部署 Azure MonitorDeploy Azure Monitor

启用 Azure Monitor 来监视所有 Azure 资源时,既要配置 Azure Monitor 组件,也要配置 Azure 资源,这样才能生成供 Azure Monitor 收集的监视数据。Enabling Azure Monitor to monitor of all your Azure resources is a combination of configuring Azure Monitor components and configuring Azure resources to generate monitoring data for Azure Monitor to collect. 本文描述如何通过所需的不同步骤来完全实现使用常用配置的 Azure Monitor,以便监视 Azure 订阅中的所有资源。This article describes the different steps required for a complete implementation of Azure Monitor using a common configuration to monitor all of the resources in your Azure subscription. 本文为每个步骤提供了基本说明,其中包含介绍详细配置要求的其他文档的链接。Basic descriptions for each step are provided with links to other documentation for detailed configuration requirements.

重要

Azure Monitor 的功能及其配置各不相同,具体取决于你的业务要求与所启用功能的成本,二者必须平衡。The features of Azure Monitor and their configuration will vary depending on your business requirements balanced with the cost of the enabled features. 下面的每个步骤都会说明是否存在潜在成本,你应该在继续执行该步骤之前评估这些成本。Each step below will identify whether there is potential cost, and you should assess these costs before proceeding with that step. 请参阅 Azure Monitor 定价,了解完整的定价详情。See Azure Monitor pricing for complete pricing details.

配置目标Configuration goals

完全实现 Azure Monitor 的目标是收集所有云资源和应用程序的所有可用数据,并根据该数据在 Azure Monitor 中启用尽可能多的功能。The goal of a complete implementation of Azure Monitor is to collect all available data from all of your cloud resources and applications and enable as many features in Azure Monitor as possible based on that data.

Azure Monitor 收集的数据会发送到 Azure Monitor 指标Azure Monitor 日志Data collected by Azure Monitor is sent to either Azure Monitor Metrics or Azure Monitor Logs. 每个指标/日志存储不同类型的数据,并启用不同类型的分析和警报。Each stores different kinds of data and enables different kinds of analysis and alerting. 请参阅比较 Azure Monitor 指标和日志,了解这二者的比较情况;另请参阅 Azure 中警报的概述,了解不同警报类型的说明。See Compare Azure Monitor Metrics and Logs for a comparison of the two and Overview of alerts in Azure for a description of different alert types.

某些数据可以同时发送到指标和日志,以便通过不同的功能来利用该数据。Some data can be sent to both Metrics and Logs in order to leverage it using different features. 在这些情况下,可能需要单独进行配置。In these cases, you may need to configure each separately. 例如,Azure 资源会自动将指标数据发送到指标,该数据支持指标资源管理器和指标警报。For example, metric data is automatically sent by Azure resources to Metrics, which supports metrics explorer and metric alerts. 你必须为每个资源创建诊断设置,以便将该指标数据发送到日志,这样就可以使用 Log Analytics 分析其他日志数据的性能趋势。You have to create a diagnostic setting for each resource to send that same metric data to Logs, which allows you to analyze performance trends with other log data using Log Analytics. 以下部分标识了数据发送到的位置,并提供了将数据发送到所有可能的位置所需的每个步骤。The sections below identify where data is sent and includes each step required to send data to all possible locations.

你可能有其他要求,例如监视 Azure 之外的资源,以及在 Azure Monitor 之外发送数据。You may have additional requirements such as monitoring resources outside of Azure and sending data outside of Azure Monitor. 对本文所述的功能进行其他配置即可实现此类要求。Requirements such as these can be achieved with additional configuration of the features described in this article. 如需其他配置选项,请访问每个步骤中的文档链接。Follow the links to documentation in each step for additional configuration options.

收集来自 Azure 资源的数据Collect data from Azure resources

备注

有关使用 Azure Monitor 监视虚拟机的完整指南,请参阅使用 Azure Monitor 监视 Azure 资源See Monitoring Azure resources with Azure Monitor for a complete guide on monitoring virtual machines with Azure Monitor.

对 Azure 资源进行的某些监视是自动提供的,无需进行配置;但若要收集其他监视数据,则必须执行配置步骤。Some monitoring of Azure resources is available automatically with no configuration required, while you must perform configuration steps to collect additional monitoring data. 下表说明了从 Azure 资源收集所有可用数据所需的配置步骤,包括通过哪个步骤将数据发送到 Azure Monitor 指标和 Azure Monitor 日志。The following table illustrates the configuration steps required to collect all available data from your Azure resources, including at which step data is sent to Azure Monitor Metrics and Azure Monitor Logs. 以下部分更深入地详述了每个步骤。The sections below describe each step in further detail.

部署 Azure 资源监视 Deploy Azure resource monitoring

无配置No configuration

在创建 Azure 订阅时,无需进行任何配置即可启用 Azure Monitor 的以下功能。The following features of Azure Monitor are enabled with no configuration required when you create an Azure subscription. 此监视功能不会产生相关的费用。There is no cost associated with this monitoring.

Azure Active Directory 日志 - 提供登录活动的租户级历史记录,以及在 Azure Active Directory 中所做更改的审核日志。Azure Active Directory logs - Provides tenant-level history of sign-in activity and audit trail of changes made in Azure Active Directory. 请参阅 Azure Active Directory 门户中的审核活动报表Azure Active Directory 门户中的登录活动报表,详细了解 Azure Active Directory 日志以及在 Azure 门户中查看它们的方法。See Audit activity reports in the Azure Active Directory portal and Sign-in activity reports in the Azure Active Directory portal for details of the Azure Active Directory logs and how to view them in the Azure portal.

Azure 日志 - 方便用户深入了解管理组以及 Azure 中发生的订阅级别事件。Activity log - Provides insight into management group and subscription-level events that have occurred in Azure. 当你创建新的 Azure 资源、修改资源或执行重要活动时,事件会自动写入活动日志。Events are automatically written to the Activity log when you create a new Azure resource, modify a resource, or perform a significant activity. 你可以在 Azure 门户中查看事件,并创建在发生特定事件时会触发的活动日志警报。You can view events in the Azure portal and create Activity log alerts when particular events are created. 若要详细了解活动日志以及在 Azure 门户查看活动日志的方法,请参阅 Azure 活动日志See Azure Activity log for details of the Activity log and how to view it in the Azure portal.

平台指标 - 从 Azure 服务自动收集到 Azure Monitor 指标中。Platform metrics - Collected automatically from Azure services into Azure Monitor Metrics. 此数据通常显示在 Azure 门户中针对不同服务的“概览”页上。This data is often presented on the Overview page in the Azure portal for different services. 请参阅 Azure 指标资源管理器入门,详细了解如何在 Azure 门户中分析平台指标。See Getting started with Azure Metrics Explorer for details on analyzing platform metrics in the Azure portal.

创建 Log Analytics 工作区Create Log Analytics workspace

你需要至少一个 Log Analytics 工作区来启用 Azure Monitor 日志,这样才能收集各种数据,例如来自 Azure 资源的日志、来自 Azure 虚拟机的来宾操作系统的数据,以及用于获取大多数 Azure Monitor 见解的数据。You require at least one Log Analytics workspace to enable Azure Monitor Logs, which is required for collecting such data as logs from Azure resources, collecting data from the guest operating system of Azure virtual machines, and for most Azure Monitor insights. 其他服务(如 Azure Sentinel 和 Azure 安全中心)也使用 Log Analytics 工作区,该工作区可以与用于 Azure Monitor 的工作区相同。Other services such as Azure Sentinel and Azure Security Center also use a Log Analytics workspace and can share the same one that you use for Azure Monitor. 一开始可以使用单个工作区来支持此监视,但若要了解何时使用多个工作区,请参阅设计 Azure Monitor 日志部署You can start with a single workspace to support this monitoring, but see Designing your Azure Monitor Logs deployment for guidance on when to use multiple workspaces.

创建 Log Analytics 工作区不会产生任何费用,但在配置要收集到其中的数据后,可能会产生费用。There is no cost for creating a Log Analytics workspace, but there is a potential charge once you configure data to be collected into it. 有关详细信息,请参阅使用 Azure Monitor 日志管理使用情况和成本See Manage usage and costs with Azure Monitor Logs for details.

请参阅在 Azure 门户中创建 Log Analytics 工作区,了解如何创建初始 Log Analytics 工作区。See Create a Log Analytics workspace in the Azure portal to create an initial Log Analytics workspace. 请参阅管理对 Azure Monitor 中的日志数据和工作区的访问,了解如何配置访问权限。See Manage access to log data and workspaces in Azure Monitor to configure access.

创建诊断设置以收集租户和订阅日志Create diagnostic setting to collect tenant and subscription logs

虽然针对租户的 Azure Active Directory 日志和针对订阅的活动日志是自动收集的,但将其发送到 Log Analytics 工作区可让你使用 Log Analytics 中的日志查询将这些事件和其他日志数据一起进行分析。While the Azure Active Directory logs for your tenant and the Activity log for your subscription are collected automatically, sending them to a Log Analytics workspace enables you to analyze these events with other log data using log queries in Log Analytics. 这样,你还可以创建日志查询警报,这是对 Azure Active Directory 日志发出警报并提供比活动日志警报更复杂的逻辑的唯一方式。This also allows you to create log query alerts which is the only way to alert on Azure Active Directory logs and provide more complex logic than Activity log alerts.

没有将活动日志发送到工作区的费用,但有针对 Azure Active Directory 日志的数据引入和保留费用。There's no cost for sending the Activity log to a workspace, but there is a data ingestion and retention charge for Azure Active Directory logs.

若要为租户和订阅创建诊断设置来将日志项发送到 Log Analytics 工作区,请参阅集成 Azure AD 日志与 Azure Monitor 日志创建诊断设置以将平台日志和指标发送到不同目标See Integrate Azure AD logs with Azure Monitor logs and Create diagnostic settings to send platform logs and metrics to different destinations to create a diagnostic setting for your tenant and subscription to send log entries to your Log Analytics workspace.

创建诊断设置以收集资源日志和平台指标Create diagnostic setting to collect resource logs and platform metrics

Azure 中的资源会自动生成资源日志,这些日志提供资源中执行的操作的详细信息。Resources in Azure automatically generate resource logs that provide details of operations performed within the resource. 但与平台指标不同的是,你需要配置要收集的资源日志。Unlike platform metrics though, you need to configure resource logs to be collected. 请创建诊断设置以将其发送到 Log Analytics 工作区,以便将其与 Azure Monitor 日志所使用的其他数据组合在一起。Create a diagnostic setting to send them to a Log Analytics workspace to combine them with the other data used with Azure Monitor Logs. 同一诊断设置还可用于将大多数资源的平台指标发送到同一工作区,这样你就可以使用日志查询和其他收集的数据来分析指标数据。The same diagnostic setting can be used to also send the platform metrics for most resources to the same workspace, which allows you to analyze metric data using log queries with other collected data.

该收集操作需付费,因此请在对大量资源进行实施之前参阅 Azure Monitor 定价There is a cost for this collection so refer to Azure Monitor pricing before implementing across a significant number of resources. 另请参阅使用 Azure Monitor 日志管理使用情况和成本,详细了解如何优化日志收集成本。Also see Manage usage and costs with Azure Monitor Logs for details on optimizing the cost of your log collection.

请参阅创建诊断设置以收集 Azure 中的资源日志和指标,了解如何创建 Azure 资源的诊断设置。See Create diagnostic setting to collect resource logs and metrics in Azure to create a diagnostic setting for an Azure resource. 由于需要为每个 Azure 资源创建诊断设置,因此请参阅大规模部署 Azure Monitor,详细了解如何使用 Azure Policy 在每次创建 Azure 资源时自动创建设置。Since a diagnostic setting needs to be created for each Azure resource, see Deploy Azure Monitor at scale for details on using Azure policy to have settings automatically created each time an Azure resource is created.

启用见解和解决方案Enable insights and solutions

见解和解决方案为特定服务或解决方案提供专用监视。Insights and solutions provide specialized monitoring for a particular service or solution. 见解使用较新的 Azure Monitor 功能(例如工作簿),因此,如果见解适用于服务,则应使用见解。Insights use more recent features of Azure Monitor such as workbooks, so you should use an insight if it's available for your service. 它们在每个 Azure 订阅中自动提供,但可能需要某些配置才能完全发挥作用。They are automatically available in every Azure subscription but may require some configuration for full functionality. 它们通常会使用之前配置的平台指标和资源日志,并可收集其他数据。They will typically use platform metrics and resources logs that you previously configured and could collect additional data.

解决方案必须添加到每个订阅,必须以独占方式处理 Azure Monitor 日志中的数据,可以收集额外的日志数据。Solutions must be added to each subscription and work exclusively with data from Azure Monitor Logs and may collect additional log data.

解决方案或见解不收费,但其收集的数据可能收费。There is no cost for solutions or insights, but you may be charged for any data they collect.

请参阅 Azure Monitor 监视哪些内容?,获取 Azure Monitor 中提供的见解和解决方案的列表。See What is monitored by Azure Monitor? for a list of available insights and solutions in Azure Monitor. 请参阅每个见解和解决方案的相关文档,了解独特的配置或定价信息。See the documentation for each for any unique configuration or pricing information.

监视应用程序Monitor applications

Azure Monitor 使用 Application Insights 来监视自定义应用程序,你必须为要监视的每个应用程序配置 Application Insights。Azure Monitor monitors your custom applications using Application Insights, which you must configure for each application you want to monitor. 配置过程因所监视的应用程序的类型和要执行的监视类型而异。The configuration process will vary depending on the type of application being monitored and the type of monitoring that you want to perform. Application Insights 收集的数据存储在 Azure Monitor 指标、Azure Monitor 日志和 Azure blob 存储中,具体取决于功能。Data collected by Application Insights is stored in Azure Monitor Metrics, Azure Monitor Logs, and Azure blob storage, depending on the feature. 性能数据同时存储在 Azure Monitor 指标和 Azure Monitor 日志中,无需其他配置。Performance data is stored in both Azure Monitor Metrics and Azure Monitor Logs with no additional configuration required.

创建应用程序资源Create an application resource

必须在 Application Insights 中为要监视的每个应用程序创建一个资源。You must create a resource in Application Insights for each application that you're going to monitor. Application Insights 收集的日志数据存储在基于工作区的应用程序的 Azure Monitor 日志中。Log data collected by Application Insights is stored in Azure Monitor Logs for a workspace-based application. 经典应用程序日志数据的存储与 Log Analytics 工作区是分开的,如数据结构中所述。Log data for classic applications is stored separate from your Log Analytics workspace as described in Data structure.

创建应用程序时,必须选择是使用经典应用程序还是基于工作区的应用程序。When you create the application, you must select whether to use classic or workspace-based. 请参阅创建 Application Insights 资源,以创建经典应用程序。See Create an Application Insights resource to create a classic application. 请参阅基于工作区的 Application Insights 资源(预览版),以创建基于工作区的应用程序。See Workspace-based Application Insights resources (preview) to create a workspace-based application.

配置无代码监视或基于代码的监视Configure codeless or code-based monitoring

若要为应用程序启用监视功能,你必须决定是使用无代码监视还是基于代码的监视。To enable monitoring for an application, you must decide whether you will use codeless or code-based monitoring. 配置过程取决于此决定以及要监视的应用程序的类型。The configuration process will vary depending on this decision and the type of application you're going to monitor.

无代码监视 最容易实现,可在代码开发后进行配置。Codeless monitoring is easiest to implement and can be configured after your code development. 它不要求对代码进行更新。It doesn't require any updates to your code. 请参阅以下资源,详细了解如何根据应用程序来启用监视。See the following resources for details on enabling monitoring depending on the your application.

基于代码的监视 可以更好地进行自定义,并且可以收集其他遥测数据,但需要在 Application Insights SDK NuGet 包上向代码添加依赖项。Code-based monitoring is more customizable and collects additional telemetry, but it requires adding a dependency to your code on the Application Insights SDK NuGet packages. 请参阅以下资源,详细了解如何根据应用程序来启用监视。See the following resources for details on enabling monitoring depending on your application.

配置可用性测试Configure availability testing

Application Insights 中的可用性测试是重复测试,可以在全球各地定期监视应用程序的可用性和响应能力。Availability tests in Application Insights are recurring tests that monitor the availability and responsiveness of your application at regular intervals from points around the world. 可以免费创建一项简单的 ping 测试,也可以创建一个 Web 请求序列来模拟具有关联成本的用户交易。You can create a simple ping test for free or create a sequence of web requests to simulate user transactions which has associated cost.

请参阅监视任意网站的可用性以获取不同类型测试的摘要,并详细了解如何创建它们。See Monitor the availability of any website for summary of the different kinds of test and details on creating them.

配置探查器Configure Profiler

Application Insights 中的探查器针对 .NET 应用程序提供性能跟踪。Profiler in Application Insights provides performance traces for .NET applications. 它有助于识别在处理特定 Web 请求时花费时间最长的“热”代码路径。It helps you identify the "hot" code path that takes the longest time when it's handling a particular web request. 配置探查器的过程因应用程序类型而异。The process for configuring the profiler varies depending on the type of application.

请参阅使用 Application Insights 探查 Azure 中的生产应用程序,详细了解如何配置探查器。See Profile production applications in Azure with Application Insights for details on configuring Profiler.

配置 Snapshot DebuggerConfigure Snapshot Debugger

Application Insights 中的 Snapshot Debugger 可以监视来自 .NET 应用程序的异常遥测数据,并收集常出现的异常的快照,为诊断生产中的问题提供所需信息。Snapshot Debugger in Application Insights monitors exception telemetry from your .NET application and collects snapshots on your top-throwing exceptions so that you have the information you need to diagnose issues in production. 配置 Snapshot Debugger 的过程因应用程序类型而异。The process for configuring Snapshot Debugger varies depending on the type of application.

请参阅 .NET 应用中发生异常时的调试快照,详细了解如何配置 Snapshot Debugger。See Debug snapshots on exceptions in .NET apps for details on configuring Snapshot Debugger.

可视化数据Visualize data

见解和解决方案会包括其自己的工作簿和视图,用于分析其数据。Insights and solutions will include their own workbooks and views for analyzing their data. 除此之外,你还可以创建自己的可视化效果,其中包括用于 Azure Monitor 数据和仪表板的工作簿,以将 Azure Monitor 数据与 Azure 中其他服务的数据合并在一起。In addition to these, you can create your own visualizations including workbooks for Azure Monitor data and dashboards to combine Azure Monitor data with data from other services in Azure.

创建工作簿Create workbooks

Azure Monitor 中的工作簿用于在 Azure 门户中创建丰富的视觉对象报表。Workbooks in Azure Monitor allow you to create rich visual reports in the Azure portal. 可以组合使用 Azure Monitor 指标和 Azure Monitor 日志中的不同数据集,以创建统一的交互式体验。You can combine different sets of data from Azure Monitor Metrics and Azure Monitor Logs to create unified interactive experiences. 可以在 Azure Monitor 菜单的“工作簿”选项卡中访问工作簿库。You can access a gallery of workbooks in the Workbooks tab of the Azure Monitor menu.

请参阅 Azure Monitor 工作簿,详细了解如何创建自定义工作簿。See Azure Monitor Workbooks for details on creating custom workbooks.

创建仪表板Create dashboards

Azure 仪表板是适用于 Azure 的主要仪表板技术,允许将 Azure Monitor 数据与其他服务的数据结合使用,以便在 Azure 基础结构上提供单个窗格。Azure dashboards are the primary dashboarding technology for Azure and allow you to combine Azure Monitor data with data from other services to provide a single pane of glass over your Azure infrastructure. 请参阅创建和共享 Log Analytics 数据的仪表板,详细了解如何创建包含 Azure Monitor 日志数据的仪表板See Create and share dashboards of Log Analytics data for details on creating a dashboard that includes data from Azure Monitor Logs.

请参阅使用 Azure Application Insights 创建自定义 KPI 仪表板,详细了解如何创建包含 Application Insights 数据的仪表板。See Create custom KPI dashboards using Azure Application Insights for details on creating a dashboard that includes data from Application Insights.

警报Alerts

Azure Monitor 中的警报会主动通知你在监视数据中发现的重要数据或模式。Alerts in Azure Monitor proactively notify you of important data or patterns identified in your monitoring data. 某些见解会在没有配置的情况下生成警报。Some insights will generate alerts without configuration. 对于其他情况,你需要创建警报规则,其中包括要分析的数据、关于何时生成警报的条件,以及操作组(用于定义生成警报时要执行的操作)。For other scenarios, you need to create alert rules that include the data to analyze and the criteria for when to generate an alert, and action groups which define the action to take when an alert is generated.

创建操作组Create action groups

操作组是警报规则所使用的一系列通知首选项,用来确定触发警报时要执行的操作。Action groups are a collection of notification preferences used by alert rules to determine the action to perform when an alert is triggered. 操作示例包括发送邮件或短信、调用 Webhook 或将数据发送到 ITSM 工具。Examples of actions include sending a mail or text, calling a webhook, or send data to an ITSM tool. 一个警报规则至少需要一个操作组,而一个操作组则可由多个警报规则使用。Each alert rule requires at least one action group, and a single action group can be used by multiple alert rules.

请参阅在 Azure 门户中创建和管理操作组,详细了解创建操作组的方法以及操作组可以包含的不同操作的说明。See Create and manage action groups in the Azure portal for details on creating an action group and a description of the different actions it can include.

创建警报规则Create alert rules

有多种类型的警报规则由其使用的数据类型定义。There are multiple types of alert rules defined by the type of data that they use. 每种都有不同的功能和不同的成本。Each has different capabilities, and a different cost. 应遵循的基本策略是使用能够提供所需逻辑但成本最低的警报规则类型。The basic strategy you should follow is to use the alert rule type with the lowest cost that provides the logic that you require.

后续步骤Next steps