Azure Monitor | Custom Windows Logs Collection | Azure Monitor Agent

Подписаться 39 тыс.

Просмотров 3,7 тыс.

50% 1

Azure Monitor Playlist - • Microsoft Azure Log An...
What is Azure Monitor Agent?
What is Data Collection Rule?
Why you should Migrate to Azure Monitor Agent?
What are the benefits of using Azure Monitor Agent?
Deploy Azure Monitor Agent to Windows Servers.
Configure Advance Logging for Windows as a platform.
Microsoft Official documentation - learn.microsof...
Azure Arc-enabled servers network requirement - learn.microsof...
Azure Monitor agent network requirement - learn.microsof...
Azure Monitor Agent (AMA) collects monitoring data from the guest operating system of Azure and hybrid virtual machines and delivers it to Azure Monitor for use by features, insights, and other services, such as Microsoft Sentinel and Microsoft Defender for Cloud. Azure Monitor Agent replaces all of Azure Monitor's legacy monitoring agents. This article provides an overview of Azure Monitor Agent's capabilities and supported use cases.
#Azure #Microsoft #AzureMonitorAgent #LogAnalyticsAgent
azure monitor agent
azure monitor and log analytics
azure monitor application insights
azure monitor alerts
azure monitor dashboards
azure monitor workbooks
azure monitor workspace

Опубликовано:

9 окт 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 14

@SivakumarSabbana Месяц назад

Excellent, Thankyou so much. Can you please make a video on migrating from MMA to AMA.

@younesarab849 4 месяца назад

Thanks for explaining azure services, we want more about Azure major services

@PazGorbiz 2 дня назад

Excellent!

@pravinkalotara244 7 месяцев назад

Thank you for this amazing content! Do we have more video in pipeline for Agent upgrade from Legacy to AMA?

@RichardGailey 6 месяцев назад

Again, another highly detailed video. Many thanks for the effort you put in to these.

@nermeenalami7020 3 месяца назад

you are incredible! you always have the answer to everything

@ConceptsWork 3 месяца назад

Thank you so much.

@nermeenalami7020 3 месяца назад

@@ConceptsWorkI shared your channel with everyone! Your videos helped me complete an Azure Arc project despite having no prior knowledge. Any tips on monitoring the connection status of a network-mapped drive? also, Do you offer paid training?

@ConceptsWork 3 месяца назад

Thank you so much for kind acknowlegements. For network mapped device all you can do is monitoring logs with alert mechanism of log analytics workspace.

@nermeenalami7020 3 месяца назад

@@ConceptsWork thank you for your swift response! I would appriciate it if you could provide me more details :( I already emailed you if you have a minute to check it out :) thaaaaaank you

@mr.mallela5557 5 месяцев назад

what is diffrence between DCR created in Monitor vs Sentinel. when we create DCR through Sentinel its deffirent and not showing options like Basic or Custom. as shown in the Video after created DCR with DNS and Hello Buinness events how to get into the sentinel alerts.? Thank in Advance. Great detailed video btw. . Keep it up the amazing work. :)

@sandeepn5063 4 месяца назад

Hi Concepts Work, Do you provide online trainings on the below topics Sentinel administration (integration of different types of data connectors) MDE Defender for Cloud/CASB Logic Apps

@Mike-jo4cc 5 месяцев назад

Sorry @Concepts Work but you didnt show anything but texts. Show us the monitor blade in Azure Portal in the virtual machine overview window.. Do you see the monitor coverage enabled or disabled AFTER you enable Windows event logs in Data collection rules??? You CANNOT use the new Azure Monitor Windows agent when you enable Windows event logs in Data collection rules!

@ConceptsWork 5 месяцев назад

Hello Mike, it gives up immense pleasure when we see such deep insightful feedback on our videos. Thank you so much for giving us your time and watching our content. Let me help you understand couple of things. When you create DCR just to capture logs, which in our case windows performance and events, then the data ingestion happens to Events table in the log analytics workspace. However, when you talk about Monitoring coverage, there is a default DCR which is created and it has a different mapping altogether for data ingestion, in this scenario the data ingestion takes place in the table named as "InsightsMetrics". Similarly, when you create a DCR from sentinel console the data will be ingested to "SecurityEvents" table. The behavior of DCR and data ingestion is completely different for all the services. As the video suggests, advanced logging for windows, which means you are capturing data which is not related to performance. I hope this helps. However, there are still three videos pending, I will try to showcase this. Here are some references for data flow section for all the three scenarios. If you get some time, please watch our DCR structure video as well, which we will be releasing this weekend. Data flow for event table (DCR created directly) "dataFlows": [ { "streams": [ "Microsoft-Perf" ], "destinations": [ "la-257108454" ] }, { "streams": [ "Microsoft-Event" ], "destinations": [ "la-129300856" ] } ], Data flow for DCR created from Monitoring settings blade. "dataFlows": [ { "streams": [ "Microsoft-InsightsMetrics" ], "destinations": [ "VMInsightsPerf-Logs-Dest" ] } ] Data flow for DCR created from sentinel console. "dataFlows": [ { "streams": [ "Microsoft-SecurityEvent" ], "destinations": [ "DataCollectionEvent" ] } ], Thank you once again, for watching our content so closely, much appreciated.