Log Analytics Alerting

Log Analytics Azure Monitoring Alerting Rules
Andrew Posted on 6:49 am

Log Analytics Alerting

Why is alerting from Azure Log Analytics important? We need to be able to create alerts so that administrators can be made aware of potential problems so that they can be investigated and corrected quickly. Sounds simple right? Well, thanks to Azure Log Analytics and Monitoring Alerts in Azure, it is.

First, log into your Azure subscription. Next open Monitor, select Alerts, and Create Rule. You will see that we need to add some information here to get this configured fully:
Log Analytics Azure Monitoring Alerting Rules

In Section 1. Define Alert Condition, we will add a VM from our Free Trial subscription in Azure (Remember you can try all of this for free! Sign up with Azure here.)

Click on +Select Target and select your subscription and then choose a resource to add into this monitoring rule.

Note that for Log Based alert rules we need to add a specific target for that rule to look at — unlike activity alerting that is a bit more general in that we can specify a resource group, resource type, or just a high level subscription.

Note that you should pay close attention to the bottom right corner where Azure shows us the Available Signals for the selected resource. In this case we will add a VM to monitor, and we can use Metric or Activity Log signals.

Select the VM and click on Done.

Back to step 1. Define Alert Condition, we need to now select Add Criteria so that we can look at specific metrics within our selected VM resource. Click on Redeploy Virtual Machine (Activity Log Section) and select Done.


Set your Alerting Logic and how often to evaluate the log.

When you create alerting criteria, Azure will do it’s best to also estimate how often it is likely to run based on all kinds of history within their measured historical metrics; and then provide an estimate for you. Remember, this is just an estimate.

Next, fill in the Name and Description in Step 2. Define Alert Details. This should follow your naming standards for rules and also be plain enough that someone else will know what the rule is all about. Take a moment and put a meaningful name and description together. I’ll wait….Ok, let’s select who will get the alert now.

Select your favourite Action Group to send the alert to, or if you do not have one configured simply add the members to a new group and save.

Click on Create Alert Rule at the bottom now, and Azure will create your new alerting rule based on the Redeployment trigger for the selected VM resource.

Try doing a Redeployment of that VM (only if it’s in your Dev or Test and you can safely do so of course!) and watch the alert come in!