependency-agent /opt/microsoft/dependency-agent/bin/microsoft-dependency-agent-manager |
| Binary storage files | /var/opt/microsoft/dependency-agent/storage |
If the Log Analytics workspace referenced by the solution isn't configured to already collect the performance counters required by the solution, they will need to be enabled. This can be accomplished manually as described here, or by downloading and running a PowerShell script available from Azure Powershell Gallery.
This method includes a JSON template that specifies the configuration to enable the solution components to your Log Analytics workspace.
If you are unfamiliar with the concept of deploying resources by using a template, see:
- Deploy resources with Resource Manager templates and Azure PowerShell
- Deploy resources with Resource Manager templates and the Azure CLI
If you choose to use the Azure CLI, you first need to install and use the CLI locally. You must be running the Azure CLI version 2.0.27 or later. To identify your version, run az --version. If you need to install or upgrade the Azure CLI, see Install the Azure CLI.
-
Copy and paste the following JSON syntax into your file:
{ "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "WorkspaceName": { "type": "string" }, "WorkspaceLocation": { "type": "string" } }, "resources": [ { "apiVersion": "2017-03-15-preview", "type": "Microsoft.OperationalInsights/workspaces", "name": "[parameters('WorkspaceName')]", "location": "[parameters('WorkspaceLocation')]", "resources": [ { "apiVersion": "2015-11-01-preview", "location": "[parameters('WorkspaceLocation')]", "name": "[concat('ServiceMap', '(', parameters('WorkspaceName'),')')]", "type": "Microsoft.OperationsManagement/solutions", "dependsOn": [ "[concat('Microsoft.OperationalInsights/workspaces/', parameters('WorkspaceName'))]" ], "properties": { "workspaceResourceId": "[resourceId('Microsoft.OperationalInsights/workspaces/', parameters('WorkspaceName'))]" }, "plan": { "name": "[concat('ServiceMap', '(', parameters('WorkspaceName'),')')]", "publisher": "Microsoft", "product": "[Concat('OMSGallery/', 'ServiceMap')]", "promotionCode": "" } }, { "apiVersion": "2015-11-01-preview", "location": "[parameters('WorkspaceLocation')]", "name": "[concat('InfrastructureInsights', '(', parameters('WorkspaceName'),')')]", "type": "Microsoft.OperationsManagement/solutions", "dependsOn": [ "[concat('Microsoft.OperationalInsights/workspaces/', parameters('WorkspaceName'))]" ], "properties": { "workspaceResourceId": "[resourceId('Microsoft.OperationalInsights/workspaces/', parameters('WorkspaceName'))]" }, "plan": { "name": "[concat('InfrastructureInsights', '(', parameters('WorkspaceName'),')')]", "publisher": "Microsoft", "product": "[Concat('OMSGallery/', 'InfrastructureInsights')]", "promotionCode": "" } } ] } ] -
Save this file as installsolutionsforvminsights.json to a local folder.
-
Edit the values for WorkspaceName, ResourceGroupName, and WorkspaceLocation. The value for WorkspaceName is the full resource ID of your Log Analytics workspace, which includes the workspace name, and the value for WorkspaceLocation is the region the workspace is defined in.
-
You are ready to deploy this template using the following PowerShell command:
New-AzureRmResourceGroupDeployment -Name DeploySolutions -TemplateFile InstallSolutionsForVMInsights.json -ResourceGroupName ResourceGroupName> -WorkspaceName <WorkspaceName> -WorkspaceLocation <WorkspaceLocation - example: eastus>
The configuration change can take a few minutes to complete. When it's completed, a message is displayed that's similar to the following and includes the result:
provisioningState : Succeeded
After you've enabled monitoring, it might take about 10 minutes before you can view health state and metrics for the hybrid computer.
Azure Monitor for VMs configures a Log Analytics Workspace to collect performance counters used by the solution. The following table lists the objects and counters configured by the solution that are collected every 60 seconds.
| Object name | Counter name |
|---|---|
| LogicalDisk | % Free Space |
| LogicalDisk | Avg. Disk sec/Read |
| LogicalDisk | Avg. Disk sec/Transfer |
| LogicalDisk | Avg. Disk sec/Write |
| LogicalDisk | Disk Bytes/sec |
| LogicalDisk | Disk Read Bytes/sec |
| LogicalDisk | Disk Reads/sec |
| LogicalDisk | Disk Transfers/sec |
| LogicalDisk | Disk Write Bytes/sec |
| LogicalDisk | Disk Writes/sec |
| LogicalDisk | Free Megabytes |
| Memory | Available MBytes |
| Network Adapter | Bytes Received/sec |
| Network Adapter | Bytes Sent/sec |
| Processor | % Processor Time |
| Object name | Counter name |
|---|---|
| Logical Disk | % Used Space |
| Logical Disk | Disk Read Bytes/sec |
| Logical Disk | Disk Reads/sec |
| Logical Disk | Disk Transfers/sec |
| Logical Disk | Disk Write Bytes/sec |
| Logical Disk | Disk Writes/sec |
| Logical Disk | Free Megabytes |
| Logical Disk | Logical Disk Bytes/sec |
| Memory | Available MBytes Memory |
| Network | Total Bytes Received |
| Network | Total Bytes Transmitted |
| Processor | % Processor Time |
Microsoft automatically collects usage and performance data through your use of the Azure Monitor service. Microsoft uses this data to provide and improve the quality, security, and integrity of the service. To provide accurate and efficient troubleshooting capabilities, data from the Map feature includes information about the configuration of your software, such as operating system and version, IP address, DNS name, and workstation name. Microsoft does not collect names, addresses, or other contact information.
For more information about data collection and usage, see the Microsoft Online Services Privacy Statement.
[!INCLUDE GDPR-related guidance]
With monitoring enabled for your virtual machine, this information is available for analysis with Azure Monitor for VMs. To learn how to use the Health feature, see View Azure Monitor for VMs Health, or to view discovered application dependencies, see View Azure Monitor for VMs Map.