Contoso has a hybrid infrastructure: some workloads run as IaaS virtual machines in Azure, and others on Windows Server virtual machines in Contoso’s datacenters.
The process of monitoring on-premises Windows servers using Azure Monitor is almost identical to enabling monitoring on IaaS virtual machines.

Implement Azure Monitor in hybrid scenarios

To take advantage of Azure Monitor in hybrid scenarios, you must install the Log Analytics agent on your on-premises servers.
To perform this task, follow these steps:

1. On the target server, open the Azure portal.
2. From your Log Analytics workspace in the Azure portal, select Advanced settings.
3. Copy the WORKSPACE ID and PRIMARY KEY values (you will need them during installation).
4. In the details pane, select Download Windows agent (64-bit) or Download Windows agent (32-bit) as needed.
5. Then, run the file MMASetup-AMD64.exe and follow these instructions to install the agent:
   • On the Welcome page, select Next.
   • On the License Terms page, read the license agreement, then select I Agree.
   • On the Destination Folder page, change or keep the default installation folder, then select Next.
   • On the Agent Setup Options page, connect the agent to Azure Log Analytics, then select Next.
   • On the Azure Log Analytics page, do the following:
     • Paste the workspace ID and primary key (also called workspace key).
     • In the Azure Cloud list, select Azure Commercial or Azure US Government.
   • On the Ready to Install page, review your choices, then select Install.
   • On the Successfully Configured page, select Finish.

The Log Analytics agent is designed to facilitate monitoring and management integration in hybrid environments, including those managed by Operations Manager.
It also provides data used by other Azure services, such as Azure Security Center and Azure Automation.

The agent handles:

• Windows event logs
• Windows performance counters
• Logs based on specified files
• Logs associated with Azure Monitor
• Azure Automation monitoring and management solutions you enable

You can configure these settings by selecting Data on the Advanced settings page of the relevant Log Analytics workspace.

Some Azure Automation monitoring and management solutions, such as Update Management, rely exclusively on the Log Analytics agent.
Others, such as Change Tracking and Inventory, also require installing the Dependency agent.

The main purpose of the Dependency agent is to identify details and dependencies of processes hosted on managed servers and collect network-related metrics.

Log Analytics workspace

All data collected by Log Analytics and the Dependency agent is automatically sent to the designated Log Analytics workspace (ideally located in the region physically closest to your on-premises datacenter).

A workspace represents the administrative and security boundary of the Log Analytics environment.
It also defines the scope for data collection, analysis, and visualization.

Each workspace has a unique ID and is associated with a primary key and a secondary key that serve as authentication mechanisms.
You must know the ID and at least one of the two keys to associate a system with the workspace.

When configuring the Log Analytics workspace in Advanced settings, you can specify the types of data to collect.
This may include:

• Windows event logs
• Performance counters
• IIS (Internet Information Services) logs
• Custom logs

You also have the option to create computer groups.
Computer groups can serve as criteria in Log Analytics queries, allowing you to restrict the scope of results to a subset of servers based on their group membership.

Computer groups are based on information collected from target computers, including:

• Computers that are members of AD DS groups
• Windows Server Update Services (WSUS) groups
• Microsoft Endpoint Configuration Manager groups

For on-premises servers that you integrate with Azure Monitor, data is continuously collected by locally installed agents and then sent to a Log Analytics workspace in Azure Monitor.

You can add monitoring solutions to each workspace.
These solutions are the primary way to extend the core functionality of the service.
To leverage this extensibility, you add any available solution from Azure Marketplace to the workspace.

Some solutions can be enabled directly from the blades of the services that implement their main functionality.
For example, Update Management and Change Tracking and Inventory are part of the Azure Automation blade.

Azure Monitor monitoring solutions build on the core service functionality by implementing additional rules for log processing and analysis.
These rules allow useful insights to be derived from raw data collected from data sources.

Once data is sent to the Log Analytics workspace, the service processes its content by applying the logic defined by the solutions you have added to the workspace.

Windows Admin Center

You can also integrate Windows servers with Azure Monitor using Windows Admin Center.
Windows Admin Center simplifies implementation between the two by automatically creating a Log Analytics workspace (if none exists) and, if necessary, a corresponding Azure Automation account.

It also installs the Log Analytics agent and the Dependency agent on the target Windows server.
Additionally, Windows Admin Center enables by default the Azure Monitor for VMs solution, also called Virtual Machine Insights.

Integrating Windows servers with Azure Monitor via Windows Admin Center automatically enables the Infrastructure Insights and Dependency Map solutions.
These two solutions are collectively called Azure Monitor for VMs.

You use Windows Admin Center to enable Azure Update Management.
From Windows Admin Center, you can also configure alerts that apply to all servers connected to the same Log Analytics workspace.
To view and modify alert configuration, you can use the Azure portal.

Further reading

You can learn more by reviewing the following documents:

• Connect Windows computers to Azure Monitor

Next unit: Collect data from a Windows computer in a hybrid environment