Set up Azure Monitor logs for a cluster
Azure Monitor logs is our recommendation to monitor cluster level events. You can set up Log Analytics workspace through Azure Resource Manager, PowerShell, or Azure Marketplace. If you maintain an updated Resource Manager template of your deployment for future use, use the same template to set up your Azure Monitor logs environment. Deployment via Marketplace is easier if you already have a cluster deployed with diagnostics enabled. If you do not have subscription-level access in the account to which you are deploying to, deploy by using PowerShell or the Resource Manager template.
Note
To set up Azure Monitor logs to monitor your cluster, you need to have diagnostics enabled to view cluster-level or platform-level events. Refer to how to set up diagnostics in Windows clusters and how to set up diagnostics in Linux clusters for more
Note
This article was recently updated to use the term Azure Monitor logs instead of Log Analytics. Log data is still stored in a Log Analytics workspace and is still collected and analyzed by the same Log Analytics service. We are updating the terminology to better reflect the role of logs in Azure Monitor. See Azure Monitor terminology changes for details.
Note
We recommend that you use the Azure Az PowerShell module to interact with Azure. See Install Azure PowerShell to get started. To learn how to migrate to the Az PowerShell module, see Migrate Azure PowerShell from AzureRM to Az.
Deploy Azure Monitor logs with Azure Resource Manager
When you deploy a cluster by using a Resource Manager template, the template creates a new Log Analytics workspace, adds the Service Fabric solution to the workspace, and configures it to read data from the appropriate storage tables.
You can use and modify this sample template to meet your requirements. This template does the following
- Creates a 5 node Service Fabric cluster
- Creates a Log Analytics workspace and Service Fabric solution
- Configures the Log Analytics agent to collect and send 2 sample performance counters to the workspace
- Configures WAD to collect Service Fabric and sends them to Azure storage tables (WADServiceFabric*EventTable)
- Configures the Log Analytics workspace to read the events from these tables
[!NOTE] Templates you downloaded or referenced from the GitHub Repo "Azure-Sample" must be modified in order to fit in the Microsoft Azure operated by 21Vianet Environment. For example, replace some endpoints -- "blob.core.windows.net" by "blob.core.chinacloudapi.cn", "cloudapp.azure.com" by "cloudapp.chinacloudapi.cn"; change some unsupported Location, VM images, VM sizes, SKU and resource-provider's API Version when necessary.
In this article, change the following items before run the powershell command.
- Change the following properties of
computeLocationandomsRegionparameters.
- Update the property of
defaultValueaschinaeast2.- Update the properties of
allowedValuesas["chinaeast","chinaeast2","chinanorth","chinanorth2"]- Change all the endpoint suffixes from
windows.nettochinacloudapi.cn.
You can deploy the template as a Resource Manager upgrade to your cluster by using the New-AzResourceGroupDeployment API in the Azure PowerShell module. An example command would be:
New-AzResourceGroupDeployment -ResourceGroupName "<resourceGroupName>" -TemplateFile "<templatefile>.json"
Azure Resource Manager detects that this command is an update to an existing resource. It only processes the changes between the template driving the existing deployment and the new template provided.
Deploy Azure Monitor logs with Azure PowerShell
You can also deploy your log analytics resource via PowerShell by using the New-AzOperationalInsightsWorkspace command. To use this method, make sure you have installed Azure PowerShell. Use this script to create a new Log Analytics workspace and add the Service Fabric solution to it:
$SubID = "<subscription ID>"
$ResourceGroup = "<Resource group name>"
$Location = "<Resource group location>"
$WorkspaceName = "<Log Analytics workspace name>"
$solution = "ServiceFabric"
# Sign in to Azure and access the correct subscription
Connect-AzAccount -Environment AzureChinaCloud
Select-AzSubscription -SubscriptionId $SubID
# Create the resource group if needed
try {
Get-AzResourceGroup -Name $ResourceGroup -ErrorAction Stop
} catch {
New-AzResourceGroup -Name $ResourceGroup -Location $Location
}
New-AzOperationalInsightsWorkspace -Location $Location -Name $WorkspaceName -Sku Standard -ResourceGroupName $ResourceGroup
Set-AzOperationalInsightsIntelligencePack -ResourceGroupName $ResourceGroup -WorkspaceName $WorkspaceName -IntelligencePackName $solution -Enabled $true
When you're done, follow the steps in the preceding section to connect Azure Monitor logs to the appropriate storage account.
You can also add other solutions or make other modifications to your Log Analytics workspace by using PowerShell. To learn more, see Manage Azure Monitor logs using PowerShell.
Next steps
- Deploy the Log Analytics agent onto your nodes to gather performance counters and collect docker stats and logs for your containers
- Get familiarized with the log search and querying features offered as part of Azure Monitor logs
- Use View Designer to create custom views in Azure Monitor logs