Monitoring Azure Virtual WAN
When you have critical applications and business processes relying on Azure resources, you want to monitor those resources for their availability and performance.
This article describes the monitoring data generated by Azure Virtual WAN. Virtual WAN uses Azure Monitor. If you're unfamiliar with the features of Azure Monitor common to all Azure services that use it, read Monitoring Azure resources with Azure Monitor.
Prerequisites
You have a virtual WAN deployed and configured. For help with deploying a virtual WAN:
- Creating a site-to-site connection
- Creating a User VPN (point-to-site) connection
- Creating an ExpressRoute connection
- Installing Azure Firewall in a Virtual hub
Analyzing metrics
Metrics in Azure Monitor are numerical values that describe some aspect of a system at a particular time. Metrics are collected every minute, and are useful for alerting because they can be sampled frequently. An alert can be fired quickly with relatively simple logic.
For a list of the platform metrics collected for Virtual WAN, see Monitoring Virtual WAN data reference metrics.
View metrics for Virtual WAN
The following steps help you locate and view metrics:
In the portal, navigate to the virtual hub.
Select VPN (Site to site) to locate a site-to-site gateway, ExpressRoute to locate an ExpressRoute gateway, or User VPN (Point to site) to locate a point-to-site gateway.
Select Metrics.
On the Metrics page, you can view the metrics that you're interested in.
To see metrics for the virtual hub router, you can select Metrics from the virtual hub Overview page.
Analyzing logs
Data in Azure Monitor Logs is stored in tables where each table has its own set of unique properties. Resource Logs aren't collected and stored until you create a diagnostic setting and route them to one or more locations.
For a list of supported logs in Virtual WAN, see Monitoring Virtual WAN data reference logs. All resource logs in Azure Monitor have the same fields followed by service-specific fields. The common schema is outlined in Azure Monitor resource log schema.
Create diagnostic setting to view logs
The following steps help you create, edit, and view diagnostic settings:
In the portal, navigate to your Virtual WAN resource, then select Hubs in the Connectivity group.
Under the Connectivity group on the left, select the gateway for which you want to examine diagnostics:
On the right part of the page, click on the View in Azure Monitor link to the right of Logs.
In this page, you can create a new diagnostic setting (+Add diagnostic setting) or edit an existing one (Edit setting). You can choose to send the diagnostic logs to Log Analytics (as shown in the following example), stream to an event hub, send to a 3rd-party solution, or archive to a storage account.
After clicking Save, you should start seeing logs appear in this log analytics workspace within a few hours.
To monitor a secured hub (with Azure Firewall), then diagnostics and logging configuration must be done from accessing the Diagnostic Setting tab:
Important
Enabling these settings requires additional Azure services (storage account, event hub, or Log Analytics), which may increase your cost. To calculate an estimated cost, visit the Azure pricing calculator.
Alerts
Azure Monitor alerts proactively notify you when important conditions are found in your monitoring data. They allow you to identify and address issues in your system before your customers notice them. You can set alerts on metrics, logs, and the activity log. Different types of alerts have benefits and drawbacks.
To see a list of monitoring best practices when configuring alerts, see Monitoring - best practices.
Virtual WAN Insights
Some services in Azure have a special focused prebuilt monitoring dashboard in the Azure portal that provides a starting point for monitoring your service. These special dashboards are called "Insights".
Virtual WAN uses Network Insights to provide users and operators with the ability to view the state and status of a virtual WAN, presented via an autodiscovered topological map. Resource state and status overlays on the map give you a snapshot view of the overall health of the virtual WAN. You can navigate resources on the map via one-click access to the resource configuration pages of the Virtual WAN portal. For more information, see Azure Monitor Network Insights for Virtual WAN.
Next steps
- See Monitoring Virtual WAN - Data reference for a data reference of the metrics, logs, and other important values created by Virtual WAN.
- See Monitoring Azure resources with Azure Monitor for details on monitoring Azure resources.
- See Getting started with Azure Metrics Explorer for additional details on Azure Monitor Metrics.
- See All resource metrics supported in Azure Monitor for a list of all supported metrics.
- See Create diagnostic settings in Azure Monitor for more information and troubleshooting for creating diagnostic settings via Azure portal, CLI, PowerShell, etc.