Create an Azure Monitor VM with PowerShell
This script creates an Azure Virtual Machine, installs the Log Analytics agent, and enrolls the system with an Log Analytics workspace. Once the script has run, the virtual machine will be visible in the console.
If needed, install the Azure PowerShell module using the instructions found in the Azure PowerShell guide, and then run Connect-AzAccount
to create a connection with Azure. Also, you need to have an SSH public key named id_rsa.pub
in the .ssh directory of your user profile.
If you don't have an Azure subscription, create a free account before you begin.
Sample script
# OMS Id and OMS key
$omsId = "<Replace with your OMS Id>"
$omsKey = "<Replace with your OMS key>"
# Variables for common values
$resourceGroup = "myResourceGroup"
$location = "westeurope"
$vmName = "myVM"
# Definer user name and blank password
$securePassword = ConvertTo-SecureString ' ' -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential ("azureuser", $securePassword)
# Create a resource group
New-AzResourceGroup -Name $resourceGroup -Location $location
# Create a subnet configuration
$subnetConfig = New-AzVirtualNetworkSubnetConfig -Name mySubnet -AddressPrefix 192.168.1.0/24
# Create a virtual network
$vnet = New-AzVirtualNetwork -ResourceGroupName $resourceGroup -Location $location `
-Name MYvNET -AddressPrefix 192.168.0.0/16 -Subnet $subnetConfig
# Create a public IP address and specify a DNS name
$pip = New-AzPublicIpAddress -ResourceGroupName $resourceGroup -Location $location `
-Name "mypublicdns$(Get-Random)" -AllocationMethod Static -IdleTimeoutInMinutes 4
# Create an inbound network security group rule for port 22
$nsgRuleSSH = New-AzNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleSSH -Protocol Tcp `
-Direction Inbound -Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
-DestinationPortRange 22 -Access Allow
# Create a network security group
$nsg = New-AzNetworkSecurityGroup -ResourceGroupName $resourceGroup -Location $location `
-Name myNetworkSecurityGroup -SecurityRules $nsgRuleSSH
# Create a virtual network card and associate with public IP address and NSG
$nic = New-AzNetworkInterface -Name myNic -ResourceGroupName $resourceGroup -Location $location `
-SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -NetworkSecurityGroupId $nsg.Id
# Create a virtual machine configuration
$vmConfig = New-AzVMConfig -VMName $vmName -VMSize Standard_D1 | `
Set-AzVMOperatingSystem -Linux -ComputerName $vmName -Credential $cred -DisablePasswordAuthentication | `
Set-AzVMSourceImage -PublisherName Canonical -Offer UbuntuServer -Skus 14.04.2-LTS -Version latest | `
Add-AzVMNetworkInterface -Id $nic.Id
# Configure SSH Keys
$sshPublicKey = Get-Content "$env:USERPROFILE\.ssh\id_rsa.pub"
Add-AzVMSshPublicKey -VM $vmConfig -KeyData $sshPublicKey -Path "/home/azureuser/.ssh/authorized_keys"
# Create a virtual machine
New-AzVM -ResourceGroupName $resourceGroup -Location $location -VM $vmConfig
# Install and configure the OMS agent
$PublicSettings = New-Object psobject | Add-Member -PassThru NoteProperty workspaceId $omsId | ConvertTo-Json
$protectedSettings = New-Object psobject | Add-Member -PassThru NoteProperty workspaceKey $omsKey | ConvertTo-Json
Set-AzVMExtension -ExtensionName "OMS" -ResourceGroupName $resourceGroup -VMName $vmName `
-Publisher "Microsoft.EnterpriseCloud.Monitoring" -ExtensionType "OmsAgentForLinux" `
-TypeHandlerVersion 1.0 -SettingString $PublicSettings ` -ProtectedSettingString $protectedSettings `
-Location $location
Clean up deployment
Run the following command to remove the resource group, VM, and all related resources.
Remove-AzResourceGroup -Name myResourceGroup
Script explanation
This script uses the following commands to create the deployment. Each item in the table links to command specific documentation.
Command | Notes |
---|---|
New-AzResourceGroup | Creates a resource group in which all resources are stored. |
New-AzVirtualNetworkSubnetConfig | Creates a subnet configuration. This configuration is used with the virtual network creation process. |
New-AzVirtualNetwork | Creates a virtual network. |
New-AzPublicIpAddress | Creates a public IP address. |
New-AzNetworkSecurityRuleConfig | Creates a network security group rule configuration. This configuration is used to create an NSG rule when the NSG is created. |
New-AzNetworkSecurityGroup | Creates a network security group. |
Get-AzVirtualNetworkSubnetConfig | Gets subnet information. This information is used when creating a network interface. |
New-AzNetworkInterface | Creates a network interface. |
New-AzVMConfig | Creates a VM configuration. This configuration includes information such as VM name, operating system, and administrative credentials. The configuration is used during VM creation. |
New-AzVM | Create a virtual machine. |
Set-AzVMExtension | Add a VM extension to the virtual machine. In this case, the Log Analytics agent extension is used to install the Log Analytics agent and enroll the VM in a Log Analytics workspace. |
Remove-AzResourceGroup | Removes a resource group and all resources contained within. |
Next steps
For more information on the Azure PowerShell module, see Azure PowerShell documentation.
Additional virtual machine PowerShell script samples can be found in the Azure Linux VM documentation.