Azure Monitor Alert Series – Part 10

We are getting to one of the last blog post of these series. I still haven’t decided how much more I will publish but this one won’t be the last one. If not else there will be at least another one after this one. Today we will cover Azure Sentinel alerts. To be honest I was not sure if I will cover these alert types. I have tons of feedback for Azure Sentinel in general and specifically for their alerts. That feedback focuses more on APIs and alignment with other Azure teams. I am sure that from security functionality perspective the service is doing great. But let’s start looking at Azure Sentinel alerts and I will express my feedback trough the blog post.

Continue reading →

Azure Monitor Alert Series – Part 8

We are now on part 8 of these series. This blog post will be shorter compared to the others due to the nature of the alert we will cover in it. This time we will explore Azure Monitor for VMs alerts. Before proceeding to the alert part I should mention that Azure Monitor for VMs is in public preview. Always proceed with caution when using preview features as there might be some things missing compared to services/features that are general available.

Update 16.10.2019: A few hours after I have released this blog post the following announcement was made Updates to Azure Monitor for virtual machines (preview) before general availability release

To understand better the Azure Monitor for VMs alerts we need to understand better how the solution works. The solution itself consists of 3 major features:

Gathering performance data trough performance counters from Windows and Linux VMs
Visualizing maps of TCP communication on the VMs (via Service Map)
Discovering and showing VM health data

Continue reading →

Azure Monitor Alert Series – Part 4

It is time for another part of the blog post series focused on Azure Monitor Alerts. In Part 4 we will take a look at Advisor alerts and Policy alerts. As the previous alerts they are based on records in Azure Activity log.

Continue reading →

Azure Monitor Alert Series Part 3

It is time for the third part of this blog series. This time we will cover two type of alerts to speed up the pace. Also as I have mentioned before these types of alerts are very similar to Administrative alerts and difference comes from properties section mainly. The alert types we will cover today are:

Security Activity Log Alert
Service Health Alert

Continue reading →

Azure Monitor Alerts Series – Part 1

Alerts are important part of our monitoring and probably the most important one. Getting data and visualizing it is the foundation for alerts but in order to move to actual monitoring you need alerts. I can tell you nobody sits all day in front of dashboard and looks at visualized data. Alerts are also our knowledge of our applications and infrastructure gathered to help us when things are not going as planned. I wanted to write this blog post series for quite some time and I think this is the right time to do it. The reason for that is Classic Azure alerts are being deprecated and the vision of unified alerting capabilities is coming together and becoming more powerful… sort of. I will comment on parts that I think could and should be improved and hopefully they will be. I also expect some new features around Ignite as usually that is when Microsoft reveals some new stuff. They actually do it all the time it just the end development of some features matches Ignite conference time frame.

Continue reading →

Spread the word:

Spread the word:

Spread the word:

Spread the word:

Spread the word: