Excluding deallocated VMs from availability alerting (3/3: Alert rule excluding deallocated VMs)

By Christoph Petersen in Azure on

This problem is probably as old as there are monitoring tools on the market. “How can I exclude legitimately deallocated VMs from alerting” is a question that I’ve heard many times. Where most monitoring tools such as System Center Operations Manager have tooling around the concept of maintenance mode where all alerts are suppressed for a duration of time; Azure Monitor has no provisions at this point.…

Excluding deallocated VMs from availability alerting (2/3: Validate VM state)

By Christoph Petersen in Azure on

This problem is probably as old as there are monitoring tools on the market. “How can I exclude legitimately deallocated VMs from alerting” is a question that I’ve heard many times. Where most monitoring tools such as System Center Operations Manager have tooling around the concept of maintenance mode where all alerts are suppressed for a duration of time; Azure Monitor has no provisions at this point.…

Excluding deallocated VMs from availability alerting (1/3: Track VM state)

By Christoph Petersen in Azure on

This problem is probably as old as there are monitoring tools on the market. “How can I exclude legitimately deallocated VMs from alerting” is a question that I’ve heard many times. Where most monitoring tools such as System Center Operations Manager have tooling around the concept of maintenance mode where all alerts are suppressed for a duration of time; Azure Monitor has no provisions at this point.…

Azure Monitor alert time period vs. ago()

By Christoph Petersen in Azure on

Every once in a while you might need to create an alert which runs a Log Analytics or Application Insights query. When designing the alert you need to define some attributes: the query, the time period, the frequency and the threshold.…

Alert on requests/s for Azure App Service

By Christoph Petersen in Azure on

A customer of mine had the following rule configured: It was his expectation that this rule would be triggered when in the last five minutes at some point more that 200 requests/s were being made to the App Service. Unfortunately this is not the case.…

Azure Security Center now recommends DDoS protection

By Christoph Petersen in Azure on

Security is top of mind for most Azure customers. To have peace of mind when it comes to security for assets running on Azure, Microsoft continuously works to improve on the security recommendations Azure Security Center provides: Recommendation details and affected resources Starting now Azure Security Center in the Standard pricing tier will recommend Azure DDoS Protection for virtual networks as an additional layer of protection against attacks.…

New Azure Security Center Swagger and SDKs available

By Christoph Petersen in Azure on

It just has become easier to manage Azure Security Center at scale. While not all aspects of Azure Security Center can be automated yet Microsoft just released updated Swagger definitions for working with Azure Security Center. This includes an updated documentation where you can directly try requests to the API against your tenants you have access to.…

Application Insights Connector deprecation

By Christoph Petersen in Azure on

In a time before cross-resource queries were possible the Application Insights Connector would copy data from Application Insights to a Log Analytics workspace. With the emergence of cross-resource queries the duplication of data is not required anymore as queries can be sent to both (or even more) entities at the same time in real time.…