Skip to content

Use Azure Monitor Agent#

Operational Excellence · Virtual Machine · Rule · 2022_12 · Important

Use Azure Monitor Agent for collecting monitoring data from VMs.

Description#

Azure Monitor is the platform capability for monitoring and observability in Azure. Azure Monitor collects monitoring telemetry from a variety of on-premises, multi-cloud, and Azure sources.

To monitor Windows and Linux operating systems the Azure Monitor Agent (AMA) is deployed. Once the AMA the agent is deployed, collected data gets delivered to Azure Monitor, where is can be used for:

  • Monitoring visualizations.
  • Triggering alerts.
  • Analysis using workbooks and queries.
  • Integration with other Azure services.
  • Integration with third-party services.

For Azure virtual machines (VMs), virtual machine scale sets (VMSS), and Azure Arc enabled servers the monitoring agent is deployed as an extension. The extension also supports modern management capabilities such as Azure Policy, automatic updates, and deployment as Infrastructure as Code.

The AMA replaces Azure Monitor's legacy monitoring agents.

Recommendation#

Consider monitoring virtual machines (VMs) with the Azure Monitor Agent.

Examples#

Configure with Azure template#

To deploy virtual machines that pass this rule:

  • Deploy a extension sub-resource Microsoft.Compute/virtualMachines/extensions.
    • Set properties.publisher to Microsoft.Azure.Monitor.
    • Set properties.type to AzureMonitorWindowsAgent (Windows) or AzureMonitorLinuxAgent (Linux).

For example:

Azure Template snippet
{
  "type": "Microsoft.Compute/virtualMachines/extensions",
  "apiVersion": "2023-09-01",
  "name": "[format('{0}/{1}', parameters('name'), 'AzureMonitorWindowsAgent')]",
  "location": "[parameters('location')]",
  "properties": {
    "publisher": "Microsoft.Azure.Monitor",
    "type": "AzureMonitorWindowsAgent",
    "typeHandlerVersion": "1.0",
    "autoUpgradeMinorVersion": true,
    "enableAutomaticUpgrade": true,
    "settings": {
      "authentication": {
        "managedIdentity": {
          "identifier-name": "mi_res_id",
          "identifier-value": "[parameters('amaIdentityId')]"
        }
      }
    }
  },
  "dependsOn": [
    "[resourceId('Microsoft.Compute/virtualMachines', parameters('name'))]"
  ]
}

Configure with Bicep#

To deploy virtual machines that pass this rule:

  • Deploy a extension sub-resource Microsoft.Compute/virtualMachines/extensions.
    • Set properties.publisher to Microsoft.Azure.Monitor.
    • Set properties.type to AzureMonitorWindowsAgent (Windows) or AzureMonitorLinuxAgent (Linux).

For example:

Azure Bicep snippet
resource windowsAgent 'Microsoft.Compute/virtualMachines/extensions@2023-09-01' = {
  parent: vm
  name: 'AzureMonitorWindowsAgent'
  location: location
  properties: {
    publisher: 'Microsoft.Azure.Monitor'
    type: 'AzureMonitorWindowsAgent'
    typeHandlerVersion: '1.0'
    autoUpgradeMinorVersion: true
    enableAutomaticUpgrade: true
    settings: {
      authentication: {
        managedIdentity: {
          'identifier-name': 'mi_res_id'
          'identifier-value': amaIdentityId
        }
      }
    }
  }
}

Configure with Azure CLI#

To configure virtual machine using a user-assigned identity:

  • Deploy a extension sub-resource Microsoft.Compute/virtualMachines/extensions.
    • Set the --name parameter to AzureMonitorWindowsAgent (Windows) or AzureMonitorLinuxAgent (Linux).
    • Fill in the remaining parameters. For more information see Azure Monitor Agent overview.

For example:

Azure CLI snippet
az vm extension set --name 'AzureMonitorWindowsAgent' --publisher Microsoft.Azure.Monitor --ids '<vm-resource-id>' --enable-auto-upgrade true --settings '{"authentication":{"managedIdentity":{"identifier-name":"mi_res_id","identifier-value":"/subscriptions/<my-subscription-id>/resourceGroups/<my-resource-group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<my-user-assigned-identity>"}}}'

Configure with Azure PowerShell#

To configure virtual machine using a user-assigned identity:

  • Deploy a extension sub-resource Microsoft.Compute/virtualMachines/extensions.
    • Set the -ExtensionType parameter to AzureMonitorWindowsAgent (Windows) or AzureMonitorLinuxAgent (Linux).
    • Fill in the remaining parameters. For more information see Azure Monitor Agent overview.

For example:

Azure PowerShell snippet
Set-AzVMExtension -Name AzureMonitorWindowsAgent -ExtensionType 'AzureMonitorWindowsAgent' -Publisher Microsoft.Azure.Monitor -ResourceGroupName '<resource-group-name>' -VMName '<virtual-machine-name>' -Location '<location>' -TypeHandlerVersion '1.0' -EnableAutomaticUpgrade $true -SettingString '{"authentication":{"managedIdentity":{"identifier-name":"mi_res_id","identifier-value":"/subscriptions/<my-subscription-id>/resourceGroups/<my-resource-group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<my-user-assigned-identity>"}}}'

Notes#

Deploying Azure Monitor Agent (AMA) extension alone does not include all configuration needed. Additionally data collection rules and associations are required to specify what data is collected and where it is sent.

Comments