3.6 Azure Monitor and Service Health
Key Takeaways
- Azure Monitor collects, analyzes, and acts on telemetry data from Azure resources, applications, and on-premises environments.
- Azure Monitor components include Log Analytics (query logs), Application Insights (application monitoring), and Alerts (notifications).
- Azure Service Health provides personalized information about Azure service issues, planned maintenance, and health advisories.
- Service Health has three components: Azure Status (global), Service Health (your resources), and Resource Health (specific resource).
- Azure Monitor Alerts can trigger notifications (email, SMS) or automated actions (Logic Apps, Functions) when conditions are met.
Azure Monitor and Service Health
Quick Answer: Azure Monitor = collect and analyze telemetry from all Azure resources. Service Health = personalized alerts about Azure service issues. Log Analytics = query and analyze log data. Application Insights = application performance monitoring.
Azure Monitor
Azure Monitor is a comprehensive monitoring solution that collects, analyzes, and responds to telemetry data from your Azure and on-premises environments. It provides full-stack visibility into the health and performance of your applications and infrastructure.
Data Sources
Azure Monitor collects data from multiple sources:
| Source | Data Type |
|---|---|
| Application | Performance and functionality of application code (via Application Insights) |
| Operating System | Guest OS metrics and logs from VMs |
| Azure Resources | Operational metrics and diagnostic logs |
| Azure Subscription | Service health events and activity logs |
| Azure Tenant | Azure AD (Entra ID) audit and sign-in logs |
| Custom Sources | Data sent via APIs and agents |
Key Components
Metrics
- Real-time numerical data — CPU percentage, memory usage, request count
- Stored for 93 days by default
- Visualized in the Azure portal, dashboards, and workbooks
- Used for alerts and auto-scaling triggers
Logs
- Detailed records — Events, traces, performance data, errors
- Stored in Log Analytics workspace — Queryable using Kusto Query Language (KQL)
- Retention — Configurable from 30 days to 2 years
- Used for deep analysis — Troubleshooting, auditing, trend analysis
Log Analytics
A tool in the Azure portal for writing and running Kusto Query Language (KQL) queries against log data. You do NOT need to know KQL for the AZ-900, but you should know that Log Analytics is WHERE you query Azure Monitor log data.
Application Insights
An Application Performance Management (APM) service for monitoring live web applications. It detects:
- Performance anomalies — Slow response times, failures
- Dependency tracking — How your app communicates with databases, APIs, external services
- User behavior — Page views, sessions, user flows
- Availability — Synthetic monitoring (ping tests from worldwide locations)
Alerts
Azure Monitor Alerts proactively notify you when important conditions are detected:
| Component | Purpose |
|---|---|
| Alert rule | Defines WHAT triggers the alert (e.g., CPU > 90% for 5 minutes) |
| Action group | Defines WHO is notified and HOW (email, SMS, voice, webhook, Logic App, Function) |
| Alert severity | 0 (Critical) to 4 (Verbose) |
Alert types:
- Metric alerts — Triggered when a metric crosses a threshold
- Log alerts — Triggered based on log query results
- Activity log alerts — Triggered by Azure resource operations (e.g., VM deleted)
Azure Service Health
Azure Service Health provides personalized information about the health of Azure services and regions you use. It has three components:
1. Azure Status
A global view of the health of ALL Azure services across ALL regions. Visit status.azure.com for the current status.
2. Service Health
A personalized view showing health information relevant to YOUR Azure services and regions. It tracks:
| Event Type | Description |
|---|---|
| Service issues | Active problems affecting Azure services (outages) |
| Planned maintenance | Upcoming maintenance that may affect your resources |
| Health advisories | Changes that require action (e.g., service retirements, deprecations) |
| Security advisories | Security-related notifications |
3. Resource Health
Shows the health of your specific Azure resources (individual VMs, databases, etc.):
- Available — No issues detected
- Unavailable — A platform or non-platform event is affecting the resource
- Degraded — The resource is experiencing reduced performance
- Unknown — Resource Health has not received information for more than 10 minutes
On the Exam: Know the difference between the three Service Health components: Azure Status = global overview. Service Health = personalized to your subscriptions. Resource Health = specific to individual resources.
Monitoring Tool Summary
| Tool | What It Does |
|---|---|
| Azure Monitor | Collects and analyzes telemetry from all Azure resources |
| Log Analytics | Queries log data using KQL |
| Application Insights | Monitors live application performance |
| Azure Alerts | Notifies when conditions are met |
| Azure Service Health | Reports Azure service issues and planned maintenance |
| Resource Health | Shows health status of specific resources |
| Azure Advisor | Provides recommendations for cost, security, reliability, performance |
| Azure Activity Log | Records all Azure resource operations (who did what, when) |
Which Azure Monitor component is used to query and analyze log data?
Which Azure Service Health component shows the health of a SPECIFIC Azure resource like an individual VM?
Which tool should you use to monitor the performance of a live web application, including response times and failure rates?