How to configure Azure Monitor for VMs on Azure Stack Hub
Azure Stack Hub has built-in Azure Monitor capabilities; however, they are limited. Therefore, if you are looking for a more feature rich solution, you should use public Azure Monitor.
You can find out more about Azure Stack Hub's built-in Azure Monitor capabilities in the following article Use Azure Monitor on Azure Stack Hub.
This article explain how to utilise public Azure Monitor with Azure Stack Hub instead of the built-in Azure Monitor.
Azure Monitor is the platform service that provides a single source for monitoring Azure resources. With Azure Monitor, you can visualise, query, route, archive and otherwise take action on the metrics and logs coming from resources in Azure.
In this article we'll enable the following solutions for Azure Stack Hub VMs:
To complete the steps in this article, you must have appropriate access to a subscription in the Azure and Azure Stack Hub portals.
Enabling Azure Monitor for VMs
Before proceeding, check here that your VMs' OS version is supported.
Creating the Log Analytics Workspace
Log in to the public Azure portal.
Create a Log Analytics Workspace in your Azure subscription:
Click Create a resource
In the search bar, search for
Click Log Analytics Workspace
Provide the following:
A Subscription to link the workspace to
A Resource group to host the workspace in
A unique Name for the Log Analytics Workspace
A Region to host the workspace in
Azure Monitor for VMs supports Log Analytics Workspace in the following regions.
Click Review + Create once finished, then click Create. The Log Analytics Workspace will now begin deploying. A notification will appear in the top right of the portal.
Once deployment is complete, navigate to the resource group you placed the Log Analytics Workspace in.
Click the newly created workspace.
On the new blade, under Settings, select Agents management.
Note down the Workspace ID and Primary Key values.
(Optional) Configure additional data sources
- Under Settings, select Agents configuration.
Windows event logs
Click Add windows event log
Select an event log from the dropdown and use the checkboxes to determine the severities that you want to collect for this log type.
If the log type you want to add does not appear in the list, you can add it by typing in the full name. You can find the full name of the log type in Event Viewer. Open the Properties page for the log type and copy the string from the Full Name field.
Repeat for each event log you require, then click Apply
Windows performance counters
Click Add performance counter
Select a counter from the dropdown. You can adjust the sample rate to increase or decrease the amount of data collected for this counter.
Repeat for each performance counter you require, then click Apply
Installing the extensions
Log in to the Azure Stack Hub portal.
Navigate to the VM that you want to enable Azure Monitor on and under Settings, select the Extensions blade.
For any monitoring to work correctly, the VM must have HTTPS (port 443) enabled in the Network Security Group rules.
Click Add at the top, select the extension Azure Monitor Dependency Agent, click Create and then OK.
Wait for the deployment to finish before continuing.
Click Add at the top, select the extension Azure Monitor, Update and Configuration Management and then click Create.
Provide the extension with the Workspace ID and Primary Key values (noted down previously), then click OK.
Configuring the Log Analytics Workspace
In public Azure, select Monitor from the favourites menu on the left.
In the new blade under Insights, click Virtual Machines.
You will see three usage analytics tabs (Get Started, Performance and Map) for the VMs you have enabled Azure Monitor for VMs on.
The Get Started tab does not show Azure Stack Hub VMs.
At the top, click the Performance tab, then on the right, move the switch from Azure to Hybrid:
A prompt will appear to upgrade the workspace, click Upgrade. In the new blade, click Upgrade again.
Upon refreshing the page, the prompt will disappear and the workspace will begin showing usage analytics for the VMs you've enabled Azure Monitor for VMs on.
It can take between 30 minutes and 6 hours for the dashboard to display updated data from Azure Monitor enabled VMs.
Executing Kusto Query Language (KQL) queries to retrieve data from the Log Analytics Workspace
For more information on using KQL queries, see Tutorial: Use Kusto queries.
Navigate to the Log Analytics Workspace you created.
Under General, click Logs.
Enter the KQL query in the New Query 1 tab, then click Run.
The below example will select data from the event log table
Event, filtering for events of type
Systemand containing the phrase
was unexpected, then sorted by the
TimeGeneratedfield in descending order.
If you find a problem with this article, click Improve this Doc to make the change yourself or raise an issue in GitHub. If you have an idea for how we could improve any of our services, send an email to email@example.com.