Previous articles and discussion on how to use the resource usage Azure Monitor to collect monitoring service operational status and system together, to help us understand the system operating conditions. But surely we all know, we have a lot of work to be done, not 24 hours of staring at the monitor screen, so when we need to monitor the problem, by mail, SMS, telephone and other alarm mode to prompt us to deal with, so ensure the stable operation of the system. In Azure, we can use Alert to achieve this function.
In order to better use Alert, we need to know the following things:
Indicators alert and alarm logs
at Azure Monitor We have several types of alerts. Are indicators of alarm, alarm logs, activity logs alarms and change tracking alerts. Today we will discuss all major and two of the most basic type of alarm, that alarm indicators and alarm logs. Part of the alarm indicators may not use log analysis workspace (log search) can be created. That is, if there is no log analysis workspace (log search), we may not be able to create a "certain" indicators alert. For example, to issue an alert for virtual machine's memory, we need a log analysis workspace and use Perf related queries.
Log faster than the alarm indicators alert
the following query as an example: Perf | where CounterName == "% Committed Bytes In Use" and CounterValue > 90
on top of this query is used to check on the status of memory usage exceeds 90%, if we set the alert for this query, he will perform exactly the same with the alarm indicators operation, but because it is a log alerts, you need to collect relevant data and information search. Therefore, Zhejiang than the alarm set to measure the world's best slightly slower
The use of indicators dimension
when we set the alert in Azure, we need to determine the appropriate dimensions good. In this virtual machine, for example, we can choose for certain VM set an alarm, you can also choose to use "*" to set an alarm for all current computers and new computer work area.
Because we have a lot of indicators alert dimensions, so before the settings, you need to carefully view the contents, ensuring that the metrics we set is that we want to get reminded.
Some indicators marked in the figure below for Windows, and some indicators apply to Linux. For example, the percentage of memory available under Windows no counter.
Use Project on the log alert
Log in using the alarm, I strongly recommend you to friends using the project, using a project can limit the alerts sent only required field, which we will e-mail alerts based on very helpful, but also help us trigger LopicApps, Azure Functions and Azure Automation Runbook auto-repair operations group
, for example, we can use this query to query whether the background print service has stopped:
ConfigurationData
| where SvcName == "Spooler" and SvcState == "Stopped"
| project Computer, SvcName, SvcState, SvcDisplayName, TimeGeneratedCheck out the computer all the data I need to use the above statements, such as an alarm is triggered, the service name, service status, service display name and generation time. As it can be seen, sent by Project can talk about what we want the data to the action group
General alarm architecture
to create a common framework for the Metric alarm alerts between Log and Activity Log alerts, standardization, each alarm has its own templates and architecture.
If we create the Action Group, then we'll find the "Enable general alarm" button: