Tuesday 30 July 2024

Monitor Microsoft Azure with the Azure Native ISV Service

 

Monitor Microsoft Azure with the Azure Native ISV Service

Create an Elasticsearch resourceedit

  1. Log in to the Azure portal.

  2. In the search bar, enter Elastic Cloud (Elasticsearch) and then select Elastic Cloud (Elasticsearch) – An Azure Native ISV Service.
  3. Click Create.
  4. Enter the SubscriptionResource group, and the Resource name.
  5. Select an Elasticsearch version.

  6. Select a region and then click Review + create.

    Screenshot of Elastic resource creation in Azure
  7. To create the Elasticsearch deployment, click Create.

  8. After deployment is complete, click Go to resource. Here you can view and configure your deployment details. To access the cluster, click Kibana.

    Screenshot of deployment details for Elastic resource in Azure
  9. Click Accept (if necessary) to grant permissions to use your Azure account, then log in to Elastic Cloud using your Azure credentials as a single sign-on.
  10. To look for available data, click Observability. There should be no data yet. Next, you’ll ingest logs.

Step 2: Ingest logs by using the Azure Native ISV Serviceedit

To ingest Azure subscription and resource logs into Elastic, you use the Azure Native ISV Service.

  1. In the Azure portal, go to your Elasticsearch resource page and click Ingest logs and metrics from Azure Services.

  2. Under Logs, select both checkboxes to collect subscription activity logs and Azure resource logs. Click Save.

    Screenshot of logs and metrics configuration for Elastic resource in Azure

    This configuration can also be applied during the Elastic resource creation. To make the concepts clearer, this tutorial separates the two steps.

    Native metrics collection for Azure services is not fully supported yet. To learn how to collect metrics from Azure services, refer to Monitor Microsoft Azure with Elastic Agent.

  3. In Kibana, under Observability, click Overview until data appears in Kibana. This might take several minutes.

    Screenshot of Kibana Observability overview

  4. To analyze your subscription and resource logs, click Show log stream (or click Stream in the navigation pane).

    Kibana Logs app

Step 3: Ingest logs and metrics from your virtual machines (VMs)edit

  1. In the Azure portal, go to your Elasticsearch resource and click Virtual machines.

  2. Select the VMs that you want to collect logs and metrics from, click Install Extension, and then click OK.

    Screenshot that shows VMs selected for logs and metrics collection
  3. Wait until the extension is installed and sending data (if the list does not update, click Refresh ).

  4. Back in Kibana, view the log stream again (Logs → Stream). Notice that you can filter the view to show logs for a specific instance, for example cloud.instance.name : "ingest-tutorial-linux":

    Screenshot of VM logs in the Logs app

  5. To view VM metrics, go to Infrastructure → Inventory and then select a VM.

    Screenshot of VM metrics

    To explore the data further, click Open as page.

    Screenshot of detailed VM metrics
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)