Monitor Azure π
Splunk Observability Cloud can automatically import metrics and metadata from your Microsoft Azure services powered by Azure Monitor.
For a list of supported Azure services in Observability Cloud, refer to Available Azure integrations.
Before you can start monitoring any Microsoft Azure resources, Connect to Azure and send data to Splunk Observability Cloud.
To create filters using the API, see Create filters using the API in the developer portal documentation.
See https://docs.microsoft.com/en-us/azure/azure-monitor/overview on the Microsoft site for more information.
You can also export and monitor data from sources running in your Azure environment, as described in the following table.
Get data in |
Monitor |
Description |
|---|---|---|
Collect metrics and logs from Kubernetes clusters running in Azure Kubernetes Service. |
||
Collect metrics and logs from Linux and Windows hosts running in Virtual Machine instances. |
||
Instrument back-end applications to send spans to Splunk APM |
Collect application metrics and spans running in hosts or Kubernetes clusters. |
Monitor Azure services and identify problems π
View the health of Azure supported services at a glance from the Infrastructure page. See more details on available content at Use default dashboards and built-in content to monitor Azure services.
You can also drill down into specific instances of an Azure service. For example, view key metrics for the Virtual Machines service, and filter for a specific ID to analyze a particular virtual machine instance.
Follow these steps to analyze problem Azure services from the Infrastructure page:
Select Infrastructure > Microsoft Azure.
Select the specific service you want to analyze. For example, select Virtual Machines to view metrics of a virtual machine. If you see βNo Data Found,β you need to first configure an integration.
Compare instances of the service along the following metrics with the Color by drop-down list. In the heat map, colors represent the health of instances based on the metrics you select. For example, a heat map that shows green and red, uses green to denote healthy and red to denote unhealthy instances. If your heat map has multiple colors, then the lighter gradient represents less activity, and the darker gradient represents more activity.
You can color by metrics like CPU utilization and filter by dimensions like geographic region.
Group instances based on metadata about each instance with the Group by drop-down list.
You can group instances according to the region or resource group they are running in or the environment tag. Use this to see correlations between different parts of your infrastructure and its performance.
Find outliers for your metrics with the Find Outliers setting. Specify the Scope and Strategy.
Set the Scope to analyze outliers from across the entire visible population of instances, or only within groups defined by the dimension or property you grouped instances by.
You can select one of two Strategies to find outliers, as described in the following table.
Strategy
Description
Deviation from MeanInstances appear as red that exceed the mean value of the metric by at least three standard deviations. Use this setting to find the most extreme outliers.
Deviation from MedianInstances appear as red that exceed the median absolute deviation value by at least three absolute deviations. This setting does not weigh extreme outliers as heavily as the standard deviation.
Select a specific instance you want to investigate further to view all the metadata and key metrics for the instance. For every instance, Observability Cloud provides a default dashboard.
Analyze all the available metadata about the cloud service the instance is running in, the instance itself, and any custom tags associated with the instance. The default dashboard provides metric time series (MTS) for key metrics.
Use default dashboards and built-in content to monitor Azure services π
Observability Cloud provides default dashboards and built-in content for selected Azure services.
Default dashboards π
To see all the pre-built dashboards for data collected in your organization, select Dashboards > Built-in. Supported services include:
Azure App service
Azure batch
Azure Event Hubs
Azure Functions
Azure Kubernetes service
Azure Logic Apps
Azure redis caches
Azure SignalR hubs
Azure SQL databases
Azure SQL server elastic pools
Azure Storage
Azure Virtual Machines
Azure VM Scale Sets
Content from Azure Virtual Machines π
Azure Virtual Machines instances are powered by their respective public cloud service as well as the Splunk Distribution of OpenTelemetry Collector. You need both for all the charts to display data in the built-in dashboards.
If you have only the public cloud service and the Smart Agent configured, some charts in the built-in dashboards for Azure Virtual Machines instances display no data.
If you have only the public cloud service configured, you can see all the cards representing the services where data come from, but some charts in the built-in dashboards for Azure Virtual Machines instances display no data.
If you have only Smart Agent configured, Azure Virtual Machines instance navigator isnβt available.
Note
The SignalFx Smart Agent has reached End of Support. To use the Collector, see Migrate from SignalFx Smart Agent to the Splunk Distribution of OpenTelemetry Collector.
Identify Azure resources using metadata π
You can use all the Azure metadata imported into Observability Cloud, regardless of the mechanism by which you collect and send metrics. This feature is available for the relevant Azure Services as well as metrics collected by the collectd agent.
Azure metadata helps you analyze metrics by custom tags, region, host names, and other dimensions.
The azure_resource_id dimension π
The Azure integration adds the azure_resource_id dimension to metrics received from Azure. This value is derived from Azureβs resource_id for the resource, and has the following syntax:
<subscription_id>/<resource_group_name>/<resource_provider_namespace>/<resource_name>
The Azure integration truncates the dimension value to 256 bytes, which is the maximum length of an Observability Cloud dimension value.
If you install collectd on an Azure Compute Virtual Machine instance using the
standard install script ,
the installation automatically adds the azure_resource_id.
Azure integration generic dimensions π
The metric time series (MTS) associated with Azure metrics have the following generic dimensions, common to all services:
Dimension name |
Description |
|---|---|
|
Unique identifier for the Azure object |
|
ID of the resource group the Azure object belongs to |
|
ID of the subscription the resource belongs to |
|
Type of the Azure object |
|
The Azure aggregation type of the metric |
|
Indicates whether or not the aggregation type is the primary type |
|
Unit of the metric value |
resource_group_id is derived from the Azure resource group id with the
following syntax:
<subscription_id>/<resource_group_name>
Some Azure services include dimensions that Observability Cloud adds to MTS.
For example, the metrics from Azure Storage provider include the
dimensions apiname and geotype.
Azure integration resource metadata π
The Azure integration queries the Azure API to retrieve metadata for monitored resources. You can filter and group MTS by this metadata in charts and in the Infrastructure Navigator.
The Azure integration adds the metadata as custom properties of a specific Azure MTS dimension, as follows:
Metadata for services in a subscription is added as custom properties of the
subscription_iddimension. To learn more, see Subscription metadata.Metadata for services within a resource group is added as custom properties of the
resource_group_iddimension. To learn more, see Resource-group metadata.Metadata that are service-specific is added as properties of the
azure_resource_iddimension. To learn more, see Service-level metadata.Tags on all resources are added to the
azure_resource_iddimension. To learn more, see Azure tags for resource groups.
Subscription metadata π
The following table shows the metadata that the Azure integration syncs for services in a subscription:
Azure name |
Custom property |
Description |
|---|---|---|
|
|
The display name of the subscription. For example, |
|
|
State of the subscription. For example, |
Resource-group metadata π
The following table shows the metadata that the Azure integration syncs for services in a resource group:
Azure name |
Custom property |
Description |
|---|---|---|
|
|
Name of the resource group |
|
|
Provisioning state of the resource group. For example, |
|
|
Region to which the resource group belongs. For example, |
Tags |
|
All resource group wide tags |
Service-level metadata π
The following tables shows the metadata that the Azure integration syncs for individual services:
Autoscale settings
For autoscale settings, Observability Cloud syncs the following properties:
Azure name |
Custom property |
Description |
|---|---|---|
|
|
Indicates whether automatic scaling is enabled |
|
|
Resource identifier of the resource that the autoscale settings are added to |
|
|
Name of the region the resource is in. For example, |
|
|
State of the app. For example, |
Batch accounts
For batch accounts, Observability Cloud syncs the following properties:
Azure name |
Custom property |
Description |
|---|---|---|
|
|
Active job and job schedule quota for this batch account |
|
|
Core quota for the batch account |
|
|
Pool quota for the batch account |
|
|
Provisioning state of the batch account. For example, |
|
|
Name of the region the resource is in. For example, |
Function apps and web apps
For function apps and web apps, Observability Cloud syncs the following properties:
Azure name |
Custom property |
Description |
|---|---|---|
|
|
Availability state of the app. For example |
|
|
The type of resource. For example, |
|
|
Name of the function or app |
|
|
Name of the region the resource is in. For example, |
|
|
State of the app. For example, |
Redis caches
For Redis caches, Observability Cloud syncs the following properties:
Azure name |
Custom property |
Description |
|---|---|---|
|
|
Host name of the Redis cache |
|
|
Indicates whether or not the service is premium |
|
|
Indicates whether or not non-SSL port is enabled |
|
|
Port value for Redis cache. For example, |
|
|
Provisioning state of the Redis cache. For example, |
|
|
Version of Redis |
|
|
Name of the region the resource is in. For example, |
|
|
Number of shards |
|
|
SKU of the Redis cache. For example, |
|
|
SSL port value for Redis cache. For example, |
Storage accounts
For storage accounts, Observability Cloud syncs the following properties:
Azure name |
Custom property |
Description |
|---|---|---|
|
|
Time at which the account was created. For example, |
|
|
Kind of storage account. For example, |
|
|
Name of the region the resource is in. For example, |
|
|
SKU of the storage account. For example, |
Virtual machines
For virtual machines, Observability Cloud retrieves a subset of metadata about the instance, as well as custom metadata you specify for the instance.
Azure name |
Custom property |
Description |
|---|---|---|
|
|
Name of the virtual machine instance |
|
|
Offer of the image reference. For example, |
|
|
Publisher of the image reference. For example, |
|
|
SKU of the image reference. For example, |
|
|
Version of the image reference. For example, |
|
|
OS Disk caching type of the instance. For example, |
|
|
Type of OS on the virtual machine. For example, |
|
|
Disk size in GB |
|
|
Power state of the virtual machine. For example, |
|
|
Provisioning state of the virtual machine. For example, |
|
|
Name of the region the resource is in. For example, |
|
|
Information about the size of the virtual machine. For example, |
|
|
ID given to the virtual machine instance by Azure |
Virtual machine scale sets
For virtual machine scale sets, Observability Cloud syncs the following properties:
Azure name |
Custom property |
Description |
|---|---|---|
|
|
Number of instances in the scale set |
|
|
Computer name prefix of the instances in the scale set |
|
|
Offer of the image reference. For example, |
|
|
Publisher of the image reference. For example, |
|
|
SKU of the image reference. For example, |
|
|
Version of the image reference. For example, |
|
|
OS Disk caching type of the instance. For example, |
|
|
Indicates whether or not over provisioning is enabled |
|
|
ID of the primary network of the scale set |
|
|
Name of the region the resource is in. For example, |
|
|
Upgrade model of the scale set. For example, |
Virtual machines in scale sets
For virtual machines in scale sets, Observability Cloud syncs the following properties:
Azure name |
Custom property |
Description |
|---|---|---|
|
|
Offer of the image reference. For example, |
|
|
Publisher of the image reference. For example, |
|
|
SKU of the image reference. For example, |
|
|
Version of the image reference. For example, |
|
|
Instance ID of the VM in the Scaleset |
|
|
OS Disk caching type of the instance. For example, |
|
|
OS Disk name of the instance |
|
|
OS Disk size of the instance |
|
|
OS Type. For example, |
|
|
Power state of the instance. For example, |
|
|
Name of the region the resource is in. For example, |
|
|
Size of the instance. For example, |
|
|
SKU of the instance. For example, |