Azure Monitor & Alerting

IntermediateCloud & Azure
Azure MonitorLog AnalyticsKQL

Objective

Configure Azure Monitor, Log Analytics, and alerting rules.

Tools & Technologies

  • Azure Monitor
  • Log Analytics
  • KQL

Key Commands

az monitor log-analytics workspace create
az monitor metrics alert create
AzureActivity | summarize count() by OperationName | top 10
Heartbeat | summarize LastCall=max(TimeGenerated) by Computer

Lab Steps

01
Log Analytics Workspace

Create a Log Analytics workspace and connect resources.

02
KQL Queries

Write Kusto Query Language queries against Log Analytics.

03
Alert Rules

Create metric and log-based alert rules.

04
Action Groups

Configure notification channels for alert actions.

Challenges Encountered

  • Log ingestion delay is typically 1-5 minutes
  • Alert suppression windows prevent alert storms

Key Takeaways

  • KQL is powerful for ad-hoc analysis — learn the basics
  • Resource tags help organize and filter monitoring data