1 00:00:00,730 --> 00:00:01,790 Hey, what's up, Gurus? 2 00:00:01,790 --> 00:00:05,840 Welcome to the lesson, Configuring Monitoring Services. 3 00:00:05,840 --> 00:00:08,860 In this lesson, I am going to start talking to you 4 00:00:08,860 --> 00:00:12,240 about how we collect data in Azure. 5 00:00:12,240 --> 00:00:15,400 We're going to do that by taking a look at Azure Monitor 6 00:00:15,400 --> 00:00:17,710 in a few different services. 7 00:00:17,710 --> 00:00:19,760 In addition, I'm going to take a little bit of time 8 00:00:19,760 --> 00:00:22,240 and I'm going to walk through Log Analytics. 9 00:00:22,240 --> 00:00:24,010 We're going to talk a little bit about what it is 10 00:00:24,010 --> 00:00:26,093 and when you actually need to use it. 11 00:00:26,940 --> 00:00:27,960 So to start off with, 12 00:00:27,960 --> 00:00:32,190 let's talk about how we start collecting data in Azure. 13 00:00:32,190 --> 00:00:35,720 Well, the good news is, hey, you already are. 14 00:00:35,720 --> 00:00:38,150 Anytime you create a service in Azure, 15 00:00:38,150 --> 00:00:41,700 Azure Monitor is going to collect data for you. 16 00:00:41,700 --> 00:00:43,730 Now, the deal is, it's going to collect 17 00:00:43,730 --> 00:00:46,410 up to 90 days of data. 18 00:00:46,410 --> 00:00:47,620 Beyond that point, 19 00:00:47,620 --> 00:00:51,550 that data is lost unless you are using Log Analytics, 20 00:00:51,550 --> 00:00:53,690 or you're moving that data somewhere. 21 00:00:53,690 --> 00:00:57,430 So with Azure Monitor, you're going to generate activity 22 00:00:57,430 --> 00:01:00,280 logs, platform metrics, resource logs, 23 00:01:00,280 --> 00:01:02,470 and VM guest metrics and logs 24 00:01:02,470 --> 00:01:05,200 if you're using virtual machines. 25 00:01:05,200 --> 00:01:06,950 So this is the base of data 26 00:01:06,950 --> 00:01:09,550 that Azure Monitor is going to generate for you 27 00:01:09,550 --> 00:01:12,200 without you having to do anything. 28 00:01:12,200 --> 00:01:14,020 So with that, let's jump over into the portal 29 00:01:14,020 --> 00:01:16,950 and let me actually show you what I'm talking about. 30 00:01:16,950 --> 00:01:20,000 So I have opened up a couple of different services here 31 00:01:20,000 --> 00:01:22,700 and we'll just kind of jump through service by service. 32 00:01:22,700 --> 00:01:25,520 So to start off with, we have a data factory here 33 00:01:25,520 --> 00:01:29,010 and you can see on the left side, there is a monitoring tab. 34 00:01:29,010 --> 00:01:31,060 This is Azure Monitor. 35 00:01:31,060 --> 00:01:34,430 So I can come in here and I can create alert rules. 36 00:01:34,430 --> 00:01:35,880 I can click on metrics 37 00:01:35,880 --> 00:01:39,151 and I can actually create charts for myself. 38 00:01:39,151 --> 00:01:40,850 Let's just click on something here. 39 00:01:40,850 --> 00:01:43,330 I can start to create charts for myself, 40 00:01:43,330 --> 00:01:46,760 and I can change time periods for those charts, 41 00:01:46,760 --> 00:01:51,113 and I can create additional metrics for those charts. 42 00:01:52,270 --> 00:01:55,070 So let's say I had my canceled pipeline runs there. 43 00:01:55,070 --> 00:01:56,630 I could also come in and say, 44 00:01:56,630 --> 00:01:58,130 yeah, let's go ahead and take a look 45 00:01:58,130 --> 00:02:00,620 at our total entities count. 46 00:02:00,620 --> 00:02:05,520 And I can see that right now I have, hey, 1 pipeline. 47 00:02:05,520 --> 00:02:09,870 So you can build multiple different metrics, 48 00:02:09,870 --> 00:02:11,240 add filters to it, 49 00:02:11,240 --> 00:02:13,870 and that is all through Azure Monitor, 50 00:02:13,870 --> 00:02:15,313 in your monitoring tab. 51 00:02:16,170 --> 00:02:19,750 In addition, you can come into diagnostic settings. 52 00:02:19,750 --> 00:02:22,470 Now, if I come here, I'm going to say, 53 00:02:22,470 --> 00:02:24,550 hey, I want to do something above 54 00:02:24,550 --> 00:02:27,280 and beyond the standard Azure Monitor. 55 00:02:27,280 --> 00:02:31,120 And let's say that I want to take all of my data, 56 00:02:31,120 --> 00:02:32,700 all kinds of different stuff, 57 00:02:32,700 --> 00:02:35,580 and I want to send it to Log Analytics, 58 00:02:35,580 --> 00:02:37,930 or I want to send it to a storage account, 59 00:02:37,930 --> 00:02:39,670 or stream it to an event hub, 60 00:02:39,670 --> 00:02:42,120 I can do all of those things here. 61 00:02:42,120 --> 00:02:45,100 Now, when I do that through Log Analytics or something else, 62 00:02:45,100 --> 00:02:47,400 I'm going to incur a cost 63 00:02:47,400 --> 00:02:48,810 and that cost is going to be dependent 64 00:02:48,810 --> 00:02:51,310 upon how much data I am moving, 65 00:02:51,310 --> 00:02:54,320 and how long it sits in Log Analytics, 66 00:02:54,320 --> 00:02:57,470 or storage account, or whatever I'm doing with it. 67 00:02:57,470 --> 00:02:59,980 So keep in mind, I can do that here. 68 00:02:59,980 --> 00:03:01,300 And if I was to do that, 69 00:03:01,300 --> 00:03:02,410 I could just say 70 00:03:04,070 --> 00:03:07,700 data factory logs 71 00:03:07,700 --> 00:03:09,000 and save that. 72 00:03:09,000 --> 00:03:11,140 And now it's going to update diagnostics 73 00:03:11,140 --> 00:03:12,720 and it's going to start sending all 74 00:03:12,720 --> 00:03:15,040 of that data that direction. 75 00:03:15,040 --> 00:03:19,250 Now, moving on to the next service while that runs. 76 00:03:19,250 --> 00:03:23,680 You can see in Synapse now my Azure Monitor tab 77 00:03:23,680 --> 00:03:25,930 looks almost exactly the same. 78 00:03:25,930 --> 00:03:27,510 Wildly different service 79 00:03:27,510 --> 00:03:29,580 but almost the exact same types 80 00:03:29,580 --> 00:03:32,970 of data from the metrics, alerts, diagnostic settings. 81 00:03:32,970 --> 00:03:36,150 We get advisor recommendations here because this is Synapse 82 00:03:36,150 --> 00:03:39,850 but the bulk of Azure Monitor stays the exact same. 83 00:03:39,850 --> 00:03:41,490 That even actually carries through, 84 00:03:41,490 --> 00:03:44,710 if I come over here, into a storage account. 85 00:03:44,710 --> 00:03:46,190 You can see that for the most part, 86 00:03:46,190 --> 00:03:48,960 I have alerts, metrics, diagnostic settings, 87 00:03:48,960 --> 00:03:51,160 and my logs again, 88 00:03:51,160 --> 00:03:53,410 and then I also have workbook and insights 89 00:03:53,410 --> 00:03:56,090 that's going to be specific to storage. 90 00:03:56,090 --> 00:03:57,810 And I'll show you in Log Analytics 91 00:03:57,810 --> 00:04:02,490 how we can utilize our workbooks there as well. 92 00:04:02,490 --> 00:04:03,550 But for the most part, 93 00:04:03,550 --> 00:04:07,800 Azure Monitor stays the exact same from service to service 94 00:04:07,800 --> 00:04:11,223 and the way it presents itself stays pretty similar as well. 95 00:04:12,350 --> 00:04:16,100 So, that's how Azure Monitor looks in Azure, 96 00:04:16,100 --> 00:04:18,230 through a couple of different services. 97 00:04:18,230 --> 00:04:21,620 Let's now talk a little bit about Log Analytics. 98 00:04:21,620 --> 00:04:25,600 So Log Analytics actually is a subset 99 00:04:25,600 --> 00:04:26,920 of Azure Monitor. 100 00:04:26,920 --> 00:04:29,860 It actually sits under Azure Monitor. 101 00:04:29,860 --> 00:04:32,350 It does cost money like we talked about. 102 00:04:32,350 --> 00:04:34,950 Again, that's based upon the amount of data that I'm moving 103 00:04:34,950 --> 00:04:38,710 and how long it is staying in storage, 104 00:04:38,710 --> 00:04:42,800 but Log Analytics allows me to get some advanced 105 00:04:42,800 --> 00:04:44,530 functionality. So what is Log Analytics? 106 00:04:44,530 --> 00:04:46,360 Well, at the core, 107 00:04:46,360 --> 00:04:48,040 it's a tool in the Azure portal 108 00:04:48,040 --> 00:04:50,750 and it lets us run and edit queries 109 00:04:50,750 --> 00:04:54,290 from data collected by those Azure Monitor logs. 110 00:04:54,290 --> 00:04:56,720 So that's what Azure Monitor is. 111 00:04:56,720 --> 00:04:58,380 Now, when do I need it? 112 00:04:58,380 --> 00:05:00,470 Well, 2 reasons really. 113 00:05:00,470 --> 00:05:02,230 The first is long-term storage. 114 00:05:02,230 --> 00:05:05,480 Like I said, Azure Monitor only stores 90 days of data. 115 00:05:05,480 --> 00:05:07,740 If you need long-term data logs, 116 00:05:07,740 --> 00:05:09,430 then you're going to need to move it somewhere 117 00:05:09,430 --> 00:05:12,710 and Log Analytics is a perfect solution for that. 118 00:05:12,710 --> 00:05:15,470 The second reason is complex queries. 119 00:05:15,470 --> 00:05:18,440 You can run some basic queries in Azure Monitor 120 00:05:18,440 --> 00:05:20,720 but if you want to do complex queries, 121 00:05:20,720 --> 00:05:23,450 you need to take a look at Log Analytics. 122 00:05:23,450 --> 00:05:25,460 So with that, let's jump back in 123 00:05:25,460 --> 00:05:28,130 and I'm actually going to show you Log Analytics in the 124 00:05:28,130 --> 00:05:31,210 portal, and we can kind of see some of the differences. 125 00:05:31,210 --> 00:05:34,110 All right, so jumping back over into the portal, 126 00:05:34,110 --> 00:05:37,550 let's click on our Log Analytics workspace 127 00:05:37,550 --> 00:05:38,560 and you can see here 128 00:05:38,560 --> 00:05:41,530 that we have quite a bit more information 129 00:05:41,530 --> 00:05:43,380 that we can go through through and look at, 130 00:05:43,380 --> 00:05:47,020 but the real key is going to be in this Workbooks section. 131 00:05:47,020 --> 00:05:49,920 So I can come into my Workbooks section 132 00:05:49,920 --> 00:05:53,820 and I can create some very complex queries, 133 00:05:53,820 --> 00:05:57,270 and I can use that to get detailed insight on exactly 134 00:05:57,270 --> 00:05:58,600 what's important to me, 135 00:05:58,600 --> 00:06:01,050 and then again, I can store that information 136 00:06:01,050 --> 00:06:04,010 for as long as I need to store it. 137 00:06:04,010 --> 00:06:05,640 So we don't need to take a look 138 00:06:05,640 --> 00:06:08,500 into actual queries right now 139 00:06:08,500 --> 00:06:12,810 because queries are very unlikely to be on the DP-203. 140 00:06:12,810 --> 00:06:14,220 Really, for Log Analytics, 141 00:06:14,220 --> 00:06:15,970 there's not a whole lot that you need to remember 142 00:06:15,970 --> 00:06:17,520 from the portal other than just kind 143 00:06:17,520 --> 00:06:18,560 of understanding the difference 144 00:06:18,560 --> 00:06:21,540 between Azure Monitor and Log Analytics 145 00:06:21,540 --> 00:06:24,170 and when you would use one over the other. 146 00:06:24,170 --> 00:06:26,850 So with that, let's jump back into the lesson 147 00:06:26,850 --> 00:06:28,930 and let's kind of wrap everything up, 148 00:06:28,930 --> 00:06:32,800 talking about key points for the DP-203. 149 00:06:32,800 --> 00:06:36,730 1. Data is already collected by default in Azure. 150 00:06:36,730 --> 00:06:38,060 That's Azure Monitor. 151 00:06:38,060 --> 00:06:39,050 It's going to create 152 00:06:39,050 --> 00:06:42,840 and collect data for all Azure services. 153 00:06:42,840 --> 00:06:45,130 Second, it's going to collect data, 154 00:06:45,130 --> 00:06:48,160 remember activities, platform, metrics, resources, 155 00:06:48,160 --> 00:06:50,273 and then virtual machine stuff. 156 00:06:51,300 --> 00:06:53,040 And then Log Analytics. 157 00:06:53,040 --> 00:06:56,070 That's an additional resource that does cost money 158 00:06:56,070 --> 00:06:58,200 and it sits under Azure Monitor 159 00:06:58,200 --> 00:07:01,700 and again, it allows you to store data past 90 days 160 00:07:01,700 --> 00:07:04,850 and it allows for very complex analysis 161 00:07:04,850 --> 00:07:07,580 to get exactly the detail that you're looking for. 162 00:07:07,580 --> 00:07:09,640 If you keep those 3 points in mind, 163 00:07:09,640 --> 00:07:12,010 that's all you need to know for the DP-203. 164 00:07:12,010 --> 00:07:13,930 And with that, hey, let's jump on 165 00:07:13,930 --> 00:07:15,820 and talk about the next lesson. 166 00:07:15,820 --> 00:07:16,863 I'll see you there.