Azure Monitor Agent supported operating systems and environments

This article lists the operating systems that the Azure Monitor Agent supports. For installation information, see Install and manage the Azure Monitor Agent.

Note

All operating systems listed are assumed to be x64. x86 isn't supported for any operating system.

Windows operating systems

Operating system Support
Windows Server 2025
Windows Server 2022
Windows Server 2022 Core
Windows Server 2019
Windows Server 2019 Core
Windows Server 2016
Windows Server 2016 Core
Windows Server 2012 R2 with an ESU agreement
Windows 11 Client and Pro 1, 2
Windows 11 Enterprise
(including multi-session)
Windows 10 1803 (RS4) and later 1
Windows 10 Enterprise
(including multi-session) and Pro
(server scenarios only)
Azure Local
Windows IoT Enterprise

1 Requires the Azure Monitor Agent client installer for Windows client devices.
2 Also supported on ARM64-based machines.

Linux operating systems

Operating system Support 1
AlmaLinux 9
AlmaLinux 8 2
Amazon Linux 2
Amazon Linux 2023
Azure Linux 3.0 2
CBL-Mariner 2.0 2, 3
Debian 13
Debian 12
Debian 11 2
Debian 10
Debian 9
OpenSUSE 15
Oracle Linux 9
Oracle Linux 8
Oracle Linux 7
Red Hat Enterprise Linux Server 10
Red Hat Enterprise Linux Server 9+
Red Hat Enterprise Linux Server 8.6+ 2
Red Hat Enterprise Linux Server 8.0-8.5
Red Hat Enterprise Linux Server 7.9
Rocky Linux 9
Rocky Linux 8
SUSE Linux Enterprise Server 15 SP7 2
Ubuntu 24.04 LTS 2
Ubuntu 22.04 LTS 2
Ubuntu 20.04 LTS 2
Ubuntu 18.04 LTS 2
Ubuntu 16.04 LTS

1 Requires Python (3 or 2) to be installed on the machine. Requires packages which and initscripts.
2 Also supported on ARM64-based machines.
3 Doesn't include the required minimum 4 GB of disk space by default. See the following note.

Note

  • Machines and appliances that run heavily customized or stripped-down versions of the listed distributions and hosted solutions that disallow customization by the user aren't supported. Azure Monitor relies on various packages and other baseline functionality that these kinds of systems often remove. Installations might require some environment modifications that the appliance vendor normally disallows. For example, GitHub Enterprise Server isn't supported due to heavy customization and because of documented, license-level disallowance of operating system modification.
  • Disk size in Azure Linux (previously known as CBL-Mariner) is by default lower compared to other Azure VMs, which are about 30 GB. The Azure Monitor Agent requires at least a 4-GB disk size to install and run successfully. For more information and for instructions on how to increase disk size before you install the agent, see the Azure Linux documentation.

Hardening standards

The Azure Monitor Agent supports most industry-standard hardening standards. The product team continuously tests and certifies the agent against these standards for every release. The Azure Monitor Agent scenarios are explicitly designed for security.

Windows hardening

The Azure Monitor Agent supports all standard Windows hardening standards, including Security Technical Implementation Guides (STIGs) and Federal Information Processing Standards (FIPS). It's also Federal Risk and Authorization Management Program (FedRAMP) compliant under Azure Monitor.

Linux hardening

Note

Only the Azure Monitor Agent for Linux supports the hardening standards described in this section. The the Azure Diagnostics extension don't support these standards.

The Azure Monitor Agent for Linux supports various hardening standards for Linux operating systems and distributions. Each release of the agent is tested and certified against the supported hardening standards by using images that are publicly available in Azure Marketplace, including images published by Center for Internet Security (CIS). The agent supports only settings and hardening that apply to those images. It doesn't support CIS-published images that have more customizations or images customized with settings and hardening that differ from official CIS benchmarks.

Currently supported hardening standards:

  • SELinux
  • CIS level 1 and 21
  • STIG
  • FIPS
  • FedRAMP

1 Only the following distributions are supported:

CIS-hardened operating system Support
Debian 10
Oracle Linux 8
Ubuntu 18.04 LTS
Ubuntu 20.04 LTS
Red Hat Enterprise Linux Server 7
Red Hat Enterprise Linux Server 8
Red Hat Enterprise Linux Server 9

Important

Configuring your Linux machine system-wide crypto policy to "FUTURE" doesn't work with the Azure Monitor Agent. This policy disables certain cryptographic algorithms and prevents communication with back-end Azure Monitor services that use best-practice crypto policies. Specifically, the FUTURE policy disables some algorithms that use less than 3,072-bit keys, such as SHA-1, RSA, and Diffie-Hellman.

To identify the current policy setting mode, run the following update-crypto-policies command:

sudo update-crypto-policies --show

On-premises and in other clouds

You can use the Azure Monitor Agent on machines in other clouds and in on-premises environments by using Azure Arc-enabled servers. The Azure Monitor Agent authenticates to your workspace by using a managed identity. You create the managed identity when you install the Connected Machine agent, which is part of Azure Arc. The legacy Log Analytics agent authenticated by using the workspace ID and key, so it didn't need Azure Arc. Managed identity is a more secure and manageable authentication solution.

The Azure Arc agent is used only as an installation mechanism and doesn't add cost or resource consumption. Paid options for Azure Arc are available, but these options aren't required to use the Azure Monitor Agent.

Related content

  • Last updated on