Diagnostics and Monitoring

  1. NSG Flow Log Export to Event Hub for SIEM Ingestion

    NSG Flow Logs can be viewed in Network Watcher or Exported to Storage, but the option to export to Event Hub is missing. Since Event Hubs have become the standard interface for SIEM solutions to access Azure logs, it would be great to be able to handle NSG Flow Logs the same way.

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  2. Logging triggered alert details in workspace

    I'm using Grafana to monitor my cloud environment. I'm able to get Metrics for all the resources. but I couldn't get details of alerts other than log alerts created from log analytics workspace.

    Whenever alerts are triggered in Azure monitor, there's no log entries for them in Log analytics workspace.
    It would be great to see to which resource the alert is being triggered in log analytics workspace

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. I suggest you allow users to view Host level metric data for more than 30 days in Metric Explorer. Its sad not being able view it one go.

    In Metric Explorer of portal.azure.com, users can only view data up to past 30 days at Host level. When Azure in fact has data up to past 90 days. But users are expected to view that data in a window of not more than 30 days at a time. I mean, data is available, Azure doesn't mind showing it - then why this restriction of 30 days only at a time?

    Other cloud service providers like AWS provide data as far as 180 days in the past, in a single go.

    Its a very basic feature, as far as I…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. alert run command result

    Allow monitoring/alerting based on the results of running a command or script. For example to test if the bind server was setup properly by running a command to test if resources can be resolved by DNS. Or to check if the Trend Micro relay server, which doesn't have an event log entry or a unique service, is working properly by running a command.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Metrics | Diagnostics Storage Account Language | Only English ?

    Enable all language metrics for diagnostic storage accounts, is it only english which is identified in storage account metrics ?

    What is the language is changed to Spanish in the storage account metrics for VM and can't it be changed back to English ? By default, as per the design in Azure, storage account supports metrics only in the language of English ?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Provide the Activity Log nice GUI output in place of or in addition to the JSON

    Provide the Activity Log nice GUI out put in place of or in addition to the JSON which will give a more visible for the troubleshooting.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add way to clean old logs

    Diagnostic data can currently be logged to a storage account. Data is for example logged to multiple WADMetrics tables.

    After a while, these can grow quiet big. So it would be great to be able to specify a maximum log size (x GB) or a maximum log age (x days). If the log size or maximum is exceeded, the oldest entries would automatically be deleted.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. create activity log alerts rules for all subscriptions at once.

    In Azure Monitor using Powershell or CLI, there should be a possibility to create log-activity alert rules for all subscriptions at once in a tenant.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. watcher.log generated by Microsoft Monitoring Agent should not grow to GBs as currently it is increasing to unlimited size

    watcher.log generated by Microsoft Monitoring Agent should not grow to GBs as currently it is increasing which is making /partition full on Linux VMs which is just 32GB by default.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. 49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Increase the number of files that can be monitored under FIM

    File Integrity Monitoring in Azure is currently limited to a maximum of 500 files. We have an application that has over 20,000. So I'd like to see the limit raised well above this.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Active Directory to dynamically detect Groups with Linux Computer members

    Requesting a new feature to allow Active Directory to dynamically detect Groups with Linux Computer domain joined members, to support Azure Monitor \ Update Management & Azure Monitor \ Automation. This will meet Enterprise Readiness for Update Management and Automation

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Diagnostic Logs for ADF configured but logs are not always written

    I have configured activity, Pipeline and Trigger logs to push to my storage through diagnostic settings on the ADF instance but when a pipeline executes (success or failure) within ADF, sometimes a log is sent to storage and sometimes it is not>!?!?!?!?

    I can see the "error" text box within the console (monitor within ADF) but nothing in the PT1H.json file NOR a PT1H.json file even created...

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Suppress alerts with more granularity

    Hi there,

    It would be interesting to have more granularity on the Action Rules functionality on the alert suppression blade.

    I mean, currently is possible to suppress alerts daily, weekly or monthly. What if I want to suppress the alerts fired within a subscription from 7:00 PM to 9:00 AM during the weekdays and during the weekend?

    Said in another way, my goal is to receive the alerts generated on my DEV/QA/UAT/etc... subscription ONLY during office hours from monday to friday. I.e: I do not want to be alerted by a QA server/service on sunday, while this should not be…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add support for exporting ARM templates

    Please add support for exporting Action Groups and Alert Rules as ARM Templates, in the same manner as the Data Factory V2 team allows exporting pipeline definitions and all their related artifacts as ARM templates. This is incredibly useful for cases where we're creating a product with multiple environments.

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Alert for Azure data factory pipeline duration

    I am using Data factory V2. It seems there is no Alerts configuration for the pipeline duration. We had some issues where pipeline got stuck and long running for hours. We can't monitor it manually and would like to know if there is any way to trigger alert if pipeline runs for more than a threshold value.

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Alert when a Rule Alert was deleted

    Create a rule that has a condition of:
    Alert when a Rule Alert was deleted

    Kindly give me an Idea.
    Thank you!

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Metrics from VM Guest OS in Azure Monitor

    Guest OS Metrics on a VM is exposed in Classic with diagnostics enabled but they are not exposed in the new Azure Monitor solution. Please expose Guest OS Metrics in Azure Monitor as well, we monitor onprem using SCOM and newer versions of Azure Management Pack does not support classic anymore.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Monitoring roles to be added in resource level, not subscription/resource group level

    I have users that I'd like to grant the ability to create, modify and delete Alerts and Availability Monitors at Resouce level.

    Currently, azure does not allow to create monitoring role at Resources level. Only able to create Monitoring roles at Subscription level which we would like to avoid as this user is not supposed to view other resources monitoring information.

    We have 1 single Subscription that has multiple Resource group under it. This user only has access(owner role) to this particular Resources under this Resouce Group.

    We only want to grant this user monitoring roles for this single Resouces…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. 3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Diagnostics and Monitoring

Categories

Feedback and Knowledge Base