Azure Monitor 常见问题解答Azure Monitor Frequently Asked Questions

本常见问题解答列出了有关 Azure Monitor 的常见问题。This FAQ is a list of commonly asked questions about Azure Monitor. 如果有任何其他问题,请转到论坛并发布问题。If you have any additional questions, go to the discussion forum and post your questions. 当某个问题经常被问到时,我们会将该问题添加到本文中,以便可以轻松快捷地找到该问题。When a question is frequently asked, we add it to this article so that it can be found quickly and easily.

常规General

说明是 Azure Monitor?What is Azure Monitor?

Azure Monitor 是 Azure 中的一项服务,可通过它监视 Azure、其他云环境或本地中应用程序和服务的性能和可用性。Azure Monitor is a service in Azure that provides performance and availability monitoring for applications and services in Azure, other cloud environments, or on-premises. Azure Monitor 将多个源中的数据收集到一个公共数据平台,你可在这里分析趋势和异常。Azure Monitor collects data from multiple sources into a common data platform where it can be analyzed for trends and anomalies. Azure Monitor 中的丰富功能可帮助你快速确定和应对可能会影响你的应用程序的关键情况。Rich features in Azure Monitor assist you in quickly identifying and responding to critical situations that may affect your application.

Azure Monitor、Log Analytics 和 Application Insights 之间有何区别?What's the difference between Azure Monitor, Log Analytics, and Application Insights?

2018 年 9 月,Microsoft 将 Azure Monitor、Log Analytics 和 Application Insights 合并到单个服务中,以便对应用程序及其依赖的组件提供强大的端到端监视功能。In September 2018, Microsoft combined Azure Monitor, Log Analytics, and Application Insights into a single service to provide powerful end-to-end monitoring of your applications and the components they rely on. Log Analytics 和 Application Insights 中的功能保持不变,但一些功能已更名为 Azure Monitor,目的是更好地反映其新范围。Features in Log Analytics and Application Insights have not changed, although some features have been rebranded to Azure Monitor in order to better reflect their new scope. Log Analytics 的日志数据引擎和查询语言现在称为 Azure Monitor 日志。The log data engine and query language of Log Analytics is now referred to as Azure Monitor Logs. 请参阅 Azure Monitor 术语更新See Azure Monitor terminology updates.

Azure Monitor 的费用是多少?What does Azure Monitor cost?

自动启用的 Azure Monitor 功能(如收集指标和活动日志)免费提供。Features of Azure Monitor that are automatically enabled such as collection of metrics and activity logs are provided at no cost. 存在与其他功能(例如日志查询和警报)相关的费用。There is a cost associated with other features such as log queries and alerting. 有关详细定价信息,请参阅 Azure Monitor 定价页See the Azure Monitor pricing page for detailed pricing information.

如何启用 Azure Monitor?How do I enable Azure Monitor?

在你创建新的 Azure 订阅时就会启用 Azure Monitor,并自动收集活动日志和平台指标Azure Monitor is enabled the moment that you create a new Azure subscription, and Activity log and platform metrics are automatically collected. 创建诊断设置可收集有关 Azure 资源操作的更多详细信息,添加监视解决方案见解可为特定服务收集的收集数据提供额外的分析。Create diagnostic settings to collect more detailed information about the operation of your Azure resources, and add monitoring solutions and insights to provide additional analysis on collected data for particular services.

如何访问 Azure Monitor?How do I access Azure Monitor?

可通过 Azure 门户中的“监视”菜单访问各项 Azure Monitor 功能和数据。Access all Azure Monitor features and data from the Monitor menu in the Azure portal. 通过不同 Azure 服务的菜单的“监视”部分,可访问相同的工具,其中数据经过筛选,指向特定的资源。The Monitoring section of the menu for different Azure services provides access to the same tools with data filtered to a particular resource. 也可通过 CLI、PowerShell 和 REST API 针对各种场景来访问 Azure Monitor 数据。Azure Monitor data is also accessible for a variety of scenarios using CLI, PowerShell, and a REST API.

Azure Monitor 是否有本地版本?Is there an on-premises version of Azure Monitor?

否。No. Azure Monitor 是一种用于处理和存储大量数据的可缩放式云服务,但它可监视本地和其他云中的资源。Azure Monitor is a scalable cloud service that processes and stores large amounts of data, although Azure Monitor can monitor resources that are on-premises and in other clouds.

Azure Monitor 能否监视本地资源?Can Azure Monitor monitor on-premises resources?

可以,除了从 Azure 资源收集监视数据以外,Azure Monitor 还可从其他云和本地的虚拟机和应用程序中收集数据。Yes, in addition to collecting monitoring data from Azure resources, Azure Monitor can collect data from virtual machines and applications in other clouds and on-premises. 请参阅 Azure Monitor 的监视数据源See Sources of monitoring data for Azure Monitor.

Azure Monitor 使用哪些 IP 地址?What IP addresses does Azure Monitor use?

有关代理和其他外部资源访问 Azure Monitor 所需的 IP 地址和端口的列表,请参阅 Application Insights 和 Log Analytics 使用的 IP 地址See IP addresses used by Application Insights and Log Analytics for a listing of the IP addresses and ports required for agents and other external resources to access Azure Monitor.

监视数据Monitoring data

Azure Monitor 从何处获取数据?Where does Azure Monitor get its data?

Azure Monitor 从各种源(包括来自 Azure 平台的日志和指标,自定义应用程序和在虚拟机上运行的代理)收集数据。Azure Monitor collects data from a variety of sources including logs and metrics from Azure platform and resources, custom applications, and agents running on virtual machines. 其他服务(例如 Azure 安全中心和网络观察程序)会将数据收集到 Log Analytics 工作区中,以便能够使用 Azure Monitor 数据进行分析。Other services such as Azure Security Center and Network Watcher collect data into a Log Analytics workspace so it can be analyzed with Azure Monitor data. 你也可使用日志或指标的 REST API 将自定义数据发送到 Azure Monitor。You can also send custom data to Azure Monitor using the REST API for logs or metrics. 请参阅 Azure Monitor 的监视数据源See Sources of monitoring data for Azure Monitor.

Azure Monitor 会收集哪些数据?What data is collected by Azure Monitor?

Azure Monitor 将来自各种来源的数据收集到日志指标中。Azure Monitor collects data from a variety of sources into logs or metrics. 每种数据类型都有自身的相对优点,每种数据都支持 Azure Monitor 中的一组特定功能。Each type of data has its own relative advantages, and each supports a particular set of features in Azure Monitor. 每个 Azure 订阅都有一个指标数据库,可根据需要创建多个 Log Analytics 工作区来收集日志。There is a single metrics database for each Azure subscription, while you can create multiple Log Analytics workspaces to collect logs depending on your requirements. 请参阅 Azure Monitor 数据平台See Azure Monitor data platform.

可在 Azure Monitor 中收集的数据量是否有上限?Is there a maximum amount of data that I can collect in Azure Monitor?

可收集的指标数据量没有限制,但数据的存储时间最长为 93 天。There is no limit to the amount of metric data you can collect, but this data is stored for a maximum of 93 days. 请参阅指标保留期See Retention of Metrics. 可收集的日志数据量没有限制,但可能受到你为 Log Analytics 工作区选择的定价层的影响。There is no limit on the amount of log data that you can collect, but it may be affected by the pricing tier you choose for the Log Analytics workspace. 请参阅定价详细信息See pricing details.

如何访问 Azure Monitor 收集的数据?How do I access data collected by Azure Monitor?

见解和解决方案提供了自定义体验,你可以多种方式使用在 Azure Monitor 中存储的数据。Insights and solutions provide a custom experience for working with data stored in Azure Monitor. 你可通过以 Kusto 查询语言 (KQL) 编写的日志查询直接使用日志数据。You can work directly with log data using a log query written in Kusto Query Language (KQL). 在 Azure 门户中,你可编写和运行查询,并使用 Log Analytics 以交互方式分析数据。In the Azure portal, you can write and run queries and interactively analyze data using Log Analytics. 可使用指标资源管理器分析 Azure 门户中的指标。Analyze metrics in the Azure portal with the Metrics Explorer. 请参阅在 Azure Monitor 中分析日志数据Azure 指标资源管理器入门See Analyze log data in Azure Monitor and Getting started with Azure Metrics Explorer.

解决方案和见解Solutions and insights

Azure Monitor 中的见解是指什么?What is an insight in Azure Monitor?

见解为特定 Azure 服务提供自定义监视体验。Insights provide a customized monitoring experience for particular Azure services. 它们与 Azure Monitor 中的其他功能使用相同的指标和日志,但可能会收集额外的数据,并在 Azure 门户中提供独一无二的体验。They use the same metrics and logs as other features in Azure Monitor but may collect additional data and provide a unique experience in the Azure portal. 请参阅 Azure Monitor 中的见解See Insights in Azure Monitor.

要查看 Azure 门户中的见解,请参阅“监视”菜单的“见解”部分或服务菜单的“监视”部分 。To view insights in the Azure portal, see the Insights section of the Monitor menu or the Monitoring section of the service's menu.

Azure Monitor 中的解决方案是什么?What is a solution in Azure Monitor?

监视解决方案是一组打包的逻辑,用于根据 Azure Monitor 功能监视特定的应用程序或服务。Monitoring solutions are packaged sets of logic for monitoring a particular application or service based on Azure Monitor features. 它们在 Azure Monitor 中收集日志数据,并使用 Azure 门户中的常见体验为其分析提供日志查询和视图。They collect log data in Azure Monitor and provide log queries and views for their analysis using a common experience in the Azure portal. 请参阅 Azure Monitor 中的监视解决方案See Monitoring solutions in Azure Monitor.

要查看 Azure 门户中的解决方案,请单击“监视”菜单的“见解”部分中的“更多” 。To view solutions in the Azure portal, click More in the Insights section of the Monitor menu. 单击“添加”,将其他解决方案添加到工作区。Click Add to add additional solutions to the workspace.

日志Logs

Azure Monitor 日志与 Azure 数据资源管理器之间有何区别?What's the difference between Azure Monitor Logs and Azure Data Explorer?

Azure 数据资源管理器是一项快速且高度可缩放的数据探索服务,适用于日志和遥测数据。Azure Data Explorer is a fast and highly scalable data exploration service for log and telemetry data. Azure Monitor 日志是基于 Azure 数据资源管理器构建的,使用相同的 Kusto 查询语言 (KQL),但有一些细微差别。Azure Monitor Logs is built on top of Azure Data Explorer and uses the same Kusto Query Language (KQL) with some minor differences. 请参阅 Azure Monitor 日志查询语言差异See Azure Monitor log query language differences.

如何检索日志数据?How do I retrieve log data?

可使用以 Kusto 查询语言 (KQL) 编写的日志查询从 Log Analytics 工作区检索所有数据。All data is retrieved from a Log Analytics workspace using a log query written using Kusto Query Language (KQL). 你可编写自己的查询,也可使用包含特定应用程序或服务的日志查询的解决方案和见解。You can write your own queries or use solutions and insights that include log queries for a particular application or service. 请参阅 Azure Monitor 中的日志查询概述See Overview of log queries in Azure Monitor.

能否从 Log Analytics 工作区中删除数据?Can I delete data from a Log Analytics workspace?

系统会根据数据的保留期从工作区中删除数据。Data is removed from a workspace according to its retention period. 出于隐私或合规性原因,你可以删除特定数据。You can delete specific data for privacy or compliance reasons. 有关详细信息,请参阅如何导出和删除私人数据See How to export and delete private data for more information.

什么是 Log Analytics 工作区?What is a Log Analytics workspace?

Azure Monitor 收集的所有日志数据都存储在 Log Analytics 工作区中。All log data collected by Azure Monitor is stored in a Log Analytics workspace. 工作区实质上是从各种来源收集日志数据的容器。A workspace is essentially a container where log data is collected from a variety of sources. 可为所有监视数据使用一个 Log Analytics 工作区,也可要求使用多个工作区。You may have a single Log Analytics workspace for all your monitoring data or may have requirements for multiple workspaces. 请参阅设计 Azure Monitor 日志部署See Designing your Azure Monitor Logs deployment.

能否将现有 Log Analytics 工作区移动到另一个 Azure 订阅?Can you move an existing Log Analytics workspace to another Azure subscription?

你可以在资源组或订阅之间移动工作区,但不能移动到其他区域。You can move a workspace between resource groups or subscriptions but not to a different region. 请参阅将 Log Analytics 工作区移动到其他订阅或资源组See Move a Log Analytics workspace to different subscription or resource group.

为什么在 Log Analytics 中看不到“查询资源管理器”按钮和“保存”按钮?Why can't I see Query Explorer and Save buttons in Log Analytics?

查询范围设置为特定资源时,“查询资源管理器”、“保存”和“新建警报规则”按钮不可用 。Query Explorer, Save and New alert rule buttons are not available when the query scope is set to a specific resource. 若要创建警报并保存或加载查询,Log Analytics 的范围必须设为某个工作区。To create alerts, save or load a query, Log Analytics must be scoped to a workspace. 若要在工作区上下文中打开 Log Analytics,请选择“Azure Monitor”菜单中的“日志” 。To open Log Analytics in workspace context, select Logs from the Azure Monitor menu. 选择的是上次使用的工作区,但可以选择任何其他的工作区。The last used workspace is selected, but you can select any other workspace. 请参阅 Azure Monitor Log Analytics 中的日志查询范围和时间范围See Log query scope and time range in Azure Monitor Log Analytics

从 VM 打开 Log Analytics 时,为什么收到“要使此订阅启用此查询,需注册 Microsoft.Insights”错误?Why am I getting the error: "Register resource provider 'Microsoft.Insights' for this subscription to enable this query" when opening Log Analytics from a VM?

将自动注册多个资源提供程序,但某些资源提供程序可能需要你手动注册。Many resource providers are automatically registered, but you may need to manually register some resource providers. 注册的作用域始终是订阅。The scope for registration is always the subscription. 有关详细信息,请参阅资源提供程序和类型See Resource providers and types for more information.

从 VM 打开 Log Analytics 时,为何出现无访问权限错误消息?Why am I getting no access error message when opening Log Analytics from a VM?

若要查看 VM 日志,需获得存储 VM 日志的工作区的读取权限。To view VM Logs, you need to be granted with read permission to the workspaces that stores the VM logs. 在这些示例中,管理员必须在 Azure 中为你授予相关权限。In these cases, your administrator must grant you with to permissions in Azure.

指标Metrics

指标资源管理器中为什么没有显示 Azure 虚拟机的来宾操作系统中的指标?Why are metrics from the guest OS of my Azure virtual machine not showing up in Metrics explorer?

Azure 资源的平台指标是自动收集的。Platform metrics are collected automatically for Azure resources. 但是,你必须执行某些配置才能从虚拟机的来宾操作系统收集指标。You must perform some configuration though to collect metrics from the guest OS of a virtual machine. 对于 Windows VM,请按照安装并配置 Azure 诊断扩展 (WAD)中所述,安装诊断扩展并配置 Azure Monitor 接收器。For a Windows VM, install the diagnostic extension and configure the Azure Monitor sink as described in Install and configure Azure diagnostics extension (WAD).

警报Alerts

Azure Monitor 中的警报是指什么?What is an alert in Azure Monitor?

在监视数据中发现重要情况时,警报会以主动的方式通知你。Alerts proactively notify you when important conditions are found in your monitoring data. 有了警报,你就可以在系统的用户注意到问题之前确定和解决这些问题。They allow you to identify and address issues before the users of your system notice them. 有多种类型的警报:There are multiple kinds of alerts:

  • 指标 - 指标值超过阈值。Metric - Metric value exceeds a threshold.
  • 日志查询 - 日志查询的结果与定义的条件匹配。Log query - Results of a log query match defined criteria.
  • 活动日志 - 活动日志事件与定义的条件匹配。Activity log - Activity log event matches defined criteria.
  • Web 测试 - 可用性测试的结果与定义的条件相匹配。Web test - Results of availability test match defined criteria.

请查看 Azure 中的警报概述See Overview of alerts in Azure.

什么是操作组?What is an action group?

操作组是可以由警报触发的通知和操作的集合。An action group is a collection of notifications and actions that can be triggered by an alert. 多个警报可使用一个操作组,这样你就能够使用一组常见的通知和操作。Multiple alerts can use a single action group allowing you to leverage common sets of notifications and actions. 请参阅在 Azure 门户中创建和管理器操作组See Create and manage action groups in the Azure portal.

什么是操作规则?What is an action rule?

通过操作规则,可修改匹配特定条件的一组警报的行为。An action rule allows you to modify the behavior of a set of alerts that match a certain criteria. 这样,你便可以在维护时段履行禁用警报操作之类的要求。This allows you to perform such requirements as disable alert actions during a maintenance window. 你还可将操作组应用于一组警报,而不是将其直接应用于警报规则。You can also apply an action group to a set of alerts rather than applying them directly to the alert rules. 请参阅操作规则See Action rules.

代理Agents

Azure Monitor 需要代理吗?Does Azure Monitor require an agent?

只在从虚拟机中的操作系统和工作负载收集数据时,才需要代理。An agent is only required to collect data from the operating system and workloads in virtual machines. 虚拟机可位于 Azure、其他云环境或本地。The virtual machines can be located in Azure, another cloud environment, or on-premises. 请参阅 Azure Monitor 代理的概述See Overview of the Azure Monitor agents.

Azure Monitor 代理之间有何区别?What's the difference between the Azure Monitor agents?

Azure 诊断扩展适用于 Azure 虚拟机,它将数据收集到 Azure Monitor 指标、Azure 存储和 Azure 事件中心。Azure Diagnostic extension is for Azure virtual machines and collects data to Azure Monitor Metrics, Azure Storage, and Azure Event Hubs. Log Analytics 代理适用于 Azure 中的虚拟机、其他云环境或本地,它将数据收集到 Azure Monitor 日志。The Log Analytics agent is for virtual machines in Azure, another cloud environment, or on-premises and collects data to Azure Monitor Logs. 依赖项代理需要 Log Analytics 代理,还需要所收集的进程详细信息和依赖项。The Dependency agent requires the Log Analytics agent and collected process details and dependencies. 请参阅 Azure Monitor 代理的概述See Overview of the Azure Monitor agents.

代理流量是否使用 ExpressRoute 连接?Does my agent traffic use my ExpressRoute connection?

到 Azure Monitor 的流量使用 Microsoft 对等互连 ExpressRoute 线路。Traffic to Azure Monitor uses the Microsoft peering ExpressRoute circuit. 有关不同类型的 ExpressRoute 流量的说明,请参阅 ExpressRoute 文档See ExpressRoute documentation for a description of the different types of ExpressRoute traffic.

如何确认 Log Analytics 代理能否与 Azure Monitor 通信?How can I confirm that the Log Analytics agent is able to communicate with Azure Monitor?

在代理计算机上的控制面板中,选择“安全性和设置”,然后选择“Microsoft Monitoring Agent” 。From Control Panel on the agent computer, select Security & Settings, Microsoft Monitoring Agent . 在“Azure Log Analytics (OMS)”选项卡下,绿色勾号图标表示代理能够与 Azure Monitor 进行通信。Under the Azure Log Analytics (OMS) tab, a green check mark icon confirms that the agent is able to communicate with Azure Monitor. 黄色警告图标表示代理存在问题。A yellow warning icon means the agent is having issues. 一个常见的原因是 Microsoft Monitoring Agent 服务已停止。One common reason is the Microsoft Monitoring Agent service has stopped. 请使用服务控制管理器重启该服务。Use service control manager to restart the service.

如何停止 Log Analytics 代理与 Azure Monitor 之间的通信?How do I stop the Log Analytics agent from communicating with Azure Monitor?

对于直接连接到 Log Analytics 的代理,请打开控制面板,然后依次选择“安全性和设置”和“Microsoft Monitoring Agent” 。For agents connected to Log Analytics directly, open the Control Panel and select Security & Settings, Microsoft Monitoring Agent. 在“Azure Log Analytics (OMS)”选项卡下,删除列出的所有工作区。Under the Azure Log Analytics (OMS) tab, remove all workspaces listed. 在 System Center Operations Manager 中,从 Log Analytics 托管的计算机的列表中删除该计算机。In System Center Operations Manager, remove the computer from the Log Analytics managed computers list. Operations Manager 会更新该代理的配置以便不再向 Log Analytics 进行报告。Operations Manager updates the configuration of the agent to no longer report to Log Analytics.

每个代理发送多少数据?How much data is sent per agent?

每个代理发送的数据量取决于:The amount of data sent per agent depends on:

  • 已启用的解决方案The solutions you have enabled
  • 正在收集的日志和性能计数器的数量The number of logs and performance counters being collected
  • 日志中的数据量The volume of data in the logs

有关详细信息,请参阅使用 Azure Monitor 日志管理使用情况和成本See Manage usage and costs with Azure Monitor Logs for details.

对于能够运行 WireData 代理的计算机,可以使用以下查询了解正在发送的数据量:For computers that are able to run the WireData agent, use the following query to see how much data is being sent:

WireData
| where ProcessName == "C:\\Program Files\\Microsoft Monitoring Agent\\Agent\\MonitoringHost.exe" 
| where Direction == "Outbound" 
| summarize sum(TotalBytes) by Computer 

将数据发送到 Azure Monitor 时,Microsoft 管理代理 (MMA) 使用多少网络带宽?How much network bandwidth is used by the Microsoft Management Agent (MMA) when sending data to Azure Monitor?

带宽是已发送数据量的一个函数。Bandwidth is a function on the amount of data sent. 数据通过网络发送时会被压缩。Data is compressed as it is sent over the network.

当 Log Analytics 代理中的数据收集停止时,我如何收到通知?How can I be notified when data collection from the Log Analytics agent stops?

当数据收集停止时,可以使用新建日志警报中所述的步骤收到通知。Use the steps described in create a new log alert to be notified when data collection stops. 将以下设置用于警报规则:Use the following settings for the alert rule:

  • 定义警报条件:将 Log Analytics 工作区指定为资源目标。Define alert condition: Specify your Log Analytics workspace as the resource target.
  • 警报条件Alert criteria
    • 信号名称:自定义日志搜索Signal Name: Custom log search
    • 搜索查询Heartbeat | summarize LastCall = max(TimeGenerated) by Computer | where LastCall < ago(15m)Search query: Heartbeat | summarize LastCall = max(TimeGenerated) by Computer | where LastCall < ago(15m)
    • 警报逻辑:依据是“结果数”、条件是“大于”、阈值是“0”Alert logic: Based on number of results, Condition Greater than, Threshold value 0
    • 计算依据:“时间(以分钟为单位)”是 30,“频率(以分钟为单位)”是 10Evaluated based on: Period (in minutes) 30, Frequency (in minutes) 10
  • 定义警报详细信息Define alert details
    • 名称:数据收集已停止Name: Data collection stopped
    • 严重性:警告Severity: Warning

指定现有或新的操作组,以便当日志警报匹配条件时,如果检测信号丢失超过 15 分钟,你将收到通知。Specify an existing or new Action Group so that when the log alert matches criteria, you are notified if you have a heartbeat missing for more than 15 minutes.

Azure Monitor 代理的防火墙要求是什么?What are the firewall requirements for Azure Monitor agents?

有关防火墙要求的详细信息,请参阅网络防火墙要求See Network firewall requirementsfor details on firewall requirements.

可视化效果Visualizations

为什么看不到视图设计器?Why can't I see View Designer?

只有用户在 Log Analytics 工作区中具有“参与者”权限或更高权限时,他们才可使用视图设计器。View Designer is only available for users assigned with Contributor permissions or higher in the Log Analytics workspace.

Application InsightsApplication Insights

配置问题Configuration problems

我在设置以下内容时遇到问题:I'm having trouble setting up my:

我无法从服务器获取任何数据:I get no data from my server:

应该部署多少个 Application Insights 资源:How many Application Insights resources should I deploy:

是否可以将 Application Insights 用于...?Can I use Application Insights with ...?

是否免费?Is it free?

是的,对于实验用途。Yes, for experimental use. 在基本定价计划中,应用程序可以发送一些每月免费数据量。In the basic pricing plan, your application can send a certain allowance of data each month free of charge. 免费的限额足以满足开发和为少量用户发布应用的需求。The free allowance is large enough to cover development, and publishing an app for a small number of users. 可以设置上限,以防止所使用的数据量超出指定数据量。You can set a cap to prevent more than a specified amount of data from being processed.

较大的遥测量按 Gb 收费。Larger volumes of telemetry are charged by the Gb. 我们提供了一些有关如何限制费用的提示。We provide some tips on how to limit your charges.

企业计划对每个 Web 服务器节点每天发送的遥测进行收费。The Enterprise plan incurs a charge for each day that each web server node sends telemetry. 如果要大规模使用连续导出,此计划非常合适。It is suitable if you want to use Continuous Export on a large scale.

阅读定价计划Read the pricing plan.

费用是多少?How much does it cost?

  • 在 Application Insights 资源中打开“使用情况和估算成本”页面。Open the Usage and estimated costs page in an Application Insights resource. 此处提供了一个最近使用情况的图表。There's a chart of recent usage. 如果愿意,可以设置数据上限。You can set a data volume cap, if you want.
  • 打开 Azure 计费边栏选项卡查看所有资源的帐单。Open the Azure Billing blade to see your bills across all resources.

Application Insights 在我的项目中修改哪些内容?What does Application Insights modify in my project?

详细信息取决于项目类型。The details depend on the type of project. 对于 Web 应用程序:For a web application:

  • 将这些文件添加到项目:Adds these files to your project:
    • ApplicationInsights.configApplicationInsights.config
    • ai.jsai.js
  • 安装以下 NuGet 包:Installs these NuGet packages:
    • Application Insights API - 核心 APIApplication Insights API - the core API
    • 适用于 Web 应用程序 的 Application Insights API - 用于从服务器发送遥测Application Insights API for Web Applications - used to send telemetry from the server
    • 适用于 JavaScript 应用程序的 Application Insights API - 用于从客户端发送遥测Application Insights API for JavaScript Applications - used to send telemetry from the client
  • 这些包包括以下程序集:The packages include these assemblies:
    • Microsoft.ApplicationInsightsMicrosoft.ApplicationInsights
    • Microsoft.ApplicationInsights.PlatformMicrosoft.ApplicationInsights.Platform
  • 将项目插入:Inserts items into:
    • Web.configWeb.config
    • packages.configpackages.config
  • (仅限新项目 - 如果将 Application Insights 添加到现有项目,则必须手动执行此操作。)在客户端和服务器代码中插入代码片段,以使用 Application Insights 资源 ID 初始化它们。(New projects only - if you add Application Insights to an existing project, you have to do this manually.) Inserts snippets into the client and server code to initialize them with the Application Insights resource ID. 例如,在 MVC 应用中,代码插入到主页 Views/Shared/_Layout.cshtml 中For example, in an MVC app, code is inserted into the master page Views/Shared/_Layout.cshtml

如何从较早的 SDK 版本升级?How do I upgrade from older SDK versions?

请参阅发行说明了解对应于应用程序类型的 SDK。See the release notes for the SDK appropriate to your type of application.

如何更改项目向哪个 Azure 资源发送数据?How can I change which Azure resource my project sends data to?

在解决方案资源管理器中,右键单击 ApplicationInsights.config 并选择“更新 Application Insights”。In Solution Explorer, right-click ApplicationInsights.config and choose Update Application Insights. 可在 Azure 中将数据发送到现有或新资源。You can send the data to an existing or new resource in Azure. 更新向导更改 ApplicationInsights.config 中的检测密钥,该密钥确定服务器 SDK 将数据发送到何处。The update wizard changes the instrumentation key in ApplicationInsights.config, which determines where the server SDK sends your data. 除非取消选中“更新全部”,否则它还将在网页中出现密钥的位置更改密钥。Unless you deselect "Update all," it will also change the key where it appears in your web pages.

能否在 Azure 资源管理器部署中使用 providers('Microsoft.Insights', 'components').apiVersions[0]Can I use providers('Microsoft.Insights', 'components').apiVersions[0] in my Azure Resource Manager deployments?

不建议使用此方法来填充 API 版本。We do not recommend using this method of populating the API version. 最新版本可表示可能包含中断性变更的预览版本。The newest version can represent preview releases which may contain breaking changes. 即使使用较新的非预览版本,API 版本也并不总是与现有模板向后兼容;在某些情况下,API 版本可能不适用于部分订阅。Even with newer non-preview releases, the API versions are not always backwards compatible with existing templates, or in some cases the API version may not be available to all subscriptions.

什么是状态监视器?What is Status Monitor?

它是可以在 IIS Web 服务器中使用的桌面应用,用于帮助在 Web 应用中配置 Application Insights。A desktop app that you can use in your IIS web server to help configure Application Insights in web apps. 它不会收集遥测:不配置应用时,可以停止此监视器。It doesn't collect telemetry: you can stop it when you are not configuring an app.

了解详细信息Learn more.

Application Insights 收集哪些遥测?What telemetry is collected by Application Insights?

从服务器 Web 应用:From server web apps:

客户端网页From client web pages:

从其他源中(如果有配置):From other sources, if you configure them:

是否可以筛选或修改某些遥测?Can I filter out or modify some telemetry?

可以,可在服务器中编写:Yes, in the server you can write:

  • 用于在从应用发送属性前,对属性进行筛选并将其添加到所选遥测项的遥测处理器。Telemetry Processor to filter or add properties to selected telemetry items before they are sent from your app.
  • 用于将属性添加到所有遥测项的遥测初始化器。Telemetry Initializer to add properties to all items of telemetry.

深入了解 ASP.NETJavaLearn more for ASP.NET or Java.

如何计算国家/地区、市/县和其他地理位置数据?How are city, country/region, and other geo location data calculated?

使用 GeoLite2 查找 Web 客户端的 IP 地址(IPv4 或 IPv6)。We look up the IP address (IPv4 or IPv6) of the web client using GeoLite2.

  • 浏览器遥测:收集发送方的 IP 地址。Browser telemetry: We collect the sender's IP address.
  • 服务器遥测:Application Insights 模块收集客户端 IP 地址。Server telemetry: The Application Insights module collects the client IP address. 如果设置了 X-Forwarded-For,则不会进行收集。It is not collected if X-Forwarded-For is set.
  • 若要详细了解如何在 Application Insights 中收集 IP 地址和地理位置数据,请参阅此文To learn more about how IP address and geolocation data are collected in Application Insights refer to this article.

可以配置 ClientIpHeaderTelemetryInitializer,从不同的标头获取 IP 地址。You can configure the ClientIpHeaderTelemetryInitializer to take the IP address from a different header. 例如,在某些系统中,代理、负载均衡器或 CDN 会将其移动到 X-Originating-IPIn some systems, for example, it is moved by a proxy, load balancer, or CDN to X-Originating-IP. 了解详细信息Learn more.

可以使用 Power BI 在映射中显示请求遥测。You can use Power BI to display your request telemetry on a map.

数据在门户中保留多长时间?How long is data retained in the portal? 是否安全?Is it secure?

请参阅数据保留和隐私Take a look at Data Retention and Privacy.

服务器或设备与 Azure 断开连接后,Application Insight 的遥测数据会怎么样?What happens to Application Insight's telemetry when a server or device loses connection with Azure?

所有 SDK(包括 Web SDK)都包含“可靠传输”。All of our SDKs, including the web SDK, includes "reliable transport" or "robust transport". 当服务器或设备与 Azure 断开连接后,遥测数据本地存储在文件系统 (Server SDK) 或 HTML5 会话存储 (Web SDK) 中。When the server or device loses connection with Azure, telemetry is stored locally on the file system (Server SDKs) or in HTML5 Session Storage (Web SDK). SDK 会定期重新尝试发送此遥测数据,直到引入服务将其视为“过时”(日志 48 小时后过时,指标 30 分钟后过时)。The SDK will periodically retry to send this telemetry until our ingestion service considers it "stale" (48-hours for logs, 30 minutes for metrics). 过时的遥测将被删除。Stale telemetry will be dropped. 在某些情况下(例如本地存储已满时),将不进行重试。In some cases, such as when local storage is full, retry will not occur.

是否可能会在遥测中发送个人数据?Could personal data be sent in the telemetry?

如果代码发送了此类数据,则有可能。This is possible if your code sends such data. 如果堆栈跟踪中的变量包括个人数据,也可能发生这种情况。It can also happen if variables in stack traces include personal data. 开发团队应进行风险评估,确保妥善处理个人数据。Your development team should conduct risk assessments to ensure that personal data is properly handled. 深入了解数据保留和隐私Learn more about data retention and privacy.

所有 八进制数的客户端 web 地址始终设置为 0,查找异地位置属性。All octets of the client web address are always set to 0 after the geo location attributes are looked up.

可在网页源中查看检测密钥。My Instrumentation Key is visible in my web page source.

  • 这是监视解决方案的常见做法。This is common practice in monitoring solutions.
  • 它不能用于窃取数据。It can't be used to steal your data.
  • 但可用于倾斜数据或触发警报。It could be used to skew your data or trigger alerts.
  • 我们未曾听说有任何客户遇到了此类问题。We have not heard that any customer has had such problems.

可以:You could:

  • 将两个单独的检测密钥(独立的 Application Insights 资源)分别用于客户端和服务器数据。Use two separate Instrumentation Keys (separate Application Insights resources), for client and server data. Or
  • 编写一个在服务器中运行的代理,并使 Web 客户端通过该代理发送数据。Write a proxy that runs in your server, and have the web client send data through that proxy.

如何在诊断搜索中查看 POST 数据?How do I see POST data in Diagnostic search?

我们不自动记录 POST 数据,但可以使用 TrackTrace 调用:将数据放置在消息参数中。We don't log POST data automatically, but you can use a TrackTrace call: put the data in the message parameter. 相比对字符串属性的限制,这具有更长的大小限制,尽管你无法对其进行筛选。This has a longer size limit than the limits on string properties, though you can't filter on it.

应使用单个 Application Insights 资源还是多个 Application Insights 资源?Should I use single or multiple Application Insights resources?

对单个业务系统中的所有组件或角色使用单个资源。Use a single resource for all the components or roles in a single business system. 对开发、测试和发布版本以及独立应用程序使用单独的资源。Use separate resources for development, test, and release versions, and for independent applications.

如何动态更改检测密钥?How do I dynamically change the instrumentation key?

什么是用户和会话计数?What are the User and Session counts?

  • JavaScript SDK 在 Web 客户端上设置了用于识别返回用户的用户 cookie,以及用于对活动进行分组的会话 cookie。The JavaScript SDK sets a user cookie on the web client, to identify returning users, and a session cookie to group activities.
  • 如果没有客户端脚本,可以在服务器设置 cookieIf there is no client-side script, you can set cookies at the server.
  • 如果一个真实的用户在不同的浏览器中使用站点,或者使用私密/隐身浏览,或使用不同的计算机,则会进行多次计数。If one real user uses your site in different browsers, or using in-private/incognito browsing, or different machines, then they will be counted more than once.
  • 若要识别跨计算机和浏览器登录的用户,请添加对 setAuthenticatedUserContext() 的调用。To identify a logged-in user across machines and browsers, add a call to setAuthenticatedUserContext().

我是否已在 Application Insights 中启用所有内容?Have I enabled everything in Application Insights?

应看到What you should see 如何获取How to get it 为何需要它Why you want it
可用性图表Availability charts Web 测试Web tests 知道 Web 应用已启动Know your web app is up
服务器应用性能:响应时间、...Server app perf: response times, ... 将 Application Insights 添加到项目在服务器上安装 AI 状态监视器(或编写自己的代码以跟踪依赖项Add Application Insights to your project or Install AI Status Monitor on server (or write your own code to track dependencies) 检测性能问题Detect perf issues
依赖项遥测Dependency telemetry 在服务器上安装 AI 状态监视器Install AI Status Monitor on server 诊断数据库或其他外部组件问题Diagnose issues with databases or other external components
获取异常的堆栈跟踪Get stack traces from exceptions 在代码中插入 TrackException 调用(但有些会自动报告)Insert TrackException calls in your code (but some are reported automatically) 检测和诊断异常Detect and diagnose exceptions
搜索日志跟踪Search log traces 添加日志记录适配器Add a logging adapter 诊断异常、性能问题Diagnose exceptions, perf issues
客户端使用基础知识:页面视图、会话、...Client usage basics: page views, sessions, ... 网页中的 JavaScript 初始值设定项JavaScript initializer in web pages 使用情况分析Usage analytics
客户端自定义指标Client custom metrics 在网页中跟踪调用Tracking calls in web pages 增强用户体验Enhance user experience
服务器自定义指标Server custom metrics 在服务器中跟踪调用Tracking calls in server 商业智能Business intelligence

为什么搜索图表和指标图表中的计数不一致?Why are the counts in Search and Metrics charts unequal?

采样减少了实际从应发送到门户的遥测项(请求、自定义事件等)数量。Sampling reduces the number of telemetry items (requests, custom events, and so on) that are actually sent from your app to the portal. 在搜索中,看到的是实际接收到的项数。In Search, you see the number of items actually received. 在显示事件计数的指标图表中,看到的是发生的原始事件数。In metric charts that display a count of events, you see the number of original events that occurred.

传输的每个项都携带一个 itemCount 属性,此属性显示该项表示的原始事件数量。Each item that is transmitted carries an itemCount property that shows how many original events that item represents. 若要观察操作中的采样,可以在分析中运行此查询:To observe sampling in operation, you can run this query in Analytics:

    requests | summarize original_events = sum(itemCount), transmitted_events = count()

如何将 Application Insights 资源移动到新区域?How do I move an Application Insights resource to a new region?

当前不支持将现有 Application Insights 资源从一个区域移动到另一个区域。Moving existing Application Insights resources from one region to another is currently not supported. 你收集的历史数据无法迁移到新区域。Historical data that you have collected cannot be migrated to a new region. 唯一的部分解决方法是:The only partial workaround is to:

  1. 在新区域中创建全新的 Application Insights 资源(经典)。Create a brand new Application Insights resource (classic in the new region.
  2. 重新创建特定于新资源中原始资源的所有唯一自定义项。Recreate all unique customizations specific to the original resource in the new resource.
  3. 修改应用程序以使用新区域资源的检测密钥连接字符串Modify your application to use the new region resource's instrumentation key or connection string.
  4. 测试以确认所有内容是否都按预期处理新的 Application Insights 资源。Test to confirm that everything is continuing to work as expected with your new Application Insights resource.
  5. 此时,你可以删除原始资源,这会导致所有历史数据丢失。At this point you can either delete the original resource which will result in all historical data being lost. 你也可以保留原始资源,用于在其数据保留设置期间进行历史报告。Or retain the original resource for historical reporting purposes for the duration of its data retention settings.

通常需要在新区域中为资源手动重新创建或更新的唯一自定义项包括但不限于:Unique customizations that commonly need to be manually recreated or updated for the resource in the new region include but are not limited to:

  • 重新创建自定义仪表板和工作簿。Recreate custom dashboards and workbooks.
  • 重新创建或更新任何自定义日志/指标警报的范围。Recreate or update the scope of any custom log/metric alerts.
  • 重新创建可用性警报。Recreate availability alerts.
  • 重新创建用户用于访问新资源所需的任何基于角色的访问控制 (RBAC) 自定义设置。Recreate any custom Role-Based Access Control (RBAC) settings that are required for your users to access the new resource.
  • 复制涉及引入采样、数据保留、每日上限和自定义指标启用的设置。Replicate settings involving ingestion sampling, data retention, daily cap, and custom metrics enablement. 可通过“使用情况和预估成本”窗格控制这些设置。These settings are controlled via the Usage and estimated costs pane.
  • 依赖 API 密钥(如版本注释实时指标安全控制通道等)的任何集成。你将需要生成新的 API 密钥并更新关联的集成。Any integration that relies on API keys such as release annotations, live metrics secure control channel etc. You will need to generate new API keys and update the associated integration.
  • 需要重新配置经典资源中的连续导出。Continuous export in classic resources would need to be configured again.
  • 需要重新配置基于工作区资源中的诊断设置。Diagnostic settings in workspace-based resources would need to be configured again.

自动化Automation

配置 Application InsightsConfiguring Application Insights

可以使用 Azure 资源监视器编写 PowerShell 脚本You can write PowerShell scripts using Azure Resource Monitor to:

  • 创建并更新 Application Insights 资源。Create and update Application Insights resources.
  • 设置定价计划。Set the pricing plan.
  • 获取检测密钥。Get the instrumentation key.
  • 添加指标警报。Add a metric alert.
  • 添加可用性测试。Add an availability test.

无法设置指标资源管理器报表,或设置连续导出。You can't set up a Metric Explorer report or set up continuous export.

查询遥测Querying the telemetry

使用 REST API 运行 Analytics 查询。Use the REST API to run Analytics queries.

如何设置事件警报?How can I set an alert on an event?

Azure 警报仅出现在指标上。Azure alerts are only on metrics. 创建一个每当事件发生时都跨越值阈值的自定义指标。Create a custom metric that crosses a value threshold whenever your event occurs. 然后在该指标上设置警报。Then set an alert on the metric. 每次指标在任一方向超过阈值时,你都将收到通知;无论初始值高低,首次超过时都不会收到通知;总是有几分钟的延迟。You'll get a notification whenever the metric crosses the threshold in either direction; you won't get a notification until the first crossing, no matter whether the initial value is high or low; there is always a latency of a few minutes.

Azure Web 应用和 Application Insights 之间是否有数据传输费用?Are there data transfer charges between an Azure web app and Application Insights?

  • 如果 Azure Web 应用托管在具有 Application Insights 集合终结点的数据中心内,则不收取费用。If your Azure web app is hosted in a data center where there is an Application Insights collection endpoint, there is no charge.
  • 如果主机数据中心没有集合终结点,那么应用的遥测会产生 Azure 传出费用If there is no collection endpoint in your host data center, then your app's telemetry will incur Azure outgoing charges.

这与 Application Insights 资源的托管位置无关。This doesn't depend on where your Application Insights resource is hosted. 它只取决于终结点的分布情况。It just depends on the distribution of our endpoints.

是否可以将遥测数据发送到 Application Insights 门户?Can I send telemetry to the Application Insights portal?

建议使用我们的 SDK 并使用 SDK APIWe recommend you use our SDKs and use the SDK API. 为各种平台提供了相应的 SDK 变体。There are variants of the SDK for various platforms. 这些 SDK 可处理缓冲、压缩、限制以及重试等。These SDKs handle buffering, compression, throttling, retries, and so on. 但是,引入架构终结点协议是公共的。However, the ingestion schema and endpoint protocol are public.

是否可以监视 Intranet Web 服务器?Can I monitor an intranet web server?

可以,但你需要通过防火墙例外或代理重定向来允许流量到我们的服务。Yes, but you will need to allow traffic to our services by either firewall exceptions or proxy redirects.

  • QuickPulse https://rt.services.visualstudio.com:443QuickPulse https://rt.services.visualstudio.com:443
  • ApplicationIdProvider https://dc.services.visualstudio.com:443ApplicationIdProvider https://dc.services.visualstudio.com:443
  • TelemetryChannel https://dc.services.visualstudio.com:443TelemetryChannel https://dc.services.visualstudio.com:443

此处查看服务和 IP 地址的完整列表。Review our full list of services and IP addresses here.

防火墙例外Firewall exception

允许 Web 服务器将遥测发送到我们的终结点。Allow your web server to send telemetry to our endpoints.

网关重定向Gateway redirect

通过重写配置中的终结点,将流量从服务器路由到 Intranet 上的网关。Route traffic from your server to a gateway on your intranet by overwriting Endpoints in your configuration. 如果配置中不存在这些“终结点”属性,则这些类将使用下面示例 ApplicationInsights.config 中显示的默认值。If these "Endpoint" properties are not present in your config, these classes will use the default values shown below in the example ApplicationInsights.config.

你的网关应将流量路由到我们的终结点的基址。Your gateway should route traffic to our endpoint's base address. 在你的配置中,将默认值替换为 http://<your.gateway.address>/<relative path>In your configuration, replace the default values with http://<your.gateway.address>/<relative path>.

使用默认终结点的示例 ApplicationInsights.config:Example ApplicationInsights.config with default endpoints:
<ApplicationInsights>
  ...
  <TelemetryModules>
    <Add Type="Microsoft.ApplicationInsights.Extensibility.PerfCounterCollector.QuickPulse.QuickPulseTelemetryModule, Microsoft.AI.PerfCounterCollector">
      <QuickPulseServiceEndpoint>https://rt.services.visualstudio.com/QuickPulseService.svc</QuickPulseServiceEndpoint>
    </Add>
  </TelemetryModules>
    ...
  <TelemetryChannel>
     <EndpointAddress>https://dc.services.visualstudio.com/v2/track</EndpointAddress>
  </TelemetryChannel>
  ...
  <ApplicationIdProvider Type="Microsoft.ApplicationInsights.Extensibility.Implementation.ApplicationId.ApplicationInsightsApplicationIdProvider, Microsoft.ApplicationInsights">
    <ProfileQueryEndpoint>https://dc.services.visualstudio.com/api/profiles/{0}/appId</ProfileQueryEndpoint>
  </ApplicationIdProvider>
  ...
</ApplicationInsights>

备注

自 v2.6.0 开始,具备 ApplicationIdProvider 功能。ApplicationIdProvider is available starting in v2.6.0.

代理传递Proxy passthrough

可配置计算机级别或应用程序级别代理来实现代理传递。Proxy passthrough can be achieved by configuring either a machine level or application level proxy. 有关详细信息,请参阅 dotnet 关于 DefaultProxy 的文章。For more information see dotnet's article on DefaultProxy.

示例 Web.config:Example Web.config:

<system.net>
   <defaultProxy>
     <proxy proxyaddress="http://xx.xx.xx.xx:yyyy" bypassonlocal="true"/>
   </defaultProxy>
</system.net>

是否可以在 Intranet 服务器上运行可用性 Web 测试?Can I run Availability web tests on an intranet server?

我们的 Web 测试可在遍布全球的各个接入点上运行。Our web tests run on points of presence that are distributed around the globe. 可运用以下两种解决方案:There are two solutions:

  • 防火墙门 - 允许从长且可更改的 Web 测试代理列表中请求自己的服务器。Firewall door - Allow requests to your server from the long and changeable list of web test agents.
  • 编写自己的代码,从 Intranet 内部向服务器发送定期请求。Write your own code to send periodic requests to your server from inside your intranet. 可以为此运行 Visual Studio Web 测试。You could run Visual Studio web tests for this purpose. 测试人员可以使用 TrackAvailability() API 将结果发送到 Application Insights。The tester could send the results to Application Insights using the TrackAvailability() API.

收集遥测数据需要多长时间?How long does it take for telemetry to be collected?

大多数 Application Insights 数据的延迟小于 5 分钟。Most Application Insights data has a latency of under 5 minutes. 有些数据可能需要更长的时间,通常是较大的日志文件。Some data can take longer; typically larger log files. 有关详细信息,请参阅 Application Insights SLAFor more information, see the Application Insights SLA.

HTTP 502 和 503 响应并不总是由 Application Insights 捕获HTTP 502 and 503 responses are not always captured by Application Insights

“502 错误的网关”和“503 服务不可用”错误并不总是由 Application Insights 捕获。"502 bad gateway" and "503 service unavailable" errors are not always captured by Application Insights. 如果仅将客户端 JavaScript 用于监视,则这是预期的行为,因为错误响应会在包含 HTML 标头且会呈现监视性的 JavaScript 代码片段的页面之前返回。If only client-side JavaScript is being used for monitoring this would be expected behavior since the error response is returned prior to the page containing the HTML header with the monitoring JavaScript snippet being rendered.

如果从启用了服务器端监视的服务器发送了 502 或 503 响应,则 Application Insights SDK 会收集这些错误。If the 502 or 503 response was sent from a server with server-side monitoring enabled the errors would be collected by the Application Insights SDK.

但某些情况下,即使在应用程序的 Web 服务器上启用了服务器端监视,也不会由 Application Insights 捕获 502 或 503 错误。However, there are still cases where even when server-side monitoring is enabled on an application's web server that a 502 or 503 error will not be captured by Application Insights. 许多新式 Web 服务器不允许客户端直接通信,而是使用反向代理之类的解决方案在客户端和前端 Web 服务器之间来回传递信息。Many modern web servers do not allow a client to communicate directly, but instead employ solutions like reverse proxies to pass information back and forth between the client and the front-end web servers.

在这种情况下,由于反向代理层出现问题,可能会将 502 或 503 响应返回到客户端,该响应不会被 Application Insights 直接捕获。In this scenario, a 502 or 503 response could be returned to a client due to an issue at the reverse proxy layer and this would not be captured out-of-box by Application Insights. 可能需要将日志从反向代理转发到 Log Analytics,并创建自定义规则来检查 502/503 响应,这样有助于检测该层中的问题To help detect issues at this layer you may need to forward logs from your reverse proxy to Log Analytics and create a custom rule to check for 502/503 responses. 若要详细了解 502 和 503 错误的常见原因,请参阅 Azure 应用服务故障排除文章中的“502 错误的网关”和“503 服务不可用”To learn more about common causes of 502 and 503 errors consult the Azure App Service troubleshooting article for "502 bad gateway" and "503 service unavailable".

用于容器的 Azure MonitorAzure Monitor for containers

运行状况功能现为个人预览版Health feature is in private preview

我们计划进行一系列的更改,目的是增添功能并处理你的反馈。We are planning to make a series of changes to add functionality and address your feedback. 运行状况功能将在 2020 年6 月底转为个人预览版;有关其他信息,请查看下列 Azure 更新公告The Health feature is going to transition to a private preview at the end of June 2020, and for additional information review the following Azure updates announcement.

节点视图下的“其他进程”表示什么?What does Other Processes represent under the Node view?

“其他进程”旨在帮助你清楚了解节点上资源使用率较高的根本原因。Other processes are intended to help you clearly understand the root cause of the high resource usage on your node. 这样,你就能将容器化流程与非容器化流程的使用量区分开。This enables you to distinguish usage between containerized processes vs non-containerized processes.

这些其他进程是哪些进程?What are these Other Processes?

它们是在节点上运行的非容器化进程。These are non-containerized processes that run on your node.

如何对其进行计算?How do we calculate this?

其他进程 = CAdvisor 中的总使用量 - 容器化进程的使用量 Other Processes = Total usage from CAdvisor - Usage from containerized process

其他进程包括:The Other processes includes:

  • 自行托管的或托管 Kubernetes 非容器化进程Self-managed or managed Kubernetes non-containerized processes

  • 容器运行时进程Container Run-time processes

  • KubeletKubelet

  • 节点上运行的系统进程System processes running on your node

  • 节点硬件或 VM 上运行的其他非 Kubernetes 工作负载Other non-Kubernetes workloads running on node hardware or VM

查询 ContainerLog 表时,没看到填充有 Image 和 Name 属性值。I don't see Image and Name property values populated when I query the ContainerLog table.

对于代理版本 ciprod12042019 及更高版本,为了尽量减少收集日志数据时产生的费用,默认情况下不会为每行日志填充这两个属性。For agent version ciprod12042019 and later, by default these two properties are not populated for every log line to minimize cost incurred on log data collected. 有两种方法可用于查询表,查询包含这些属性及其值:There are two options to query the table that include these properties with their values:

选项 1Option 1

联接其他表,在结果中包含这些属性值。Join other tables to include these property values in the results.

联接 ContainerID 属性,将查询修改为包含 ContainerInventory 表中的 Image 和 ImageTag 属性。Modify your queries to include Image and ImageTag properties from the ContainerInventory table by joining on ContainerID property. 通过在 ContainerID 属性上进行联接,可以包含 KubepodInventory 表的 ContaineName 字段中的 Name 属性(与以前在 ContainerLog 表中显示的相同)。You can include the Name property (as it previously appeared in the ContainerLog table) from KubepodInventory table's ContaineName field by joining on the ContainerID property. 这是建议选项。This is the recommended option.

下面是一个详细查询示例,说明了如何使用联接来获取这些字段值。The following example is a sample detailed query that explains how to get these field values with joins.

//lets say we are querying an hour worth of logs
let startTime = ago(1h);
let endTime = now();
//below gets the latest Image & ImageTag for every containerID, during the time window
let ContainerInv = ContainerInventory | where TimeGenerated >= startTime and TimeGenerated < endTime | summarize arg_max(TimeGenerated, *)  by ContainerID, Image, ImageTag | project-away TimeGenerated | project ContainerID1=ContainerID, Image1=Image ,ImageTag1=ImageTag;
//below gets the latest Name for every containerID, during the time window
let KubePodInv  = KubePodInventory | where ContainerID != "" | where TimeGenerated >= startTime | where TimeGenerated < endTime | summarize arg_max(TimeGenerated, *)  by ContainerID2 = ContainerID, Name1=ContainerName | project ContainerID2 , Name1;
//now join the above 2 to get a 'jointed table' that has name, image & imagetag. Outer left is safer in-case there are no kubepod records are if they are latent
let ContainerData = ContainerInv | join kind=leftouter (KubePodInv) on $left.ContainerID1 == $right.ContainerID2;
//now join ContainerLog table with the 'jointed table' above and project-away redundant fields/columns and rename columns that were re-written
//Outer left is safer so you dont lose logs even if we cannot find container metadata for loglines (due to latency, time skew between data types etc...)
ContainerLog
| where TimeGenerated >= startTime and TimeGenerated < endTime 
| join kind= leftouter (
   ContainerData
) on $left.ContainerID == $right.ContainerID2 | project-away ContainerID1, ContainerID2, Name, Image, ImageTag | project-rename Name = Name1, Image=Image1, ImageTag=ImageTag1 

方法 2Option 2

为每行容器日志的这些属性重新启用收集功能。Re-enable collection for these properties for every container log line.

如果第一种方法因涉及到更改查询而不便使用,可通过在代理配置映射中启用设置 log_collection_settings.enrich_container_logs 来重新开始收集这些字段,如数据收集配置设置中所述。If the first option is not convenient due to query changes involved, you can re-enable collecting these fields by enabling the setting log_collection_settings.enrich_container_logs in the agent config map as described in the data collection configuration settings.

备注

建议不要对节点数超过 50 个的大型群集使用第二种方法,因为它将从群集中的每个节点生成 API 服务器调用来执行该扩充。The second option is not recommended with large clusters that have more than 50 nodes because it generates API server calls from every node in the cluster to perform this enrichment. 该方法还会增加收集到的每行日志的数据大小。This option also increases data size for every log line collected.

能否在 Grafana 中查看收集的指标?Can I view metrics collected in Grafana?

用于容器的 Azure Monitor 支持在 Grafana 仪表板中查看 Log Analytics 工作区中存储的指标。Azure Monitor for containers supports viewing metrics stored in your Log Analytics workspace in Grafana dashboards. 我们提供了一个模板,你可从 Grafana 的仪表板存储库中下载以供入门和参考,它可帮助你了解如何从受监视的群集查询其他数据,来在自定义 Grafana 仪表板中直观显示。We have provided a template that you can download from Grafana's dashboard repository to get you started and reference to help you learn how to query additional data from your monitored clusters to visualize in custom Grafana dashboards.

能否通过用于容器的 Azure Monitor 监视 AKS-Engine 群集?Can I monitor my AKS-engine cluster with Azure Monitor for containers?

用于容器的 Azure Monitor 支持监视部署到 Azure 上托管的 AKS-Engine(以前称为 ACS-Engine)群集的容器工作负载。Azure Monitor for containers supports monitoring container workloads deployed to AKS-engine (formerly known as ACS-engine) cluster(s) hosted on Azure. 要进一步了解详细信息并概要了解为此方案启用监视功能所需的步骤,请参阅对 AKS-Engine 使用用于容器的 Azure MonitorFor further details and an overview of steps required to enable monitoring for this scenario, see Using Azure Monitor for containers for AKS-engine.

为什么在 Log Analytics 工作区中看不到数据?Why don't I see data in my Log Analytics workspace?

如果每天在特定时间都无法查看 Log Analytics 工作区中的任何数据,则你可能已达到默认的 500 MB 限制或为控制每天要收集的数据量而指定的每日上限。If you are unable to see any data in the Log Analytics workspace at a certain time everyday, you may have reached the default 500 MB limit or the daily cap specified to control the amount of data to collect daily. 达到当天的限制后,数据收集将停止且只能在第二天恢复。When the limit is met for the day, data collection stops and resumes only on the next day. 若要查看数据使用情况并根据预期的使用模式更新到其他定价层,请参阅日志数据使用情况和成本To review your data usage and update to a different pricing tier based on your anticipated usage patterns, see Log data usage and cost.

ContainerInventory 表中指定了哪些容器状态?What are the container states specified in the ContainerInventory table?

ContainerInventory 表包含已停止和正在运行的容器的信息。The ContainerInventory table contains information about both stopped and running containers. 此表由代理中的一个工作流进行填充,该工作流查询 Docker 中的所有容器(正在运行的和已停止的),并将该数据转发到 Log Analytics 工作区。The table is populated by a workflow inside the agent that queries the docker for all the containers (running and stopped), and forwards that data the Log Analytics workspace.

如何解决“缺少订阅注册”错误?How do I resolve Missing Subscription registration error?

如果收到“缺少 Microsoft.OperationsManagement 的订阅注册”错误,可通过在定义工作区的订阅中注册资源提供程序 Microsoft.OperationsManagement 来解决它 。If you receive the error Missing Subscription registration for Microsoft.OperationsManagement, you can resolve it by registering the resource provider Microsoft.OperationsManagement in the subscription where the workspace is defined. 可以在此处找到介绍如何执行此操作的文档。The documentation for how to do this can be found here.

是否支持已启用 RBAC 的 AKS 群集?Is there support for RBAC enabled AKS clusters?

容器监视解决方案不支持 RBAC,但用于容器的 Azure Monitor 支持 RBAC。The Container Monitoring solution doesn't support RBAC, but it is supported with Azure Monitor for Containers. 在显示这些群集的数据的边栏选项卡上,解决方案详细信息页可能不会显示正确的信息。The solution details page may not show the right information in the blades that show data for these clusters.

如何通过 Helm 为 kube-system 命名空间中的容器启用日志收集?How do I enable log collection for containers in the kube-system namespace through Helm?

默认情况下,kube-system 命名空间中的容器的日志收集被禁用。The log collection from containers in the kube-system namespace is disabled by default. 可以通过在 omsagent 上设置一个环境变量来启用日志收集。Log collection can be enabled by setting an environment variable on the omsagent. 有关详细信息,请参阅 GitHub 上的用于容器的 Azure Monitor 页面。For more information, see the Azure Monitor for containers GitHub page.

如何将 omsagent 更新为最新发布的版本?How do I update the omsagent to the latest released version?

若要了解如何升级代理,请参阅代理管理To learn how to upgrade the agent, see Agent management.

如何启用多行日志记录?How do I enable multi-line logging?

当前,用于容器的 Azure Monitor 不支持多行日志记录,但提供了暂时解决方案。Currently Azure Monitor for containers doesn't support multi-line logging, but there are workarounds available. 你可以将所有服务配置为以 JSON 格式进行写入,然后 Docker/Moby 会在单个行上写入它们。You can configure all the services to write in JSON format and then Docker/Moby will write them as a single line.

例如,可以将你的日志包装为一个 JSON 对象,如示例 node.js 应用程序的以下示例中所示:For example, you can wrap your log as a JSON object as shown in the example below for a sample node.js application:

console.log(json.stringify({ 
      "Hello": "This example has multiple lines:",
      "Docker/Moby": "will not break this into multiple lines",
      "and you will receive":"all of them in log analytics",
      "as one": "log entry"
      }));

查询该数据时,该数据与用于日志的 Azure Monitor 中的以下示例类似:This data will look like the following example in Azure Monitor for logs when you query for it:

LogEntry : ({"Hello": "This example has multiple lines:","Docker/Moby": "will not break this into multiple lines", "and you will receive":"all of them in log analytics", "as one": "log entry"}

要详细了解此问题,请查看以下 GitHub 链接For a detailed look at the issue, review the following GitHub link.

如何解决在启用实时日志时遇到的 Azure AD 错误?How do I resolve Azure AD errors when I enable live logs?

你可能会看到以下错误:在请求中指定的回复 URL 与为应用程序“<application ID>”配置的回复 URL 不匹配。You may see the following error: The reply url specified in the request does not match the reply urls configured for the application: '<application ID>'. 有关此问题的解决方案,可参阅如何使用用于容器的 Azure Monitor 实时查看容器数据一文。The solution to solve it can be found in the article How to view container data in real time with Azure Monitor for containers.

在加入后为何无法升级群集?Why can't I upgrade cluster after onboarding?

如果在为 AKS 群集启用用于容器的 Azure Monitor 之后,删除了群集向其发送数据的 Log Analytics 工作区,则在尝试升级群集时会失败。If after you enable Azure Monitor for containers for an AKS cluster, you delete the Log Analytics workspace the cluster was sending its data to, when attempting to upgrade the cluster it will fail. 要解决此情况,必须禁用再重新启用监视功能,使其引用订阅中的其他有效工作区。To work around this, you will have to disable monitoring and then re-enable it referencing a different valid workspace in your subscription. 在你重新尝试升级群集时,应该就会处理并成功完成。When you try to perform the cluster upgrade again, it should process and complete successfully.

需要为代理打开/允许哪些端口和域?Which ports and domains do I need to open/allow for the agent?

有关 Azure 中国云的容器化代理所需的代理和防火墙配置信息,请参阅网络防火墙要求See the Network firewall requirements for the proxy and firewall configuration information required for the containerized agent with Azure China cloud.

后续步骤Next steps

如果未在此处找到问题的答案,可查看以下论坛,了解其他问题和解答。If your question isn't answered here, you can refer to the following forums to additional questions and answers.