Inside there is the possiblity to Log Analytics of solution specifications that allow the monitor to some components of the network infrastructure that exists in Microsoft Azure.
Among these solutions are Network Performance Monitor (NPM) which was deepened in the article Monitor network performance with the new solution of OMS and that lends itself very well to monitor the health status of, the availability and accessibility of the networking of Azure. They are also currently available in the following gallery of Operations Management Suite solution that enrich the monitoring potential side OMS:
- Azure Application Gateway Analytics
- Azure Network Security Group Analytics
By accessing the portal who you can easily add these solutions present in the gallery by following the steps that are documented in the following article: Add Azure Log Analytics management solutions to your workspace (OMS).
Azure Application Gateway Analytics
The Azure Application Gateway is a service that you can configure in Azure environment can provide Application Delivery functionality ensuring an application layer balance 7. For more information regarding ’ Azure Application Gateway can be found in the official documentation.
In order to collect diagnostic logs in Log Analytics you need to position yourself in the Azure portal resource Application Gateway that you want to monitor, and then under Diagnostics logs Select sending the logs to the workspace Log Analytics should:
For the Application Gateway you can select the following log collection:
- Logs that are related to active logins
- Performance data
- Firewall log (If the Application Gateway has the Web Application Firewall enabled)
After you complete these simple steps designed to walk easily installed solution who data sent from the platform:
All ’ within the solution, you can view a summary of the collected information and selecting the individual charts you access details about the following categories:
- Application Gateway Access log
- Client and server errors in access log of Application Gateway
- Applications received by Application Gateway for now
- Failed requests per hour
- Errors detected for user agent
- Application Gateway performance
- State of health of the hosts that meet the requirements of the Application Gateway
- Failed requests of Application Gateway expressed as maximum number and with the 95 percentile
- Application Gateway Firewall log
Azure Network Security Group Analytics
In Azure, you can check the network communication via the Network Security Group (NSG) which aggregates a set of rules (ACL) to allow or deny network traffic based on direction (inbound or outbound), the Protocol, the address and the source port or the destination address and port. The NSG are used to control and protect the virtual network or network interfaces. For all the details about the NSG please visit the Microsoft's official documentation.
In order to collect diagnostic logs of Network Security Group in Log Analytics you need to position yourself in the Azure Portal Resource Network Security Group that you want to monitor, and then under Diagnostics logs Select sending the logs to the workspace Log Analytics should:
On the Network Security Group you can collect the following types of logs:
- Counters related to rule
At this point in the OMS portal home page you can select the tile by Overview of solution Azure Network Security Group Analytics to access data from the NSG collected by platform:
The solution provides a summary of the logs collected by splitting them into the following categories:
- Network security group blocked flows
- Rules of the Network Security Group with blocked traffic
- Network routes with traffic blocked
- Network security group allowed flows
- Rules of the Network security group with allowed traffic
- Directives of the network with traffic rules allowed
The methodology of sending diagnostic logs of Application Gateway and Network Security Group of Azure to Log Analytics has changed recently by introducing the following advantages:
- Writing the log in log Analytics takes place directly without having to use the storage account as repository. You can choose to save the diagnostic logs on the storage account, but it is not necessary for the ’ sending data to OMS.
- The latency between the time of log generation and their consultation in Log Analytics has been reduced.
- Have been greatly simplified the steps required to configure.
- All Azure Diagnostics were harmonised as format.
Thanks to a more complete integration between Azure and Operations Management Suite (OMS) You can monitor and control the status of the components of the network infrastructure built on Azure comprehensively and effectively, all with simple, intuitive steps. This integration of platform Azure with OMS is surely destined to be enriched with new specific solutions for other components. For those interested to further deepen this and other features of the who remember that you can try the OMS for free.