Azure Monitor is a core component of Microsoft’s strategy to extend full cloud-based monitoring capabilities beyond Azure to on-premises datacenters and non-Microsoft cloud providers. Customers like Contoso, who maintain on-premises infrastructure, can benefit from this functionality for tracking, auditing, or troubleshooting past events.

What is Azure Monitor?

You can use Azure Monitor to optimize the administration of your existing deployments and forecast capacity needs for future deployments. Azure Monitor offers three main capabilities, described in the following table:

Capability	Description
Monitoring and visualizing metrics	Metrics are numeric values representing the health state of monitored systems.
Querying and analyzing logs	Logs include activity, diagnostics, and telemetry. Their analysis provides deep insights into the health of monitored systems and facilitates troubleshooting.
Alerts and remediation	You can configure alerts and corrective actions to automatically trigger remediation measures when issues occur.

Azure Monitor provides targeted and in-depth monitoring capabilities through:

• Deep infrastructure monitoring: This category includes Log Analytics combined with monitoring solutions like Service Map, and network monitoring tools such as Network Watcher and ExpressRoute Monitor.
• Deep application monitoring: This category includes Application Insights, which enables monitoring of performance, availability, and usage of web applications, regardless of their location.

Infrastructure and application monitoring services share common features that enable a consistent approach to configuring alerts, including:

• Common action groups that define actions triggered by alerts and their recipients
• Custom dashboard design
• Metrics analysis using tools like Metrics Explorer or Microsoft Power BI

Azure Monitor supports collecting and monitoring metrics, activity and diagnostic logs, and events from a wide range of Azure services and computers located both in on-premises datacenters and with third-party cloud providers. It offers a quick way to assess your environment’s health via the Azure portal, presenting a summary of triggered alerts, logs, metrics, and application telemetry from Application Insights.

Additionally, Azure Monitor allows you to archive collected data in Azure Storage for long-term analysis or compliance purposes. You can also redirect data to Azure Stream Analytics or to third-party services via Azure Event Hubs. You configure and use alerts to:

• Trigger SMS or email notifications
• Trigger remediation actions implemented by Azure Logic Apps, Azure Functions, or a runbook in Azure Automation
• Create incidents or work items through integration between Azure Monitor and your internal IT service management (ITSM) platform

You can also store and analyze near real-time and historical data using Log Analytics. For on-premises computers and Azure virtual machines, this requires installing the Log Analytics agent and, in some cases, the Dependency agent. This agent-based approach enables monitoring of the operating system and its workloads using solutions based on Azure Automation or Azure Monitor, such as Update Management or Change Tracking and Inventory. You can also use Microsoft Defender for Cloud to identify vulnerabilities and potential threats.

Monitor virtual machines

Azure Monitor for virtual machines allows you to monitor your Windows Server IaaS VMs. But before you can enable and configure Azure Monitor for your IaaS VMs, you must ensure your environment meets the prerequisites described in the following table:

Requirement	Description
Log Analytics	You must configure a Log Analytics workspace and prepare it for Azure Monitor for VMs. Currently, Azure Monitor for VMs only supports Log Analytics workspaces in certain regions. You can learn more about supported regions in the Overview section for enabling Azure Monitor for VMs.
Supported Windows operating systems	Supported Windows operating systems include Windows Server 2008 R2 and later, as well as Windows 10 version 1803 and later. Azure Monitor for VMs can also monitor Linux VMs.
Dependency agent	This agent provides data to the Map feature in Azure Monitor for VMs and depends on the Log Analytics agent for its connection to Log Analytics. You must install the Log Analytics agent and configure it with the Dependency agent on all monitored VMs.
Security	To enable and access Azure Monitor for VMs features, you must have the Log Analytics Contributor role. To view performance, health, and mapping data, you must have the Monitoring Reader role for the Azure VM.

Procedure to enable monitoring for a single VM

To enable monitoring for a single virtual machine, follow these steps:

1. Sign in to the Azure portal, then select Virtual Machines.

2. If necessary, connect to your VM and install the Azure Monitor for VMs Dependency agent. You can download the agent here and install it by running the file InstallDependencyAgent-Windows.exe on your VM.

3. Select the appropriate VM, then under Monitoring, click Insights.

4. In the details pane, select Enable.

Review monitored data

After enabling Insights, you can monitor your virtual machine. In the Azure portal, go to the appropriate virtual machine and select it. Then, under Monitoring, click Insights. This will open the Map tab for your virtual machine.

Review monitored data

In the Map, you can select elements to get additional details.
For example, to review connections to DNS servers, select the node Port: 53. This action displays the current connections on port 53 (the port used for DNS name resolution).

You can also use the icons on the right side of the map to access the information described in the following table:

Control	Explanation
Properties	Provides detailed information about the selected element. For example, by selecting the VM in the central pane, you can view details such as the fully qualified domain name (FQDN), operating system, and links to health properties, machine properties, and Azure VM properties.
Log Events	Displays a list of recent events in the details pane. If you select a specific event type, the Log Analytics workspace opens and shows detailed event data.
Alerts	Displays events that occurred on the VM. They are listed by severity level, from 0 to 4. Selecting an alert provides additional details.
Connections	Shows all active connections to the VM. You can access more details by selecting a connection in the displayed results.

To review performance data, select the Performance tab in Insights. The main pane displays performance data for the following elements:

• CPU utilization (%)
• Available memory
• Logical disk IOPS
• Logical disk throughput (MB/s)
• Maximum logical disk usage (%)
• Bytes Sent Rate
• Bytes Received Rate

Next unit: Monitor an Azure virtual machine with Azure Monitor.