Azure Monitoring Setup for Beginners

Azure Monitoring Setup for Beginners

ByPouya Nourizadeh

Monitoring is essential for maintaining reliability, performance, and security in Azure environments. Without proper monitoring, issues such as resource exhaustion, failed deployments, or application errors are often discovered only after users are affected.

Azure includes a native monitoring platform that automatically collects metrics, logs, and activity data from most services with minimal configuration. This platform, Azure Monitor, helps teams detect issues early, identify root causes faster, plan capacity effectively, and make better operational decisions as environments scale.

Azure Monitor Overview

Azure Monitor is the main tool for gathering and reviewing monitoring data from Azure resources and linked on-premises setups. It supports infrastructure, platform services, applications, and containers.

Azure Monitor enables:

  • Collecting data from Azure resources and add-on agents
  • Querying and analyzing data using Kusto Query Language (KQL)
  • Creating alerts based on metrics, logs, and activity events
  • Visualizing data using dashboards and workbooks
  • Integrating with automation and incident response workflows

Metrics and Logs

Azure Monitor data falls into two primary categories:

Metrics

Metrics are numeric time-series values such as CPU utilization, memory usage, request counts, and network throughput. They help detect issues in real-time.

Key characteristics:

  • Collected automatically for most Azure resources
  • Typically collected at 1-minute granularity
  • Stored in a time-series database optimized for fast queries
  • Platform metrics are free to collect and retain for up to 93 days
  • Commonly used for dashboards and threshold-based alerts

Logs

You’ll find detailed records in logs such as:

  • Operating system events
  • Application traces and exceptions
  • Resource diagnostic logs
  • Security and audit events

These logs get stored in Log Analytics workspaces. You query them using Kusto Query Language (KQL), a powerful tool for searching data. Billing is based on the volume of data ingestion and how long you keep it.

Key Azure Monitor Components

Platform Metrics

Platform metrics are emitted automatically by Azure services without agents. They provide fast signals, but limited detail.

Use cases:

  • Health monitoring
  • Performance baselines
  • Alert thresholds

Log Analytics Workspace (Log Analytics Setup)

A Log Analytics workspace is the central store for log data.

Best practices:

  • Create one workspace per environment (for example, production and non-production)
  • Place the workspace in the same region as monitored resources
  • Use role-based access control (RBAC) to limit access

Retention:

  • Default retention for analytics tables is 30 days
  • Retention can be increased up to 12 years (4,380 days) at additional cost via the Azure portal or API
  • Long-term archival storage supports retention for compliance scenarios

Retention does not need to be set manually unless customization is required.

Alerts and Action Groups

Alerts notify teams when defined conditions are met.

Alert types:

  • Metric alerts (for near real-time thresholds)
  • Log search alerts (based on KQL queries)
  • Activity Log alerts (for subscription-level changes)

Action groups define responses such as:

  • Email or SMS notifications
  • Webhooks
  • Automation via Logic Apps or Functions

Action groups are reusable and should be standardized across alerts.

Insights Tools

VM Insights

  • Collects guest-level performance data such as memory and disk usage.
  • Requires the Azure Monitor Agent (AMA).
  • The legacy Microsoft Monitoring Agent (MMA) has been fully deprecated and should not be used.

Container Insights

  • Provides visibility into Kubernetes clusters and workloads.
  • Integrated with AKS using Azure Monitor-managed collection.
  • Legacy Helm-based setups have been retired.

Application Insights

  • Focuses on application performance, dependencies, and failures.
  • Fully integrated into Azure Monitor and Log Analytics.

Step-by-Step Azure Monitor Setup

The following steps are sufficient for most small to medium environments.

1. Create a Log Analytics Workspace

In the Azure portal:

  • Use the top search bar and select Log Analytics workspaces
  • Choose Create
  • Select subscription, resource group, region, and workspace name
  • Use the default Pay-As-You-Go pricing model

Commitment tiers can be considered later for high ingestion volumes.

2. Configure Diagnostic Settings

Diagnostics are not enabled by default for most resources.

For each resource:

  • Navigate to Monitoring → Diagnostic settings
  • Create a new diagnostic setting
  • Select relevant log categories and AllMetrics
  • Route data to the Log Analytics workspace

Log tables are created automatically when data is first received.

3. Enable Insights Where Needed

  • Enable VM Insights from the VM’s Monitoring section
  • Ensure the Azure Monitor Agent is installed
  • Enable Container Insights for AKS clusters using Azure Monitor-managed integration

Avoid legacy agents and extensions that are no longer supported.

4. Create Initial Alerts

Start small and focus on actionable alerts.

Examples:

  • CPU usage above 80% for 5 minutes
  • Disk free space below 20%
  • Application error rate above normal baseline

Attach action groups for notifications and regularly review alert effectiveness to ensure they remain actionable.

Best Practices for Azure Monitor Alerts

  • Alert on symptoms that require action
  • Avoid alerting on transient or self-healing conditions
  • Prefer dynamic thresholds when workloads fluctuate
  • Review alert thresholds quarterly
  • Clearly define ownership and response paths

Visualizing Monitoring Data

Use visualization tools to make monitoring data actionable.

  • Azure Dashboards for high-level, at-a-glance views
  • Workbooks for deeper analysis and trend exploration

Pin frequently checked metrics and customize workbooks for operational reviews.

Cost Control Considerations

Costs primarily come from log ingestion and retention.

Key points:

  • Platform metrics are free to collect and store
  • Logs are billed per GB ingested
  • Guest metrics and diagnostics are treated as logs

Cost control practices:

  • Enable only required diagnostic categories
  • Keep retention minimal for non-critical data
  • Review ingestion trends monthly
  • Use commitment tiers only when data volumes justify them

Common Beginner Mistakes

  • Relying only on metrics without logs
  • Creating too many alerts without clear action
  • Diagnostics are not configured for resources
  • Using deprecated agents or extensions
  • Ignoring cost visibility until bills increase

Summary and Next Steps

A functional Azure monitoring setup requires:

  • A Log Analytics workspace
  • Diagnostic settings on key resources
  • Targeted alerts
  • Basic dashboards or workbooks

This foundation improves visibility, reduces troubleshooting time, and supports reliable operations.

Next steps:

  • Enable monitoring for one critical resource
  • Trigger and validate an alert
  • Run a basic KQL query, for example:
Heartbeat
| where TimeGenerated > ago(1h)
| summarize count() by Computer

This confirms agent connectivity and data flow.

Pouya Nourizadeh - Cloudformix Author
Pouya Nourizadeh
About Author

Pouya Nourizadeh is the founder of Cloudformix, with extensive experience optimizing enterprise cloud environments across AWS, Azure, and Google Cloud. For years, he has addressed real-world challenges in cloud cost management, performance, and architecture, offering practical insights for engineering teams navigating modern cloud complexities.

Similar Posts