Azure Monitor and Log Analytics

Learn how to gather, visualize, and analyze data with Azure Monitor and how to analyze logs with Log Analytics.

We'll cover the following

Cybersecurity threats have become more prevalent and sophisticated as organizations embrace the digital age. As a result, organizations are investing in security solutions to detect and prevent these threats. Azure Monitor is one solution that provides robust monitoring capabilities to help organizations stay on top of their security posture.

Unlike Microsoft Defender for Cloud, which goes beyond mere monitoring and actively identifies and safeguards the cloud resources from potential threats, Azure Monitor is only a comprehensive monitoring tool that enables users to collect, analyze, and act on telemetry data from various sources across an organization’s infrastructure. This includes cloud resources like virtual machines, databases, and applications and on-premises resources like servers and network devices. With Azure Monitor, users can set up alerts for different activities, such as failed logins or unauthorized access attempts, enabling them to take quick action when needed.

One key advantage of using Azure Monitor is its ability to integrate with other Microsoft security tools like Azure Security Center and Azure Sentinel.

Azure Monitor is a service that collects and analyzes telemetry data from Azure resources.

Data collection

Azure Monitor starts gathering data as we create our Azure subscription and add resources. The information is saved in the Azure Monitor activity logs as we add or alter resources. Azure Monitor collects the following data:

  • Metrics: Azure Monitor metrics store resource performance data and the number of resources consumed.

  • Logs: It collects detailed event information from various Azure services and applications.

We can increase the data we collect by enabling diagnostics and adding the Azure Monitor Agent to computing resources. We can collect data for the internal operation of the resources by expanding our data sources. We can specify different data sources in Azure Monitor Agent to collect logs and metrics from Windows and Linux guest operating systems. With the Data Collector API, Azure Monitor can gather log data from any REST client. The Data Collector API enables us to develop custom monitoring scenarios and expand monitoring to resources that do not expose data via other means.

Get hands-on with 1400+ tech skills courses.