教程:监视已发布的 APITutorial: Monitor published APIs

通过 Azure Monitor,可直观显示、查询、路由和存档来自 Azure API 管理服务的指标或日志并对其执行操作。With Azure Monitor, you can visualize, query, route, archive, and take actions on the metrics or logs coming from your Azure API Management service.

在本教程中,你将了解如何执行以下操作:In this tutorial, you learn how to:

  • 查看 API 的指标View metrics of your API
  • 设置警报规则Set up an alert rule
  • 查看活动日志View activity logs
  • 启用和查看资源日志Enable and view resource logs

你还可以使用 API 管理的内置分析来监视 API 的使用和性能。You can also use API Management's built-in analytics to monitor the usage and performance of your APIs.

先决条件Prerequisites

可用性Availability

重要

此功能在 API 管理的“高级”、“标准”、“基本”和“开发人员”层中可用。This feature is available in the Premium, Standard, Basic and Developer tiers of API Management.

查看 API 的指标View metrics of your APIs

API 管理每分钟发出一次指标,几乎可让你实时了解 API 的状态和运行状况。API Management emits metrics every minute, giving you near real-time visibility into the state and health of your APIs. 以下是两个最常用的指标。The following are the two most frequently used metrics. 有关所有可用指标的列表,请参阅支持的指标For a list of all available metrics, see supported metrics.

  • 容量 - 帮助做出有关升级/降级 APIM 服务的决策。Capacity - helps you make decisions about upgrading/downgrading your APIM services. 指标每分钟发出,在报告时反映网关容量。The metric is emitted per minute and reflects the gateway capacity at the time of reporting. 指标范围为 0-100,是根据 CPU 和内存利用率等网关资源计算的。The metric ranges from 0-100 calculated based on gateway resources such as CPU and memory utilization.
  • 请求 - 帮助分析通过 API 管理服务的 API 流量。Requests - helps you analyze API traffic going through your API Management services. 指标每分钟发出一次,并报告网关请求数,其维度包括响应代码、位置、主机名和错误。The metric is emitted per minute and reports the number of gateway requests with dimensions including response codes, location, hostname, and errors.

重要

以下指标已于 2019 年 5 月弃用,并将于 2023 年 8 月停用:网关请求总数、成功的网关请求数、未经授权的网关请求数、失败的网关请求数、其他网关请求数。The following metrics have been deprecated as of May 2019 and will be retired in August 2023: Total Gateway Requests, Successful Gateway Requests, Unauthorized Gateway Requests, Failed Gateway Requests, Other Gateway Requests. 请迁移到提供等效功能的请求指标。Please migrate to the Requests metric which provides equivalent functionality.

API 管理概述中“指标”的屏幕截图

访问指标:To access metrics:

  1. Azure 门户,导航到 API 管理实例。In the Azure portal, navigate to your API Management instance. 在“概述”页中,查看 API 的关键指标。On the Overview page, review key metrics for your APIs.

  2. 若要详细了解指标,请在靠近页面底部的菜单中选择“指标”。To investigate metrics in detail, select Metrics from the menu near the bottom of the page.

    “监视”菜单中“指标”项的屏幕截图

  3. 从下拉列表中选择所需的指标。From the drop-down, select metrics you are interested in. 例如,“请求”。For example, Requests.

  4. 该图显示 API 调用总数。The chart shows the total number of API calls.

  5. 可以使用 请求 指标的维度来筛选该图表。The chart can be filtered using the dimensions of the Requests metric. 例如,依次选择“添加筛选器”和“后端响应代码类别”,然后输入值 500 。For example, select Add filter, select Backend Response Code Category, enter 500 as the value. 现在,该图表显示了 API 后端中失败的请求数。Now the chart shows the number of requests that were failed in the API backend.

设置警报规则Set up an alert rule

可以基于指标和活动日志接收警报You can receive alerts based on metrics and activity logs. 通过 Azure Monitor 可配置警报,使警报触发时执行以下操作:Azure Monitor allows you to configure an alert to do the following when it triggers:

  • 发送电子邮件通知Send an email notification
  • 调用 WebhookCall a webhook
  • 调用 Azure 逻辑应用Invoke an Azure Logic App

若要基于请求指标配置示例警报规则,请执行以下操作:To configure an example alert rule based on a request metric:

  1. Azure 门户,导航到 API 管理实例。In the Azure portal, navigate to your API Management instance.

  2. 在靠近页面底部的菜单栏中选择“警报”。Select Alerts from the menu bar near the bottom of the page.

    “监视”菜单中“警报”选项的屏幕截图

  3. 选择“+ 新建警报规则”。Select + New alert rule.

  4. 在“创建警报规则”窗口中,选择“条件” 。In the Create alert rule window, Select condition.

  5. 在“配置信号逻辑”窗口中:In the Configure signal logic window:

    1. 在“信号类型”中,选择“指标” 。In Signal type, select Metrics.
    2. 在“信号名称”中,选择“请求” 。In Signal name, select Requests.
    3. 在“按维度拆分”的“维度名称”中,选择“网关响应代码类别” 。In Split by dimensions, in Dimension name, select Gateway Response Code Category.
    4. 在“维度值”中,选择“4xx”,表示“请求未经授权”或“请求无效”等客户端错误 。In Dimension values, select 4xx, for client errors such as unauthorized or invalid requests.
    5. 在“警报逻辑”中指定触发警报的阈值,然后选择“完成” 。In Alert logic, specify a threshold after which the alert should be triggered and select Done.

    “配置信号逻辑”窗口的屏幕截图

  6. 选择现有的操作组或创建新组。Select an existing action group or create a new one. 在以下示例中,将新建操作组。In the following example, a new action group is created. 通知电子邮件将发送到 admin@contoso.com。A notification email will be sent to admin@contoso.com.

    新操作组的通知的屏幕截图

  7. 输入警报规则的名称和说明,然后选择严重级别。Enter a name and description of the alert rule and select the severity level.

  8. 选择“创建警报规则”。Select Create alert rule.

  9. 现在,在没有 API 密钥的情况下调用会议 API 来测试警报规则。Now, test the alert rule by calling the Conference API without an API key. 例如:For example:

    curl GET https://apim-hello-world.azure-api.cn/conference/speakers HTTP/1.1 
    

    警报将基于评估时长触发,电子邮件将发送到 admin@contoso.com。An alert will be triggered based on the evaluation period, and email will be sent to admin@contoso.com.

    警报还会显示在 API 管理实例的“警报”页。Alerts also appear on the Alerts page for the API Management instance.

    门户中的警报的屏幕截图

活动日志Activity logs

活动日志提供有关对 API 管理服务执行的操作的见解。Activity logs provide insight into the operations that were performed on your API Management services. 通过活动日志,可确定对 API 管理服务执行的任何写入操作 (PUT、POST、DELETE) 的“操作内容、操作人员和操作时间”。Using activity logs, you can determine the "what, who, and when" for any write operations (PUT, POST, DELETE) taken on your API Management services.

备注

活动日志不包括读取 (GET) 操作或者通过 Azure 门户或原始管理 API 执行的操作。Activity logs do not include read (GET) operations or operations performed in the Azure portal or using the original Management APIs.

可在 API 管理服务中访问活动日志,或在 Azure Monitor 中访问所有 Azure 资源的日志。You can access activity logs in your API Management service, or access logs of all your Azure resources in Azure Monitor.

门户中活动日志的屏幕截图

若要查看活动日志,请执行以下操作:To view the activity log:

  1. Azure 门户,导航到 API 管理实例。In the Azure portal, navigate to your API Management instance.

  2. 选择“活动日志”。Select Activity log.

    “监视”菜单中“活动日志”项的屏幕截图

  3. 选择所需的筛选范围,然后选择“应用”。Select the desired filtering scope and then Apply.

资源日志Resource logs

资源日志提供了大量有关操作和错误的信息,这些信息对于审核和故障排除非常重要。Resource logs provide rich information about operations and errors that are important for auditing as well as troubleshooting purposes. 资源日志不同于活动日志。Resource logs differ from activity logs. 活动日志提供对在 Azure 资源上执行的操作的见解。The activity log provides insights into the operations that were performed on your Azure resources. 资源日志提供对资源执行的操作的见解。Resource logs provide insight into operations that your resource performed.

若要配置资源日志,请执行以下操作:To configure resource logs:

  1. Azure 门户,导航到 API 管理实例。In the Azure portal, navigate to your API Management instance.

  2. 选择“诊断设置”。Select Diagnostic settings.

    “监视”菜单中“诊断设置”项的屏幕截图

  3. 选择“+ 添加诊断设置”。 Select + Add diagnostic setting.

  4. 选择要收集的日志或指标。Select the logs or metrics that you want to collect.

    可以将资源日志与指标一起存档到存储帐户,将其流式传输到事件中心,或者将其发送到 Log Analytics 工作区。You can archive resource logs along with metrics to a storage account, stream them to an Event Hub, or send them to a Log Analytics workspace.

有关详细信息,请参阅创建诊断设置以将平台日志和指标发送到不同的目标For more information, see Create diagnostic settings to send platform logs and metrics to different destinations.

在 Azure Monitor 中查看诊断数据View diagnostic data in Azure Monitor

如果在 Log Analytics 工作区中启用 GatewayLogs 或指标的收集,则数据可能需要几分钟才能在 Azure Monitor 中显示。If you enable collection of GatewayLogs or metrics in a Log Analytics workspace, it can take a few minutes for data to appear in Azure Monitor. 若要查看数据,请执行以下操作:To view the data:

  1. Azure 门户,导航到 API 管理实例。In the Azure portal, navigate to your API Management instance.

  2. 在靠近页面底部的菜单中选择“日志”。Select Logs from the menu near the bottom of the page.

    “监视”菜单中“日志”项的屏幕截图

运行查询以查看数据。Run queries to view the data. 可以运行提供的多个示例查询,也可以运行自己的查询。Several sample queries are provided, or run your own. 例如,以下查询检索 GatewayLogs 表中最近 24 小时的数据:For example, the following query retrieves the most recent 24 hours of data from the GatewayLogs table:

ApiManagementGatewayLogs
| where TimeGenerated > ago(1d) 

有关使用资源日志进行 API 管理的详细信息,请参阅:For more information about using resource logs for API Management, see:

以下 JSON 表示 GatewayLogs 中成功的 API 请求的示例条目。The following JSON indicates a sample entry in GatewayLogs for a successful API request. 有关详细信息,请参阅架构参考For details, see the schema reference.

{
    "Level": 4,
    "isRequestSuccess": true,
    "time": "2020-10-14T17:xx:xx.xx",
    "operationName": "Microsoft.ApiManagement/GatewayLogs",
    "category": "GatewayLogs",
    "durationMs": 152,
    "callerIpAddress": "xx.xx.xxx.xx",
    "correlationId": "3f06647e-xxxx-xxxx-xxxx-530eb9f15261",
    "location": "China North",
    "properties": {
        "method": "GET",
        "url": "https://apim-hello-world.azure-api.cn/conference/speakers",
        "backendResponseCode": 200,
        "responseCode": 200,
        "responseSize": 41583,
        "cache": "none",
        "backendTime": 87,
        "requestSize": 526,
        "apiId": "demo-conference-api",
        "operationId": "GetSpeakers",
        "apimSubscriptionId": "master",
        "clientTime": 65,
        "clientProtocol": "HTTP/1.1",
        "backendProtocol": "HTTP/1.1",
        "apiRevision": "1",
        "clientTlsVersion": "1.2",
        "backendMethod": "GET",
        "backendUrl": "https://conferenceapi.chinacloudsites.cn/speakers"
    },
    "resourceId": "/SUBSCRIPTIONS/<subscription ID>/RESOURCEGROUPS/<resource group>/PROVIDERS/MICROSOFT.APIMANAGEMENT/SERVICE/APIM-HELLO-WORLD"
}

后续步骤Next steps

在本教程中,你了解了如何执行以下操作:In this tutorial, you learned how to:

  • 查看 API 的指标View metrics of your API
  • 设置警报规则Set up an alert rule
  • 查看活动日志View activity logs
  • 启用和查看资源日志Enable and view resource logs

转到下一教程:Advance to the next tutorial: