What is Azure cloud monitoring?
Azure monitoring refers to the methods and processes of collecting, analyzing, and visualizing data related to the performance and health of an Azure cloud infrastructure. It includes both pure Azure cloud environments, that are 100% based on virtual resources, and hybrid infrastructures, that are partly on-premises and partly on the cloud.
Microsoft Azure monitoring deals with all the operational areas of an Azure cloud, such as applications, VMs, storage, networks, and databases. It is necessary to monitor all of them, since they form the whole Azure cloud infrastructure.
Within the larger cloud monitoring category, Azure monitoring focuses on Azure-based cloud environments, and its scope is helping companies in identifying, resolving, and possibly preventing issues and service disruptions. Monitoring Azure is in practice composed of one or more tools that collect the metrics related to the various areas of an Azure cloud. Dashboards help IT administrators to visualize the current status of each area, and to get an overview of what is optimally performing, what is not, as well as getting alerted if a problem arises.
Similarly to any other type of monitoring, Azure monitoring is all about having the most complete and detailed view of your infrastructure as possible, in order to prevent and quickly resolve issues.
Azure monitoring metrics: what to monitor
As with any other cloud service, monitoring Azure clouds is mainly an effort of collecting the right metrics for the used services. An Azure cloud is composed of multiple virtual pieces that are rarely isolated. Cloud databases and storage provide the data that cloud applications can operate on, virtual machines supply the power to these applications, and virtual networks connect them all. Since any part of the cloud can fail at any given moment and easily cause disruptions throughout the infrastructure, all the components should ideally be monitored.
Monitoring each resource is vital to prevent issues that may occur. Each area is different, though, with different metrics that inform cloud administrators about the health and performance. An Azure monitoring tool is capable of collecting the right metrics for the right service. For instance, a cloud database exposes data as the total number of active connections, since it is important to understand how heavy its workload is. A virtual network shows metrics as throughput and latency, since they indicate how well it is performing.
An Azure monitoring service knows what metrics need to be gathered for each Azure resource or service. We will see in more detail how these types of services and also how separate tools work, how they collect the specific metrics, and how they visualize the various areas of an Azure cloud.
Main areas of Azure monitoring
Azure monitoring includes a handful of broad areas to monitor. We will start with the broader areas, namely performance and security, and then move on to the more specific areas, like networks, computing, storage, and databases.
Azure performance monitoring
Among the options for monitoring an Azure cloud, Azure Monitor holds a central place. It is the software that aggregates multiple sources of metrics for monitoring, and we will encounter it the most when talking about Azure monitoring. In case of Azure performance monitoring, Azure Monitor uses Application Insights, an extension that allows it to perform application performance monitoring (APM).
This extension includes not only the classic metrics such as error rates, used memory, CPU usage, HTTP request rate and more, but also pulls in telemetry data and application logs, creating a rather complete view of Azure application monitoring and performance.
Azure performance monitoring thus uses a combination of sources to get information about events and statuses, to generate statistical evaluation of the past performance and to predict future trends. Azure Monitor has a specific dashboard with multiple widgets and views that focuses on the various aspects of Azure performance monitoring.
Third-party Azure monitoring tools are quite similar in that regard. The difference is that while Azure Monitor is integrated in Azure clouds and is a proprietary solution, other tools like Checkmk are external and use REST APIs and agents to gather the data from Azure services and resources. Such an external software can be locally installed or in the cloud along with the other Azure services.
Azure Monitor with Application Insights is the first interface that an administrator can use to monitor the performance of Azure services. However, it is not very flexible and limited to Azure clouds. For larger infrastructures and more advanced needs, a separate Azure monitoring tool is a necessity. But for quick checks and moderate infrastructure, Azure Monitor is a sufficient starting point.
Azure security monitoring
Security is a key area in all monitoring, and Azure monitoring is no exception. Ensuring that data and resources are accessed by only authorized people and that nothing has been tampered with is an extremely important aspect in every infrastructure.
Azure offers a few tools for Azure security monitoring, and the most important is Microsoft Sentinel. It is a cloud-native solution that collects data across users, devices, and applications, both on-premises and on the cloud. With Sentinel, it is possible to investigate threats with the help of artificial intelligence, to detect previously undetected ones, and to report incidents. It is a Microsoft-only solution, integrating data sources coming from both Azure and local applications, like Microsoft Defender or Office 365.
Monitoring tools like Azure DDoS Protection and Azure Rights Management (RMS), on the other hand, are only suited for Azure. As their name suggests, they are small Azure monitoring tools that undertake one specific task within Azure security monitoring. For monitoring roles and policies, Azure Governance Visualizer provides administrators with a graphical view of their status.
As in all other areas of Microsoft Azure monitoring, these tasks, and more, can also be accomplished with non-Azure tools that support Azure cloud monitoring. Checkmk and similar tools can draw from multiple data sources and have many Azure monitoring metrics at their disposal for maintaining a secure Azure infrastructure.
Azure network monitoring
Azure network monitoring deals with checking that the virtual networks within an Azure cloud are working efficiently. Monitoring these networks is vital when making sure that any cloud-based infrastructure is optimally performing and preventing issues. Azure has a couple of tools to perform Azure network monitoring.
The most obvious choice is another extension to Azure Monitor named Network Insights. It provides a visual representation of topologies, health, and metrics for all the available network resources, without much configuration effort. The tool is split into a few monitoring components, going from diagnosing the traffic and connectivity, to simply showing network topology and general health. Through it, a few other tools can be accessed for deeper insight, such as Connection Monitor and Traffic Analytics.
Specifically for virtual networks monitoring, there is Azure Network Watcher. It is another tool integrated in Azure clouds, and it makes it possible to perform a series of diagnostics to check network traffic filtering and routing problems, to diagnose outbound connections, and to capture packets from a VM. Mostly, it is an Azure network monitoring tool focused on virtual machines and how they are interconnected, but with not a lot of insights outside this area.
Azure computing monitoring
A cloud infrastructure would not be of great use if it did not offer computing possibilities. Running containers, applications, and serverless functions on a cloud is one of its primary uses. Azure computing monitoring includes a series of tools and efforts that monitor the performance and health of these Azure services.
Azure has a couple of extensions for Azure Monitor: Azure VM Insights and Azure Container Insights. As their names suggest, they deliver metrics and logs to Azure Monitor from virtual machines and containers, and present them in their dashboard. These metrics come from different types of VMs and containers, such as Linux or Windows virtual machines, Azure Functions, mobile and web apps on Azure clouds, Azure Kubernetes Service (AKS), OpenShift and generic container instances. There are multiple use cases for all these computing Azure resources, but broadly speaking, all of them have the metrics CPU, memory and disk usage, network traffic used, and the number of active connections in common.
By monitoring these active Azure resources it is possible to understand how much of the infrastructure is used, how much is under stress, or unused, and to then accordingly scale it up or down. Since there are a few, complex services, it is necessary to deploy a third-party Azure monitoring tool instead of the integrated Azure tools. Monitoring Azure clouds with an advanced Azure monitoring service or on-premises tool is advantageous when dealing with a larger set of metrics and data, which can prove strenuous on less performing tools.
Azure storage monitoring
The data for applications reside in Azure Storage services such as Blob Storage and Managed Disks, and they need to be monitored for data corruption and to avoid going over their space limits. One of the simplest tools to keep an eye on storage in Azure clouds is another extension for Azure Monitor called Storage Insights.
With this extension, you can observe Azure Storage services performance, capacity, and availability in a straightforward interface. You can also include all storage-related resources within an Azure cloud account in the monitoring, and receive a unified dashboard across all storage services on a single infrastructure.
While Storage Insights offers insightful metrics like latency, transaction type and errors, number of failures, and total capacity used by each data service, it is not advanced enough to serve all use cases. As far as Azure monitoring services go, it is fine, but it only has limited customizability and can’t serve more complex demands. A third-party Azure monitoring software can scale much better and offer more monitoring power to ensure that the data fueling your Azure cloud applications are safe and performing.
Azure database monitoring
The second side of data in an infrastructure are databases. When dealing with Azure-based infrastructures, there are many choices, like MySQL, PostgreSQL, Azure SQL, MongoDB, MariaDB, and Cassandra. All have their pros and cons, which go well beyond the scope of this monitoring guide. In terms of Azure database monitoring, Azure itself offers a few tools for Azure Monitor that help cloud administrators keep track of the health and performance of each type of database.
As by now is unsurprising, Azure Monitor integrates monitoring database services with dedicated extensions for each type of supported database. Azure SQL Insights is still in the preview phase (as of 2023) but it is already capable of extracting plenty of useful metrics from Azure SQL databases. Metrics such as sessions, requests, performance counters, I/O, wait statistics and more can all be checked with Azure SQL Insights within the larger interface of Azure Monitor. Other types of databases have their extensions within the Azure monitor dashboard.
A particularity of Azure database services is Cosmos DB: a globally-distributed NoSQL database that is designed to provide high availability, scalability and low-latency access. If used, it can be monitored with its dedicated extension called Cosmos DB Insights. Since it is an additional service, it is important to take care of its health and efficiency, just like any other important resource in an Azure cloud. Metrics such as number of requests, data usage, failed requests, index usage and more are part of Cosmos DB metrics, similar to other databases.
Monitor Azure resources and costs
Microsoft Azure monitoring is not only an effort in performance, security, and outage-prevention. All cloud services have a range of costs that companies incur when using them. Keeping track of these costs and avoiding excessive charges is also part of Azure monitoring.
Therefore, Azure comes with Microsoft Cost Management, a dashboard that aggregates data across all your clouds to provide a single view of your current spendings. Budget setting and reports are supported, and anomalies and unexpected charges can be identified in a few clicks. Data from all Azure services is available in the form of timelines and trends reports and is calculated in global costs.
In terms of cost management tools, Microsoft Cost Management is sufficient in simpler cases or when only one cloud service is present in a single infrastructure. If there are multiple cloud services in one infrastructure, using a tool that can monitor the resources and costs of all your clouds is a must-have. Whatever your case, monitoring Azure resource usage is a must to keep the infrastructure optimized and prevent unnecessary expenditure.
What tools are available to monitor Azure cloud services?
Monitoring Azure services and resources is accomplished with either various Azure-based monitoring tools or a single, unified, external software. Starting with the former, we will present a short selection, which is by no means comprehensive but sufficient to get started and have a viable solution for cloud monitoring.
Azure Monitor is clearly the first option for every cloud administrator that wants to know how their Azure clouds are performing. Coming with a plethora of extensions that can cover all that Azure has to offer, Azure Monitor is definitely a tool that should be present in any Azure monitoring setup. While being able to collect a great deal of Azure monitoring metrics from multiple sources, Azure Monitor is not sufficient to cover all needs, or to efficiently monitor on-premises data centers, and especially not enough to monitor every cloud service out there. But it is a tool that should be taken into consideration.
In case there are general disruptions or incidents regarding Azure resources, Azure Service Health can alert you and give guidance. It is a simple notification service, but important for knowing if your own cloud is facing an issue or if it is global. Similarly, Azure Resource Health gives administrators a personalized dashboard about the health of their resources. Rather than being a complex service collecting hundreds of Azure monitoring metrics, it is a status view of your Azure cloud, informing you of problems that are the cause of service disruptions.
Outside of Azure application monitoring or specific performance and health issues, security is the next big area of cloud monitoring to check. Azure offers two main tools here, Microsoft Defender for Cloud and Microsoft Sentinel. We have discussed the latter, which is a monitoring tool to detect threats and incidents that support both Azure clouds and on-premises Microsoft software and resources. Microsoft Defender for Cloud, on the other hand, is a cloud-native application designed to protect cloud applications from threats and vulnerabilities. It both monitors Azure resources and implements policies to protect them.
While these Azure monitoring tools are perfectly fine on their own, and sufficient for simpler, limited infrastructure’s needs, they may become a limiting factor for infrastructures necessitating more control, insight, and customizability. Plenty of third-party solutions for monitoring Azure clouds were developed to fit the use case of larger companies, with automation requirements and vast data centers. Once monitoring performance becomes important with hundreds or thousands of virtual and real servers, then a software that is also dedicated for Azure monitoring is the obvious choice. Especially in the case of a multi-cloud setup, a cloud-based dashboard built on one cloud only, such as Azure Monitor, simply does not cut it. Aggregating more metrics across multiple clouds and on-premises resources is the only solution, and monitoring tools like Checkmk are ready to address these cases.
Why is it important to monitor Azure clouds?
At the end of the day, monitoring Azure clouds is an irreplaceable endeavor for any company. Not only is it necessary to avoid disruptions and problems, and thus keep providing a good service to customers and the whole company, but it is a key component of security. Only by monitoring your data and resources can you know if they are being tampered with or accessed by unauthorized people. Even if security is not a primary worry at the moment, perhaps because you only have a limited and private Azure cloud, Azure monitoring can give you plenty of insight on improving the efficiency of your whole infrastructure.
Performance is always a factor worth improving, and in the case of Azure clouds it also pairs with containing costs. Each Azure resource has a usage price and with accurate Azure performance monitoring it is possible to know when a resource has reached its limits and needs to scale up, and when rearranging workloads can save you from spending more. The more you monitor, the better you learn and understand your infrastructure.
As we have just seen, Azure clouds offer a lot of tools for monitoring, which you can definitely use. However, for advanced use cases and larger infrastructures, a separate Azure monitoring software is better suited, preferably one you can more easily customize to your needs and is more flexible in how to report and alert you when things go awry.
Checkmk Cloud Edition is here to allow cloud administrators to have a comprehensive view and control of all their clouds, not only Azure. With plenty of customizable dashboards and a large range of supported Azure monitoring metrics, Checkmk is a unified solution for proper Azure monitoring and beyond.