What are the different types of logs generated in Azure which helps in Monitoring Azure resources?

There are lots of different types of logs generated in Azure, it’s very much confusing when you don’t know which logs to use for monitoring your resources and how to access them. Logs contain different kinds of data organized into records with different sets of properties for each type. Logs can contain numeric values like metrics but typically contain text data with detailed descriptions. They further differ from metrics in that they vary in their structure and are often not collected at regular intervals.

Types of logs generated in Azure

There are 20 different types of logs currently generated in Azure and there are different ways to access them. Please find the table to understand the different types of logs generated in Azure and their types, supported services and method of access.

As per Microsoft docs, please find the different sources of logs generated in Azure in this below table.

Data type / Source Category Supported Services Methods of access
Azure Monitor platform-level metrics Metrics See list here
Compute guest OS metrics (eg. perf counters) Metrics Windows and Linux Virtual Machines (v2), Cloud ServicesService Fabric
Custom or application metrics Metrics Any application instrumented with Application Insights
Storage metrics Metrics Azure Storage
Billing data Metrics All Azure services
Activity Log Events All Azure services
Azure Monitor Diagnostic Logs Events See list here
  • Storage blob or event hub:Diagnostic Settings
Compute guest OS logs (eg. IIS, ETW, syslogs) Events Windows and Linux Virtual Machines (v2), Cloud ServicesService Fabric
App Service logs Events App services
  • File, table, or blob storage:Web app diagnostics
Storage logs Events Azure Storage
Security Center alerts Events Azure Security Center
Active Directory reporting Events Azure Active Directory
Security Center resource status Status All supported resources
Resource Health Status Supported services
Azure Monitor metric alerts Notifications See list here
Azure Monitor Activity Log alerts Notifications All Azure services
  • Webhook: Azure Activity Log alerts
Autoscale notifications Notifications See list here
Log Search Query alerts Notifications Log Analytics
Application Insights metric alerts Notifications Application Insights
Application Insights web tests Notifications Application Insights

Table: Showing types of Azure Logs

Now let’s see one of the most important log which is the Activity Log.

What is Activity Log in Azure?

The Azure Activity Log is a subscription log that provides insight into subscription-level events that have occurred in Azure. This includes a range of data, from Azure Resource Manager operational data to updates on Service Health events. The Activity Log was previously known as “Audit Logs” or “Operational Logs,” since the Administrative category reports control-plane events for your subscriptions. Using the Activity Log, you can determine the ‘what, who, and when’ for any write operations (PUT, POST, DELETE) taken on the resources in your subscription. The Azure Activity Log is primarily for activities that occur in Azure Resource Manager. You can retrieve events from your Activity Log using the Azure portal, CLI, PowerShell cmdlets, and Azure Monitor REST API.

Here is a diagram from Microsoft which shows what you can do with Azure Activity Log.

From July 2018, activity alert experience can be triggered by Unified Alerting. A new unified alert experience that enables you to manage alerts from multiple subscriptions and introduces alert states and smart groups is currently available in public preview.

In my next post, I will write about the unified alert monitor in the Azure Portal with a detail use case. Azure monitoring is becoming so vast that you need enough time to become experts in the field of monitoring and alerting. I will publish all my findings in my blog which may help you to get some experience near future. In the new beta exam syllabus of AZ 300 also Microsoft has introduced a new chapter for analyzing resource utilization and consumption.

That’s all for today. You have a good day ahead.

Picture Credit: Pexels.com