Azure Monitor is the unified observability platform encompassing metrics, logs, traces, and alerts. With Application Insights for APM, Log Analytics for centralized logging, and Azure Monitor Metrics for infrastructure, it provides end-to-end visibility. This guide covers implementation patterns, KQL queries, and cost optimization strategies.
Azure Monitor Components
flowchart TB
subgraph Sources ["Data Sources"]
VMs["VMs / VMSS"]
AKS["AKS"]
Functions["Functions"]
Apps["App Services"]
end
subgraph Monitor ["Azure Monitor"]
Metrics["Metrics (Time Series)"]
Logs["Log Analytics (KQL)"]
AppInsights["Application Insights"]
end
subgraph Actions ["Actions"]
Alerts["Alert Rules"]
Dashboards["Azure Dashboards"]
Workbooks["Workbooks"]
end
Sources --> Metrics
Sources --> Logs
Apps --> AppInsights
AppInsights --> Logs
style AppInsights fill:#E1F5FE,stroke:#0277BD
Application Insights Setup
// .NET 6 Program.cs
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddApplicationInsightsTelemetry(options =>
{
options.ConnectionString = builder.Configuration["APPLICATIONINSIGHTS_CONNECTION_STRING"];
options.EnableAdaptiveSampling = true;
options.EnableDiagnosticsTelemetryModule = true;
});
// Custom telemetry
builder.Services.AddSingleton<ITelemetryInitializer, CustomTelemetryInitializer>();KQL Queries for Troubleshooting
// Slow requests by operation
requests
| where timestamp > ago(1h)
| where duration > 1000
| summarize count(), avg(duration), percentile(duration, 99) by operation_Name
| order by count_ desc
// Failed requests with exception details
requests
| where success == false
| join kind=inner (
exceptions
| project operation_Id, exceptionType = type, exceptionMessage = outerMessage
) on operation_Id
| project timestamp, operation_Name, exceptionType, exceptionMessage
// Dependency call performance
dependencies
| where timestamp > ago(1h)
| summarize count(), avg(duration), percentile(duration, 95) by target, type, name
| order by avg_duration descAlert Rules
resource alertRule 'Microsoft.Insights/scheduledQueryRules@2022-06-15' = {
name: 'High Error Rate'
location: 'global'
properties: {
severity: 2
evaluationFrequency: 'PT5M'
windowSize: 'PT15M'
scopes: [appInsights.id]
criteria: {
allOf: [
{
query: 'requests | where success == false | summarize ErrorCount = count() by bin(timestamp, 5m)'
timeAggregation: 'Count'
operator: 'GreaterThan'
threshold: 10
failingPeriods: {
numberOfEvaluationPeriods: 1
minFailingPeriodsToAlert: 1
}
}
]
}
actions: {
actionGroups: [actionGroup.id]
}
}
}Cost Optimization
- Sampling: Enable adaptive sampling for high-volume apps
- Data Retention: 30 days free, archive to Storage for long-term
- Data Collection Rules: Filter logs at ingestion
- Commitment Tiers: 100GB/day+ gets 30% discount
Key Takeaways
- Application Insights for APM, Log Analytics for logs
- KQL enables powerful ad-hoc analysis
- Alert rules support metric and log-based conditions
- Sampling reduces costs for high-volume apps
- Commitment tiers provide significant discounts
Discover more from C4: Container, Code, Cloud & Context
Subscribe to get the latest posts sent to your email.