Collection and analysis of logs for beginners
No matter how obvious it may seem, the question of how to organize monitoring of IT infrastructure and logs arises quite often. Therefore, we asked one of our partners to share their experiences and tell us about Log Analytics. I give the word to the author.
In this article we will talk about Log Analytics Azure . This is a well-known solution for analyzing logs and monitoring infrastructure from Microsoft. Such a kind of cloud analogue of System Center Operations Manager. Contrary to the tradition of many vendors to call services by tricky names, Microsoft has distinguished itself and gave the product a quite simple and understandable name, agree.
This service is available in two versions: paid and free. Without payment, we are offered to analyze no more than 500 MB of logs per day and store no more than 7 days, and the paid version removes these restrictions and charges 143 rubles per month for each gigabyte of logs.
')
The service is located in the cloud, so it does not require anything from the consumer in terms of installing and configuring the server part.
Let's briefly analyze what this service can do. First of all, we need an account in Microsoft Azure . Further, in the Azure Marketplace, we can easily find this service in the section Monitoring + Management .
Let's create, see how it works and what it can do.
We can connect Windows, Linux machines, Azure resources (for granted), System Center and Windows telemetry to monitoring. In general, everything is simple, we put the agents on the machines and enjoy.
We can take data from Windows and Linux logs and counters, IIS, Syslog, create custom logs and more. In general, everything is still beautiful, we go further.
We can create computer groups, import from Active Directory, WSUS and System Center Configuration Manager.
We can set up alerts for receiving reports and notifications about problems in the infrastructure or for automation. Convenient, simple and tasteful.
If you open a gallery of ready-made solutions, you can evaluate the capabilities of analytics. Briefly a list of the main services with which the log analyst can work:
It's funny that when identifying events that require attention or error messages, we can open the troubleshooting tips section. Peculiar support service "in your pocket."
In addition to all the above, Microsoft has pleased us with mobile applications for working with this service for iOS, Android and Windows Mobile. They simply are in the markets for the request "Microsoft oms".
In our opinion, the functionality is quite wide, applicable and in demand in almost any company, ranging from small businesses to large holdings. Of course, large enterprises already have certain monitoring systems, but sometimes not all of them have similar functionality, and some of them are accessible only within the corporate network.
For an IT specialist, it has always been important enough to be always up to date with events, know what is happening on the servers and receive timely notifications and reports. Since the service consolidates data from all connected machines, conveniently configuring and displaying dashboards, we see a complete picture of the operation of our infrastructure.
The solution can be adapted to the tasks of a specific employee, displaying information on the panel on his specialization and area of responsibility. Small companies can be enough and free subscription. If we overcome the limit of 500 MB, then 143 rubles per month for a gigabyte of logs are small expenses, even for small businesses.
Roman Gayan - a specialist in cloud technology, the company ALAN. The last few years devoted to working with cloud services Office 365 and Microsoft Azure. He took part in projects of cloud solutions for companies in such industries as manufacturing, energy, construction, retail, finance and others. Now actively developing various projects based on cloud technologies.
We will be glad to questions on the topic in the comments, also if you want to talk with Roman personally, he will hold a webinar on April 12 .
We remind you that you can try Microsoft Azure for free here .
In this article we will talk about Log Analytics Azure . This is a well-known solution for analyzing logs and monitoring infrastructure from Microsoft. Such a kind of cloud analogue of System Center Operations Manager. Contrary to the tradition of many vendors to call services by tricky names, Microsoft has distinguished itself and gave the product a quite simple and understandable name, agree.
This service is available in two versions: paid and free. Without payment, we are offered to analyze no more than 500 MB of logs per day and store no more than 7 days, and the paid version removes these restrictions and charges 143 rubles per month for each gigabyte of logs.
')
The service is located in the cloud, so it does not require anything from the consumer in terms of installing and configuring the server part.
Let's briefly analyze what this service can do. First of all, we need an account in Microsoft Azure . Further, in the Azure Marketplace, we can easily find this service in the section Monitoring + Management .
Let's create, see how it works and what it can do.
We can connect Windows, Linux machines, Azure resources (for granted), System Center and Windows telemetry to monitoring. In general, everything is simple, we put the agents on the machines and enjoy.
We can take data from Windows and Linux logs and counters, IIS, Syslog, create custom logs and more. In general, everything is still beautiful, we go further.
We can create computer groups, import from Active Directory, WSUS and System Center Configuration Manager.
We can set up alerts for receiving reports and notifications about problems in the infrastructure or for automation. Convenient, simple and tasteful.
If you open a gallery of ready-made solutions, you can evaluate the capabilities of analytics. Briefly a list of the main services with which the log analyst can work:
- Azure resources, by itself :), there are many, we will not list everything
- Office 365
- Active Directory
- Agent status
- Network performance
- SQL Server
- Audit and Security Logs
- Antivirus status
- Monitoring configuration changes (by the way, a very useful thing when a couple of dozens of administrators frantically try to remember and understand because of a specific change in the parameters or configuration any service stopped working)
- Hyper-V and VMware monitoring
- Monitoring updates, telemetry, integration with System Center and more ...
It's funny that when identifying events that require attention or error messages, we can open the troubleshooting tips section. Peculiar support service "in your pocket."
In addition to all the above, Microsoft has pleased us with mobile applications for working with this service for iOS, Android and Windows Mobile. They simply are in the markets for the request "Microsoft oms".
In our opinion, the functionality is quite wide, applicable and in demand in almost any company, ranging from small businesses to large holdings. Of course, large enterprises already have certain monitoring systems, but sometimes not all of them have similar functionality, and some of them are accessible only within the corporate network.
For an IT specialist, it has always been important enough to be always up to date with events, know what is happening on the servers and receive timely notifications and reports. Since the service consolidates data from all connected machines, conveniently configuring and displaying dashboards, we see a complete picture of the operation of our infrastructure.
The solution can be adapted to the tasks of a specific employee, displaying information on the panel on his specialization and area of responsibility. Small companies can be enough and free subscription. If we overcome the limit of 500 MB, then 143 rubles per month for a gigabyte of logs are small expenses, even for small businesses.
The author of the material
Roman Gayan - a specialist in cloud technology, the company ALAN. The last few years devoted to working with cloud services Office 365 and Microsoft Azure. He took part in projects of cloud solutions for companies in such industries as manufacturing, energy, construction, retail, finance and others. Now actively developing various projects based on cloud technologies.We will be glad to questions on the topic in the comments, also if you want to talk with Roman personally, he will hold a webinar on April 12 .
We remind you that you can try Microsoft Azure for free here .
Source: https://habr.com/ru/post/325910/
All Articles