用于 Azure Monitor 代理的资源管理器模板示例
本文包含用于在 Azure Monitor 中为虚拟机部署和配置 Azure Monitor 代理、旧版 Log Analytics 代理和诊断扩展的 Azure 资源管理器模板示例。 每个示例都包含模板文件和参数文件,其中包含要提供给模板的示例值。
注意
有关可用示例的列表以及在 Azure 订阅中部署这些示例的指南,请参阅 Azure Monitor 的 Azure 资源管理器示例。
Azure Monitor 代理
本部分中的示例将在 Windows 和 Linux 虚拟机以及已启用 Azure Arc 的服务器上安装 Azure Monitor 代理。
先决条件
若要使用以下模板,需要执行以下操作:
- 创建用户分配的托管标识,并分配用户分配的托管标识或启用系统分配的托管标识。 Azure Monitor 代理需要托管标识才能收集和发布数据。 由于用户分配的托管标识易于大规模管理,因此强烈建议使用用户分配的托管标识而不是系统分配的托管标识。
- 若要配置 Azure Monitor 代理的数据收集,还必须部署资源管理器模板数据收集规则和关联。
所需的权限
| 内置角色 | 范围 | 原因 |
|---|---|---|
|
部署代理扩展 | |
| 负责关于 Microsoft.Resources/deployments/ 操作的任何角色 |
|
部署 ARM 模板 |
Azure Windows 虚拟机
以下示例将在 Azure Windows 虚拟机上安装 Azure Monitor 代理。 根据所选的身份验证方法使用以下相应的模板。
用户分配的托管标识(推荐)
param vmName string
param location string
param userAssignedManagedIdentity string
resource windowsAgent 'Microsoft.Compute/virtualMachines/extensions@2021-11-01' = {
name: '${vmName}/AzureMonitorWindowsAgent'
location: location
properties: {
publisher: 'Microsoft.Azure.Monitor'
type: 'AzureMonitorWindowsAgent'
typeHandlerVersion: '1.0'
autoUpgradeMinorVersion: true
enableAutomaticUpgrade: true
settings: {
authentication: {
managedIdentity: {
'identifier-name': 'mi_res_id'
'identifier-value': userAssignedManagedIdentity
}
}
}
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"value": "my-windows-vm"
},
"location": {
"value": "chinanorth"
},
"userAssignedManagedIdentity": {
"value": "/subscriptions/<my-subscription-id>/resourceGroups/<my-resource-group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<my-user-assigned-identity>"
}
}
}
系统分配的托管标识
模板文件
param vmName string
param location string
resource windowsAgent 'Microsoft.Compute/virtualMachines/extensions@2021-11-01' = {
name: '${vmName}/AzureMonitorWindowsAgent'
location: location
properties: {
publisher: 'Microsoft.Azure.Monitor'
type: 'AzureMonitorWindowsAgent'
typeHandlerVersion: '1.0'
autoUpgradeMinorVersion: true
enableAutomaticUpgrade: true
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"value": "my-windows-vm"
},
"location": {
"value": "chinanorth"
}
}
}
Azure Linux 虚拟机
以下示例将在 Azure Linux 虚拟机上安装 Azure Monitor 代理。 根据所选的身份验证方法使用以下相应的模板。
用户分配的托管标识(推荐)
模板文件
param vmName string
param location string
param userAssignedManagedIdentity string
resource linuxAgent 'Microsoft.Compute/virtualMachines/extensions@2021-11-01' = {
name: '${vmName}/AzureMonitorLinuxAgent'
location: location
properties: {
publisher: 'Microsoft.Azure.Monitor'
type: 'AzureMonitorLinuxAgent'
typeHandlerVersion: '1.21'
autoUpgradeMinorVersion: true
enableAutomaticUpgrade: true
settings: {
authentication: {
managedIdentity: {
'identifier-name': 'mi_res_id'
'identifier-value': userAssignedManagedIdentity
}
}
}
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"value": "my-linux-vm"
},
"location": {
"value": "chinanorth"
},
"userAssignedManagedIdentity": {
"value": "/subscriptions/<my-subscription-id>/resourceGroups/<my-resource-group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<my-user-assigned-identity>"
}
}
}
系统分配的托管标识
模板文件
param vmName string
param location string
resource linuxAgent 'Microsoft.Compute/virtualMachines/extensions@2021-11-01' = {
name: '${vmName}/AzureMonitorLinuxAgent'
location: location
properties: {
publisher: 'Microsoft.Azure.Monitor'
type: 'AzureMonitorLinuxAgent'
typeHandlerVersion: '1.21'
autoUpgradeMinorVersion: true
enableAutomaticUpgrade: true
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"value": "my-linux-vm"
},
"location": {
"value": "chinanorth"
}
}
}
已启用 Azure Arc 的 Windows 服务器
以下示例将在已启用 Azure Arc 的 Windows 服务器上安装 Azure Monitor 代理。
模板文件
param vmName string
param location string
resource windowsAgent 'Microsoft.HybridCompute/machines/extensions@2021-12-10-preview' = {
name: '${vmName}/AzureMonitorWindowsAgent'
location: location
properties: {
publisher: 'Microsoft.Azure.Monitor'
type: 'AzureMonitorWindowsAgent'
autoUpgradeMinorVersion: true
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"value": "my-windows-vm"
},
"location": {
"value": "chinanorth"
}
}
}
已启用 Azure Arc 的 Linux 服务器
以下示例将在已启用 Azure Arc 的服务器上安装 Azure Monitor Linux 代理。
模板文件
param vmName string
param location string
resource linuxAgent 'Microsoft.HybridCompute/machines/extensions@2021-12-10-preview'= {
name: '${vmName}/AzureMonitorLinuxAgent'
location: location
properties: {
publisher: 'Microsoft.Azure.Monitor'
type: 'AzureMonitorLinuxAgent'
autoUpgradeMinorVersion: true
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"value": "my-linux-vm"
},
"location": {
"value": "chinanorth"
}
}
}
Log Analytics 代理
本部分中的示例在 Azure 中的 Windows 和 Linux 虚拟机上安装旧的 Log Analytics 代理,并将其连接到 Log Analytics 工作区。
Windows
以下示例将在 Azure 虚拟机上安装 Log Analytics 代理。 这可以通过启用适用于 Windows 的 Log Analytics 虚拟机扩展来完成。
模板文件
@description('Name of the virtual machine.')
param vmName string
@description('Location of the virtual machine')
param location string = resourceGroup().location
@description('Id of the workspace.')
param workspaceId string
@description('Primary or secondary workspace key.')
param workspaceKey string
resource vm 'Microsoft.Compute/virtualMachines@2021-11-01' = {
name: vmName
location: location
properties:{}
}
resource logAnalyticsAgent 'Microsoft.Compute/virtualMachines/extensions@2021-11-01' = {
parent: vm
name: 'Microsoft.Insights.LogAnalyticsAgent'
location: location
properties: {
publisher: 'Microsoft.EnterpriseCloud.Monitoring'
type: 'MicrosoftMonitoringAgent'
typeHandlerVersion: '1.0'
autoUpgradeMinorVersion: true
settings: {
workspaceId: workspaceId
}
protectedSettings: {
workspaceKey: workspaceKey
}
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"value": "my-windows-vm"
},
"location": {
"value": "chinanorth"
},
"workspaceId": {
"value": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
},
"workspaceKey": {
"value": "Tse-gj9CemT6A80urYa2hwtjvA5axv1xobXgKR17kbVdtacU6cEf+SNo2TdHGVKTsZHZd1W9QKRXfh+$fVY9dA=="
}
}
}
Linux
以下示例将在 Linux Azure 虚拟机上安装 Log Analytics 代理。 这可以通过启用适用于 Linux 的 Log Analytics 虚拟机扩展来完成。
模板文件
@description('Name of the virtual machine.')
param vmName string
@description('Location of the virtual machine')
param location string = resourceGroup().location
@description('Id of the workspace.')
param workspaceId string
@description('Primary or secondary workspace key.')
param workspaceKey string
resource vm 'Microsoft.Compute/virtualMachines@2021-11-01' = {
name: vmName
location: location
}
resource logAnalyticsAgent 'Microsoft.Compute/virtualMachines/extensions@2021-11-01' = {
parent: vm
name: 'Microsoft.Insights.LogAnalyticsAgent'
location: location
properties: {
publisher: 'Microsoft.EnterpriseCloud.Monitoring'
type: 'OmsAgentForLinux'
typeHandlerVersion: '1.7'
autoUpgradeMinorVersion: true
settings: {
workspaceId: workspaceId
}
protectedSettings: {
workspaceKey: workspaceKey
}
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"value": "my-linux-vm"
},
"location": {
"value": "chinanorth"
},
"workspaceId": {
"value": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
},
"workspaceKey": {
"value": "Tse-gj9CemT6A80urYa2hwtjvA5axv1xobXgKR17kbVdtacU6cEf+SNo2TdHGVKTsZHZd1W9QKRXfh+$fVY9dA=="
}
}
}
诊断扩展
本节中的示例在 Azure 中的 Windows 和 Linux 虚拟机上安装诊断扩展,并对其进行配置以实现数据收集。
Windows
以下示例将在 Azure 虚拟机上启用和配置诊断扩展。 有关该配置的详细信息,请参阅 Windows 诊断扩展架构。
模板文件
@description('Name of the virtual machine.')
param vmName string
@description('Location for the virtual machine.')
param location string = resourceGroup().location
@description('Name of the storage account.')
param storageAccountName string
@description('Resource ID of the storage account.')
param storageAccountId string
@description('Resource ID of the workspace.')
param workspaceResourceId string
resource vm 'Microsoft.Compute/virtualMachines@2021-11-01' = {
name: vmName
location: location
}
resource vmDiagnosticsSettings 'Microsoft.Compute/virtualMachines/extensions@2021-11-01' = {
parent: vm
name: 'Microsoft.Insights.VMDiagnosticsSettings'
location: location
properties: {
publisher: 'Microsoft.Azure.Diagnostics'
type: 'IaaSDiagnostics'
typeHandlerVersion: '1.5'
autoUpgradeMinorVersion: true
settings: {
WadCfg: {
DiagnosticMonitorConfiguration: {
overallQuotaInMB: 10000
DiagnosticInfrastructureLogs: {
scheduledTransferLogLevelFilter: 'Error'
}
PerformanceCounters: {
scheduledTransferPeriod: 'PT1M'
sinks: 'AzureMonitorSink'
PerformanceCounterConfiguration: [
{
counterSpecifier: '\\Processor(_Total)\\% Processor Time'
sampleRate: 'PT1M'
unit: 'percent'
}
]
}
WindowsEventLog: {
scheduledTransferPeriod: 'PT5M'
DataSource: [
{
name: 'System!*[System[Provider[@Name=\'Microsoft Antimalware\']]]'
}
{
name: 'System!*[System[Provider[@Name=\'NTFS\'] and (EventID=55)]]'
}
{
name: 'System!*[System[Provider[@Name=\'disk\'] and (EventID=7 or EventID=52 or EventID=55)]]'
}
]
}
}
SinksConfig: {
Sink: [
{
name: 'AzureMonitorSink'
AzureMonitor: {
ResourceId: workspaceResourceId
}
}
]
}
}
storageAccount: storageAccountName
}
protectedSettings: {
storageAccountName: storageAccountName
storageAccountKey: listkeys(storageAccountId, '2021-08-01').key1
storageAccountEndPoint: 'https://${environment().suffixes.storage}'
}
}
}
resource managedIdentity 'Microsoft.Compute/virtualMachines/extensions@2021-11-01' = {
parent: vm
name: 'ManagedIdentityExtensionForWindows'
location: location
properties: {
publisher: 'Microsoft.ManagedIdentity'
type: 'ManagedIdentityExtensionForWindows'
typeHandlerVersion: '1.0'
autoUpgradeMinorVersion: true
settings: {
port: 50342
}
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"value": "my-windows-vm"
},
"location": {
"value": "chinanorth"
},
"storageAccountName": {
"value": "mystorageaccount"
},
"storageAccountId": {
"value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/my-resource-group/providers/Microsoft.Storage/storageAccounts/my-windows-vm"
},
"workspaceResourceId": {
"value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/my-resource-group/providers/microsoft.operationalinsights/workspaces/my-workspace"
}
}
}
Linux
以下示例将在 Linux Azure 虚拟机上启用和配置诊断扩展。 有关该配置的详细信息,请参阅 Windows 诊断扩展架构。
模板文件
@description('Name of the virtual machine.')
param vmName string
@description('Resource ID of the virtual machine.')
param vmId string
@description('Location for the virtual machine.')
param location string = resourceGroup().location
@description('Name of the storage account.')
param storageAccountName string
@description('Resource ID of the storage account.')
param storageSasToken string
@description('URL of the event hub.')
param eventHubUrl string
resource vm 'Microsoft.Compute/virtualMachines@2021-11-01' = {
name: vmName
location: location
}
resource vmDiagnosticsSettings 'Microsoft.Compute/virtualMachines/extensions@2021-11-01' = {
parent: vm
name: 'Microsoft.Insights.VMDiagnosticsSettings'
location: location
properties: {
publisher: 'Microsoft.Azure.Diagnostics'
type: 'LinuxDiagnostic'
typeHandlerVersion: '3.0'
autoUpgradeMinorVersion: true
settings: {
StorageAccount: storageAccountName
ladCfg: {
sampleRateInSeconds: 15
diagnosticMonitorConfiguration: {
performanceCounters: {
sinks: 'MyMetricEventHub,MyJsonMetricsBlob'
performanceCounterConfiguration: [
{
unit: 'Percent'
type: 'builtin'
counter: 'PercentProcessorTime'
counterSpecifier: '/builtin/Processor/PercentProcessorTime'
annotation: [
{
locale: 'en-us'
displayName: 'Aggregate CPU %utilization'
}
]
condition: 'IsAggregate=TRUE'
class: 'Processor'
}
{
unit: 'Bytes'
type: 'builtin'
counter: 'UsedSpace'
counterSpecifier: '/builtin/FileSystem/UsedSpace'
annotation: [
{
locale: 'en-us'
displayName: 'Used disk space on /'
}
]
condition: 'Name="/"'
class: 'Filesystem'
}
]
}
metrics: {
metricAggregation: [
{
scheduledTransferPeriod: 'PT1H'
}
{
scheduledTransferPeriod: 'PT1M'
}
]
resourceId: vmId
}
eventVolume: 'Large'
syslogEvents: {
sinks: 'MySyslogJsonBlob,MyLoggingEventHub'
syslogEventConfiguration: {
LOG_USER: 'LOG_INFO'
}
}
}
}
perfCfg: [
{
query: 'SELECT PercentProcessorTime, PercentIdleTime FROM SCX_ProcessorStatisticalInformation WHERE Name=\'_TOTAL\''
table: 'LinuxCpu'
frequency: 60
sinks: 'MyLinuxCpuJsonBlob,MyLinuxCpuEventHub'
}
]
fileLogs: [
{
file: '/var/log/myladtestlog'
table: 'MyLadTestLog'
sinks: 'MyFilelogJsonBlob,MyLoggingEventHub'
}
]
}
protectedSettings: {
storageAccountName: 'yourdiagstgacct'
storageAccountSasToken: storageSasToken
sinksConfig: {
sink: [
{
name: 'MySyslogJsonBlob'
type: 'JsonBlob'
}
{
name: 'MyFilelogJsonBlob'
type: 'JsonBlob'
}
{
name: 'MyLinuxCpuJsonBlob'
type: 'JsonBlob'
}
{
name: 'MyJsonMetricsBlob'
type: 'JsonBlob'
}
{
name: 'MyLinuxCpuEventHub'
type: 'EventHub'
sasURL: eventHubUrl
}
{
name: 'MyMetricEventHub'
type: 'EventHub'
sasURL: eventHubUrl
}
{
name: 'MyLoggingEventHub'
type: 'EventHub'
sasURL: eventHubUrl
}
]
}
}
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmName": {
"value": "my-linux-vm"
},
"vmId": {
"value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/my-resource-group/providers/Microsoft.Compute/virtualMachines/my-linux-vm"
},
"location": {
"value": "chinanorth"
},
"storageAccountName": {
"value": "mystorageaccount"
},
"storageSasToken": {
"value": "?sv=2019-10-10&ss=bfqt&srt=sco&sp=rwdlacupx&se=2020-04-26T23:06:44Z&st=2020-04-26T15:06:44Z&spr=https&sig=1QpoTvrrEW6VN2taweUq1BsaGkhDMnFGTfWakucZl4%3D"
},
"eventHubUrl": {
"value": "https://my-eventhub-namespace.servicebus.chinacloudapi.cn/my-eventhub?sr=my-eventhub-namespace.servicebus.chinacloudapi.cn%2fmy-eventhub&sig=4VEGPTg8jxUAbTcyeF2kwOr8XZdfgTdMWEQWnVaMSqw=&skn=manage"
}
}
}
后续步骤
- 详细了解 Azure Monitor 代理
- 了解有关数据收集规则和关联的详细信息
- 获取数据收集规则和关联的示例模板
- 获取 Azure Monitor 的其他示例模板。
- 详细了解诊断扩展。