The days when the disc is punctured and making a fuss ...

When I asked what happened to the monitoring because I saw the operation of Ali Ali (not the server under my jurisdiction) while dealing with the system failure after the disk punctured, JP1 It seems that the monitoring was neglected due to lack of license (although it sounded like an excuse). Meanwhile, when I was investigating whether there was any cheap tool, SolarWinds, open source Zabbix, Hinemos, etc., which seemed to be relatively introduced overseas, seemed to be other candidates, but they are heavy. Feeling. I want to get started right away with almost no money or servers to build what I need! Azure Monitor is the destination where we should not be able to respond to what we need in one hour in this era. When I looked it up, I found that on-premise could be easily linked and started the introduction. Functionally, two services will be involved: a function called Monitor and a log storage service called Log Analytics Workspaces.

How much does Azure Monitor cost?

https://azure.microsoft.com/ja-jp/pricing/details/monitor/ Although it is described in, it looks complicated and I do not understand well. So, if you organize it ● Log storage cost (Data Ingestion) ・・・ The cost will be added as the type of metric to be stored and the frequency of acquisition increase. On-premise Windows server monitors two disk capacities such as% free space and free megabytes, and if you start monitoring every minute, it will cost about 10 yen per unit per month. You can increase the number of things you want to monitor one after another, such as CPU and memory, but the more you increase, the more logs you will have and the more you will be charged. In this area, it is necessary to adjust and monitor the increase / decrease in the monitoring frequency and the increase / decrease in the monitoring items appropriately so that the cost will not be enormous. A small start looks good while I'm worried. ● Cost of alert setting itself ・・・ 11 yen per month for one alert setting. It feels like one alert for one drive on one server, so if you want to see two drives, you have two alert settings. ● Cost of sending alerts (email, SMS, phone voice) ・・・ The link between email and Azure application is the cheapest (1,000 cases per month are free). SMS and phone voice are also in the above price list, but be careful as it will cost several tens of yen each time.

How do you work with on-premise?

I think that there are servers with NG internet connection, but this time it is not necessary to deal with it, so it is omitted (Log Analytics Gateway) Is not used). You can download and install the program that integrates Windows, Linux and Azure in Overview or Agents management of Log Analytics Workspaces.

During the installation, you will be asked for your Workspace ID and link key, which means that you can copy and paste the information displayed on the download screen to continue the setup. Also, if there is already linked Windows or Linux on the screen, the number will be displayed. (Two units are already connected on this screen) You can set the contents of the on-premise Windows / Linux log to be downloaded with "Advanced settings". It seems that there is only one download condition that can be set in one Log Analytics Workspace, so if you want to change the condition, you have to create another Log Analytics Workspace. In the image example,% Free Space and Free Megabytes of all disks are set to be sucked up every minute. It is an image that this is applied to two units at the same time. If you set here, log download will start automatically. You can check if the on-preserver is connected to Azure on the Azure Log Analytics (OMS) tab of the Microsoft Monitoring Agent in Control Panel. If there is a green check mark and "successfully" is displayed, the cooperation has already been completed. If you need to set the proxy on the proxy settings tab, you can enter it.

Alert settings

Alerts are set from Monitor. It is recommended that you register the notification destination (email address, for example, you can post to the Teams channel) in advance with Manage actions so that you can reuse it. You can set new notifications with the New alert rule. Since the alert issuance test was performed on this screen, 2 cases have occurred and 2 cases have been closed. New, Acknowledged, Closed are designed so that humans can control the status, but the system manages the status of Activated and Deactivated for notifications, and the good thing about Azure is that it not only includes the alert alert Activated and the subject line. The monitoring (and resolution notification) with the subject Deactivated for troubleshooting is also in place. Email notification example: The following setting is an example of setting to notify an alert when the free disk space is less than 3072MB (3GB). Condition example.

It's easier if the resource is in Azure. You can also monitor the life and death of websites. (If only the life and death of the website (apart from log storage), the setting itself seems to be free). You can access websites from Azure data centers around the world, set whether the response is 200 or different, and set alerts. It is very easy to understand because you can also know the response time.

It is also possible to alert when there is something wrong with the remaining capacity of Azure SQL Database or the ETL execution result of Azure Data Factory. Alert setting example.

Be careful about the resource group name to be set

Many Azure Monitor related resources cannot be moved. Therefore, it will be very troublesome if movement occurs. If characters other than alphabets and numbers such as Japanese are included, it may malfunction due to subsequent resource creation, so be careful with the resource group name. Click here for details https://qiita.com/mnoda/items/d60d72b78adc894aaf29

Official documentation

https://docs.microsoft.com/ja-jp/azure/azure-monitor/overview Has a bird's-eye view of the entire function. Overview (from the official website above):