No video
Azure Monitor | Custom Windows Logs Collection | Azure Monitor Agent
Рет қаралды 2,434
3 ай бұрынAzure Monitor Playlist - • Microsoft Azure Log An...
What is Azure Monitor Agent?
What is Data Collection Rule?
Why you should Migrate to Azure Monitor Agent?
What are the benefits of using Azure Monitor Agent?
Deploy Azure Monitor Agent to Windows Servers.
Configure Advance Logging for Windows as a platform.
Microsoft Official documentation - learn.microsoft.com/en-us/azu...
Azure Arc-enabled servers network requirement - learn.microsoft.com/en-us/azu...
Azure Monitor agent network requirement - learn.microsoft.com/en-us/azu...
Azure Monitor Agent (AMA) collects monitoring data from the guest operating system of Azure and hybrid virtual machines and delivers it to Azure Monitor for use by features, insights, and other services, such as Microsoft Sentinel and Microsoft Defender for Cloud. Azure Monitor Agent replaces all of Azure Monitor's legacy monitoring agents. This article provides an overview of Azure Monitor Agent's capabilities and supported use cases.
#Azure #Microsoft #AzureMonitorAgent #LogAnalyticsAgent
azure monitor agent
azure monitor and log analytics
azure monitor application insights
azure monitor alerts
azure monitor dashboards
azure monitor workbooks
azure monitor workspace
@younesarab849 Ай бұрын
Thanks for explaining azure services, we want more about Azure major services
@RichardGailey 4 ай бұрын
Again, another highly detailed video. Many thanks for the effort you put in to these.
@nermeenalami7020 Ай бұрын
you are incredible! you always have the answer to everything
@ConceptsWork Ай бұрын
Thank you so much.
@nermeenalami7020 Ай бұрын
@@ConceptsWorkI shared your channel with everyone! Your videos helped me complete an Azure Arc project despite having no prior knowledge. Any tips on monitoring the connection status of a network-mapped drive? also, Do you offer paid training?
@ConceptsWork Ай бұрын
Thank you so much for kind acknowlegements. For network mapped device all you can do is monitoring logs with alert mechanism of log analytics workspace.
@nermeenalami7020 Ай бұрын
@@ConceptsWork thank you for your swift response! I would appriciate it if you could provide me more details :( I already emailed you if you have a minute to check it out :) thaaaaaank you
@sandeepn5063 2 ай бұрын
Hi Concepts Work, Do you provide online trainings on the below topics Sentinel administration (integration of different types of data connectors) MDE Defender for Cloud/CASB Logic Apps
@pravinkalotara244 4 ай бұрын
Thank you for this amazing content! Do we have more video in pipeline for Agent upgrade from Legacy to AMA?
@mr.mallela5557 3 ай бұрын
what is diffrence between DCR created in Monitor vs Sentinel. when we create DCR through Sentinel its deffirent and not showing options like Basic or Custom. as shown in the Video after created DCR with DNS and Hello Buinness events how to get into the sentinel alerts.? Thank in Advance. Great detailed video btw. . Keep it up the amazing work. :)
@Mike-jo4cc 3 ай бұрын
Sorry @Concepts Work but you didnt show anything but texts. Show us the monitor blade in Azure Portal in the virtual machine overview window.. Do you see the monitor coverage enabled or disabled AFTER you enable Windows event logs in Data collection rules??? You CANNOT use the new Azure Monitor Windows agent when you enable Windows event logs in Data collection rules!
@ConceptsWork 3 ай бұрын
Hello Mike, it gives up immense pleasure when we see such deep insightful feedback on our videos. Thank you so much for giving us your time and watching our content. Let me help you understand couple of things. When you create DCR just to capture logs, which in our case windows performance and events, then the data ingestion happens to Events table in the log analytics workspace. However, when you talk about Monitoring coverage, there is a default DCR which is created and it has a different mapping altogether for data ingestion, in this scenario the data ingestion takes place in the table named as "InsightsMetrics". Similarly, when you create a DCR from sentinel console the data will be ingested to "SecurityEvents" table. The behavior of DCR and data ingestion is completely different for all the services. As the video suggests, advanced logging for windows, which means you are capturing data which is not related to performance. I hope this helps. However, there are still three videos pending, I will try to showcase this. Here are some references for data flow section for all the three scenarios. If you get some time, please watch our DCR structure video as well, which we will be releasing this weekend. Data flow for event table (DCR created directly) "dataFlows": [ { "streams": [ "Microsoft-Perf" ], "destinations": [ "la-257108454" ] }, { "streams": [ "Microsoft-Event" ], "destinations": [ "la-129300856" ] } ], Data flow for DCR created from Monitoring settings blade. "dataFlows": [ { "streams": [ "Microsoft-InsightsMetrics" ], "destinations": [ "VMInsightsPerf-Logs-Dest" ] } ] Data flow for DCR created from sentinel console. "dataFlows": [ { "streams": [ "Microsoft-SecurityEvent" ], "destinations": [ "DataCollectionEvent" ] } ], Thank you once again, for watching our content so closely, much appreciated.
Concepts Work
Рет қаралды 2,6 М.
Concepts Work
Рет қаралды 10 М.