Azure Monitor 概述Azure Monitor overview

Azure Monitor 可帮助最大程度地提高应用程序和服务的可用性和性能。Azure Monitor helps you maximize the availability and performance of your applications and services. 它提供了一个全面的解决方案,用于从云和本地环境收集、分析和处理遥测数据。It delivers a comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments. 此信息可以帮助你了解应用程序的性能,并主动识别影响应用程序及其所依赖资源的问题。This information helps you understand how your applications are performing and proactively identify issues affecting them and the resources they depend on.

可以使用 Azure Monitor 执行的操作的几个示例包括:Just a few examples of what you can do with Azure Monitor include:


下图提供了 Azure Monitor 的概要视图。The following diagram gives a high-level view of Azure Monitor. 示意图的中心是用于指标和日志(Azure Monitor 使用的两种基本类型的数据)的数据存储。At the center of the diagram are the data stores for metrics and logs, which are the two fundamental types of data used by Azure Monitor. 左侧是用于填充这些数据存储监视数据源On the left are the sources of monitoring data that populate these data stores. 右侧是 Azure Monitor 针对这些收集的数据执行的不同功能。On the right are the different functions that Azure Monitor performs with this collected data. 其中包括分析、警报和流式传输到外部系统等操作。This includes such actions as analysis, alerting, and streaming to external systems.

Azure Monitor 概述

监视数据平台Monitoring data platform

Azure Monitor 收集的所有数据属于以下两种基本类型之一:指标和日志All data collected by Azure Monitor fits into one of two fundamental types, metrics and logs. 指标是数字值,用于描述系统某些方面在特定时间点的情况。Metrics are numerical values that describe some aspect of a system at a particular point in time. 指标是轻型数据,可以支持近实时方案。They are lightweight and capable of supporting near real-time scenarios. 日志包含不同类型的已经整理成记录的数据,每种类型都有不同的属性集。Logs contain different kinds of data organized into records with different sets of properties for each type. 与性能数据一样,事件和跟踪等遥测数据也作为日志存储,因此,可将它们合并以进行分析。Telemetry such as events and traces are stored as logs in addition to performance data so that it can all be combined for analysis.

Azure 门户中的“概述”页会直接显示 Azure Monitor 针对许多 Azure 资源收集的数据。For many Azure resources, you'll see data collected by Azure Monitor right in their Overview page in the Azure portal. 例如,在查看任一虚拟机时,多个图表会显示性能指标。Have a look at any virtual machine for example, and you'll see several charts displaying performance metrics. 单击任一图形会在 Azure 门户上的指标资源管理器中打开数据,可在其中绘制多个指标在不同时间段的值的图表。Click on any of the graphs to open the data in metrics explorer in the Azure portal, which allows you to chart the values of multiple metrics over time. 可以通过交互方式查看图表,也可以将其固定到某个仪表板,与其他可视化效果一起查看。You can view the charts interactively or pin them to a dashboard to view them with other visualizations.


可以使用查询来分析 Azure Monitor 收集的日志数据,这些查询可以快速检索、合并和分析所收集的数据。Log data collected by Azure Monitor can be analyzed with queries to quickly retrieve, consolidate, and analyze collected data. 可以使用 Azure 门户中的 Log Analytics 创建和测试查询。You can create and test queries using Log Analytics in the Azure portal. 然后可以直接使用不同的工具分析数据,或者保存查询以便与可视化效果警报规则配合使用。You can then either directly analyze the data using different tools or save queries for use with visualizations or alert rules.

Azure Monitor 使用 Kusto 查询语言的某个版本,该查询语言适用于简单的日志查询,但也包括高级功能,例如聚合、联接、智能分析。Azure Monitor uses a version of the Kusto query language that is suitable for simple log queries but also includes advanced functionality such as aggregations, joins, and smart analytics. 可以通过多个课程快速了解此查询语言。You can quickly learn the query language using multiple lessons. 特定指南提供给已熟悉 SQLSplunk 的用户。Particular guidance is provided to users who are already familiar with SQL and Splunk.

此图显示流入 Log Analytics 中进行分析的日志数据。

Azure Monitor 收集哪些数据?What data does Azure Monitor collect?

Azure Monitor 可从各种源收集数据。Azure Monitor can collect data from a variety of sources. 这涉及你的应用程序、任意操作系统和它所依赖的服务,直至平台本身。This ranges from your application, any operating system and services it relies on, down to the platform itself. Azure Monitor 从以下每个层收集数据:Azure Monitor collects data from each of the following tiers:

  • 应用程序监视数据:有关编写的代码的性能和功能的数据,不管平台是什么。Application monitoring data: Data about the performance and functionality of the code you have written, regardless of its platform.
  • 来宾 OS 监视数据:有关运行应用程序的操作系统的数据。Guest OS monitoring data: Data about the operating system on which your application is running. 此应用程序可以在 Azure 中运行,也可以在其他云中或本地运行。This could be running in Azure, another cloud, or on-premises.
  • Azure 资源监视数据:有关 Azure 资源操作的数据。Azure resource monitoring data: Data about the operation of an Azure resource.
  • Azure 订阅监视数据:有关 Azure 订阅操作和管理的数据,以及有关 Azure 本身运行状况和操作的数据。Azure subscription monitoring data: Data about the operation and management of an Azure subscription, as well as data about the health and operation of Azure itself.
  • Azure 租户监视数据:有关租户级 Azure 服务(例如 Azure Active Directory)操作的数据。Azure tenant monitoring data: Data about the operation of tenant-level Azure services, such as Azure Active Directory.

在创建 Azure 订阅并开始添加虚拟机和 Web 应用等资源后,Azure Monitor 会立即开始收集数据。As soon as you create an Azure subscription and start adding resources such as virtual machines and web apps, Azure Monitor starts collecting data. 活动日志记录创建或修改资源的时间。Activity logs record when resources are created or modified. 指标告知资源的性能如何,以及该资源消耗的资源。Metrics tell you how the resource is performing and the resources that it's consuming.

启用诊断,将正在收集的数据扩展到资源的内部操作中。Enable diagnostics to extend the data you're collecting into the internal operation of the resources. 添加代理来计算资源,以收集其来宾操作系统中的遥测数据。Add an agent to compute resources to collect telemetry from their guest operating systems.

使用 Application Insights 启用对应用程序的监视,以收集详细信息,包括页面视图、应用程序请求和异常。Enable monitoring for your application with Application Insights to collect detailed information including page views, application requests, and exceptions.

自定义来源Custom sources

Azure Monitor 可以使用数据收集器 API 从任何 REST 客户端收集日志数据。Azure Monitor can collect log data from any REST client using the Data Collector API. 这样,便可以创建自定义监视方案,并将监视范围扩展到不通过其他源公开遥测数据的资源。This allows you to create custom monitoring scenarios and extend monitoring to resources that don't expose telemetry through other sources.


仅当能够有利于洞察计算环境的操作时,监视数据才有作用。Monitoring data is only useful if it can increase your visibility into the operation of your computing environment. 见解为特定 Azure 服务提供自定义监视体验。Insights provide a customized monitoring experience for particular Azure services. 它们只需最少的配置,并且可提高你对关键资源操作的可见性。They require minimal configuration and increase your visibility into the operation of critical resources.

Application InsightsApplication Insights

无论 Web 应用程序托管在云中还是本地,Application Insights 都可以监视其可用性、性能和使用情况。Application Insights monitors the availability, performance, and usage of your web applications whether they're hosted in the cloud or on-premises. 它利用 Azure Monitor 中的强大数据分析平台来提供应用程序操作的深入见解。It leverages the powerful data analysis platform in Azure Monitor to provide you with deep insights into your application's operations. 它使你可以诊断错误,无需等到用户报告这些问题。It enables you to diagnose errors without waiting for a user to report them. Application Insights 包含各种开发工具的连接点,并与 Visual Studio 集成以支持 DevOps 过程。Application Insights includes connection points to a variety of development tools and integrates with Visual Studio to support your DevOps processes.

App Insights

用于容器的 Azure MonitorAzure Monitor for containers

用于容器的 Azure Monitor 监视部署到 Azure Kubernetes 服务 (AKS) 上托管的托管 Kubernetes 群集的容器工作负载的性能。Azure Monitor for containers monitors the performance of container workloads that are deployed to managed Kubernetes clusters hosted on Azure Kubernetes Service (AKS). 它通过指标 API 从 Kubernetes 中提供的控制器、节点和容器收集指标,来提供性能可见性。It gives you performance visibility by collecting metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API. 容器日志也会被收集。Container logs are also collected. 从 Kubernetes 群集启用监视后,将通过适用于 Linux 的 Log Analytics 代理的容器化版本自动收集这些指标和日志。After you enable monitoring from Kubernetes clusters, these metrics and logs are automatically collected for you through a containerized version of the Log Analytics agent for Linux.


应对关键状况Responding to critical situations

除了让你以交互方式分析监视数据以外,有效的监视解决方案必须能够主动应对所收集的数据中指出的关键状况。In addition to allowing you to interactively analyze monitoring data, an effective monitoring solution must be able to proactively respond to critical conditions identified in the data that it collects. 应对措施可以是向负责调查问题的管理员发送短信或邮件。This could be sending a text or mail to an administrator responsible for investigating an issue. 或者,可以启动自动化过程来尝试纠正错误状况。Or you could launch an automated process that attempts to correct an error condition.


Azure Monitor 中的警报会主动发送有关关键状况的通知,并可能尝试采取纠正措施。Alerts in Azure Monitor proactively notify you of critical conditions and potentially attempt to take corrective action. 基于指标的警报规则根据数值提供近乎实时的警报。Alert rules based on metrics provide near real time alerts based on numeric values. 基于日志的规则允许跨多个源的数据的复杂逻辑。Rules based on logs allow for complex logic across data from multiple sources.

Azure Monitor 中的警报规则使用操作组,其中包含可在多个规则之间共享的独特接收者和操作集。Alert rules in Azure Monitor use action groups, which contain unique sets of recipients and actions that can be shared across multiple rules. 操作组可根据要求执行多种操作,例如,使用 Webhook 来让警报启动外部操作,或者与 ITSM 工具集成。Based on your requirements, action groups can perform such actions as using webhooks to have alerts start external actions or to integrate with your ITSM tools.

屏幕截图显示 Azure Monitor 中的警报(包含严重性、警报总数等信息)。


自动缩放是指在处理应用程序负载时让适当数量的资源运行。Autoscale allows you to have the right amount of resources running to handle the load on your application. 创建使用 Azure Monitor 收集的指标的规则,以确定负载增加后何时自动添加资源。Create rules that use metrics collected by Azure Monitor to determine when to automatically add resources when load increases. 删除处于空闲状态的资源,以节省资金。Save money by removing resources that are sitting idle. 可以指定最小和最大实例数,并创建逻辑来控制何时要增加或减少资源。You specify a minimum and maximum number of instances and the logic for when to increase or decrease resources.

此图显示自动缩放,一行中有几个服务器标记为“处理器时间 > 80%”,两台服务器标记为最小容量,三台服务器标记为当前容量,五台服务器标记为最大容量。

可视化监视数据Visualizing monitoring data

图表和表等可视化效果是用于汇总监视数据并向不同的受众呈现这些数据的有效工具。Visualizations such as charts and tables are effective tools for summarizing monitoring data and presenting it to different audiences. Azure Monitor 具有自身的可视化监视数据的功能,并可利用其他 Azure 服务将这些数据发布到不同的受众。Azure Monitor has its own features for visualizing monitoring data and leverages other Azure services for publishing it to different audiences.


Azure 仪表板允许将不同类型的数据合并到 Azure 门户的单个窗格中。Azure dashboards allow you to combine different kinds of data into a single pane in the Azure portal. 可以选择与其他 Azure 用户共享仪表板。You can optionally share the dashboard with other Azure users. 将任意日志查询或指标图表的输出添加到 Azure 仪表板。Add the output of any log query or metrics chart to an Azure dashboard. 例如,可以创建一个包含多个磁贴的仪表板,这些磁贴分别用于显示指标图、活动日志表、Application Insights 的使用情况图表,以及日志查询的输出。For example, you could create a dashboard that combines tiles that show a graph of metrics, a table of activity logs, a usage chart from Application Insights, and the output of a log query.

屏幕截图显示一个 Azure 仪表板,其中包括应用程序和安全性磁贴以及其他可自定义的信息。


工作簿提供了灵活的画布,用于数据分析和在 Azure 门户中创建丰富的可视化报表。Workbooks provide a flexible canvas for data analysis and the creation of rich visual reports in the Azure portal. 使用工作簿可以在整个 Azure 中接入多个数据源,并将其组合成统一的交互式体验。They allow you to tap into multiple data sources from across Azure, and combine them into unified interactive experiences. 使用 Insights 随附的工作簿或从预定义模板创建自己的工作簿。Use workbooks provided with Insights or create your own from predefined templates.


Power BIPower BI

Power BI 是业务分析服务,可提供跨各种数据源的交互式可视化效果。Power BI is a business analytics service that provides interactive visualizations across a variety of data sources. 它是将数据提供给组织内外的其他人的有效方法。It's an effective means of making data available to others within and outside your organization. 可将 Power BI 配置为自动从 Azure Monitor 导入日志数据,以利用这些附加的可视化效果。You can configure Power BI to automatically import log data from Azure Monitor to take advantage of these additional visualizations.

Power BI

集成和导出数据Integrate and export data

通常,我们需要将 Azure Monitor 与其他系统集成,并生成使用监视数据的自定义解决方案。You'll often have the requirement to integrate Azure Monitor with other systems and to build custom solutions that use your monitoring data. 其他 Azure 服务使用 Azure Monitor 来提供这种集成。Other Azure services work with Azure Monitor to provide this integration.

事件中心Event Hub

Azure 事件中心是流式处理平台和事件引入服务。Azure Event Hubs is a streaming platform and event ingestion service. 它可以使用任何实时分析提供程序或批处理/存储适配器来转换和存储数据。It can transform and store data using any real-time analytics provider or batching/storage adapters. 使用事件中心可将 Azure Monitor 数据流式传输到合作伙伴 SIEM 和监视工具。Use Event Hubs to stream Azure Monitor data to partner SIEM and monitoring tools.

逻辑应用Logic Apps

使用逻辑应用服务可以通过与不同系统和服务集成的工作流将任务和业务流程自动化。Logic Apps is a service that allows you to automate tasks and business processes using workflows that integrate with different systems and services. 可以使用可在 Azure Monitor 中读取和写入指标和日志的活动。Activities are available that read and write metrics and logs in Azure Monitor. 这允许你生成与各种其他系统集成的工作流。This allows you to build workflows integrating with a variety of other systems.


可以使用多个 API 从/向 Azure Monitor 读取和写入指标与日志,以及访问生成的警报。Multiple APIs are available to read and write metrics and logs to and from Azure Monitor in addition to accessing generated alerts. 还可以配置和检索警报。You can also configure and retrieve alerts. 这样,几乎可以不受限制地生成与 Azure Monitor 集成的自定义解决方案。This provides you with essentially unlimited possibilities to build custom solutions that integrate with Azure Monitor.

后续步骤Next steps

了解有关以下方面的详细信息:Learn more about: