WEBVTT 0:00:01.820000 --> 0:00:07.300000 In this video, we're going to take a look at configuring diagnostics on 0:00:07.300000 --> 0:00:14.080000 resources. The video is going to be pretty much just a demonstration. 0:00:14.080000 --> 0:00:18.520000 We're going to take a look at configuring virtual machine diagnostics, 0:00:18.520000 --> 0:00:22.560000 and then configuring web app diagnostics, and then we're going to take 0:00:22.560000 --> 0:00:24.080000 a look at other resources. 0:00:24.080000 --> 0:00:28.420000 In this case, I'm going to demonstrate an Azure SQL Database and Azure 0:00:28.420000 --> 0:00:32.920000 SQL Server. The point of this demonstration is to show you a few things. 0:00:32.920000 --> 0:00:38.960000 First, that you can configure diagnostics and metric collection for different 0:00:38.960000 --> 0:00:45.220000 resources. But more importantly, each resource has its own quirks when 0:00:45.220000 --> 0:00:50.280000 it comes to configuring it for diagnostic purposes. 0:00:50.280000 --> 0:00:55.140000 With that said, let's go ahead and take a look at the process of configuring 0:00:55.140000 --> 0:01:00.300000 diagnostics. This is not a terribly lengthy demonstration. 0:01:00.300000 --> 0:01:05.040000 Let's go ahead and pop that over here. 0:01:05.040000 --> 0:01:11.200000 I have a resource group, and in the resource group, I've got all of the 0:01:11.200000 --> 0:01:14.340000 resources that I want to set up diagnostics for. 0:01:14.340000 --> 0:01:20.760000 I've got a virtual machine, I have a web app, and I have a SQL Database 0:01:20.760000 --> 0:01:22.900000 and an Azure SQL Server. 0:01:22.900000 --> 0:01:29.600000 I'm going to start out by going into my virtual machine configuration, 0:01:29.600000 --> 0:01:35.180000 and I'm going to come down to Diagnostics Settings. 0:01:35.180000 --> 0:01:39.860000 There's a few things that I want to do. 0:01:39.860000 --> 0:01:44.600000 First of all, I want to go ahead and enable guest level diagnostics. 0:01:44.600000 --> 0:01:50.960000 Now, with a virtual machine when you enable guest level diagnostics, what's 0:01:50.960000 --> 0:01:55.600000 going to happen is that it's actually going to install an extension into 0:01:55.600000 --> 0:02:01.280000 the virtual machine to collect extended diagnostic data. 0:02:01.280000 --> 0:02:08.200000 Now, in addition to this, you will often want to set up the boot diagnostics. 0:02:08.200000 --> 0:02:12.140000 I'm not sure if it's going to let me change it is indeed. 0:02:12.140000 --> 0:02:17.460000 It's telling me that boot diagnostics is not configured for this virtual 0:02:17.460000 --> 0:02:22.640000 machine. I'm going to go ahead and this is a very complex process, turn 0:02:22.640000 --> 0:02:24.520000 on boot diagnostics. 0:02:24.520000 --> 0:02:28.040000 Now, when you turn on boot diagnostics, those diagnostics need to go into 0:02:28.040000 --> 0:02:35.560000 a storage account, and I'm going to go ahead and save my boot diagnostics. 0:02:35.560000 --> 0:02:41.240000 Now, the boot diagnostics and the extended diagnostics both go into storage 0:02:41.240000 --> 0:02:45.280000 accounts, and typically, you would most likely put them into the same 0:02:45.280000 --> 0:02:49.480000 storage account, but I was doing this quickly. 0:02:49.480000 --> 0:02:54.120000 I believe it's not going to, yeah, I'm going to have to wait here. 0:02:54.120000 --> 0:03:00.040000 So, I'm going to wait, and for you, the video should be sped up to finish 0:03:00.040000 --> 0:03:11.200000 this out. All right, we have now successfully set up diagnostics for our 0:03:11.200000 --> 0:03:15.240000 virtual machine. 0:03:15.240000 --> 0:03:24.140000 And here's my log of the last diagnostic, which it hadn't actually been 0:03:24.140000 --> 0:03:29.120000 able to set up yet because it was rebooting while it was still being created. 0:03:29.120000 --> 0:03:36.780000 And if I go to my diagnostic settings, now, in addition to seeing all 0:03:36.780000 --> 0:03:40.120000 the information, because I turned that on, I actually have very detailed 0:03:40.120000 --> 0:03:44.080000 capabilities in terms of what I can record. 0:03:44.080000 --> 0:03:47.020000 So, I've got performance counters, and I've got basic level performance 0:03:47.020000 --> 0:03:52.600000 counters, or if I go custom, I've got all of the performance counters 0:03:52.600000 --> 0:03:58.020000 on the machine. There's pages of these, but we'll stick with basic logs. 0:03:58.020000 --> 0:04:02.080000 Same idea. I've got various logs that I can collect, or I can customize 0:04:02.080000 --> 0:04:04.880000 that and get even more detailed. 0:04:04.880000 --> 0:04:09.500000 I have the choice of collecting crash dumps. 0:04:09.500000 --> 0:04:16.460000 Now, with syncs, I can send this to application insights. 0:04:16.460000 --> 0:04:22.280000 And then agent is the basic configuration for my diagnostics. 0:04:22.280000 --> 0:04:27.760000 You can see how much disk space I'm willing to take up. 0:04:27.760000 --> 0:04:31.760000 I can see the infrastructure, I want diagnostic infrastructure logs, my 0:04:31.760000 --> 0:04:33.560000 log level, et cetera. 0:04:33.560000 --> 0:04:38.080000 So, that is configuring logging for a virtual machine. 0:04:38.080000 --> 0:04:43.780000 Next, let's take a look at setting up logging. 0:04:43.780000 --> 0:04:47.880000 That's fine. I don't really want to make any changes there anyways. 0:04:47.880000 --> 0:04:53.240000 Let's take a look at setting up logging on a web app. 0:04:53.240000 --> 0:04:56.020000 There's my web app. 0:04:56.020000 --> 0:05:02.340000 This is a little more straightforward, but it is a different setup for 0:05:02.340000 --> 0:05:09.140000 logging. I'm going to come down to my diagnostic logs, and I can turn 0:05:09.140000 --> 0:05:14.140000 them on. I have application logging to the file system and also to blob 0:05:14.140000 --> 0:05:18.140000 storage. If I turn on application logging to the file system, that's going 0:05:18.140000 --> 0:05:23.520000 to log to the running compute instances behind my web app. 0:05:23.520000 --> 0:05:28.620000 And I can set the level that I want to log, maybe I'll log warnings there. 0:05:28.620000 --> 0:05:35.700000 I can also separately log to blob storage, again, at the application level. 0:05:35.700000 --> 0:05:41.260000 Maybe I just want to log errors, and I would have to set up my storage 0:05:41.260000 --> 0:05:46.680000 settings. Here's a monitoring. 0:05:46.680000 --> 0:05:57.520000 Let's just add web app as a container. 0:05:57.520000 --> 0:06:02.720000 Select that container. 0:06:02.720000 --> 0:06:04.400000 Specify retention period. 0:06:04.400000 --> 0:06:09.820000 It's 365 days. Then I can also set up my web server. 0:06:09.820000 --> 0:06:12.280000 This is, for example, at the IIS level. 0:06:12.280000 --> 0:06:15.640000 It's a little different rather than being able to set the file system 0:06:15.640000 --> 0:06:19.440000 and blob storage independently, I can choose one or the other. 0:06:19.440000 --> 0:06:23.240000 Say I want to send my web server logging to storage. 0:06:23.240000 --> 0:06:26.480000 Then I can set my storage account. 0:06:26.480000 --> 0:06:33.840000 This one. Go ahead and send it to the same web app. 0:06:33.840000 --> 0:06:35.540000 It's a retention day. 0:06:35.540000 --> 0:06:39.820000 It's also 365. I also have the ability to have detailed error messages 0:06:39.820000 --> 0:06:42.260000 and failed request tracing. 0:06:42.260000 --> 0:06:45.280000 These are all the options for a web app. 0:06:45.280000 --> 0:06:51.340000 Now, collecting data from the application separate from the IIS platform 0:06:51.340000 --> 0:06:55.700000 or the web platform makes sense, right, because you have application errors. 0:06:55.700000 --> 0:07:01.140000 Maybe somebody tries to upload data to a page that doesn't accept that 0:07:01.140000 --> 0:07:06.680000 data. Whereas I also have my service level errors. 0:07:06.680000 --> 0:07:11.460000 For example, maybe the service crashes for some reason. 0:07:11.460000 --> 0:07:16.180000 Being able to track those separately does, in fact, make sense. 0:07:16.180000 --> 0:07:18.620000 I can also download the logs. 0:07:18.620000 --> 0:07:23.000000 I can see information on how to download my web application logs. 0:07:23.000000 --> 0:07:27.220000 Then I can just save those settings. 0:07:27.220000 --> 0:07:32.880000 Web applications can also be integrated with application insights. 0:07:32.880000 --> 0:07:34.380000 I want to do that. 0:07:34.380000 --> 0:07:37.260000 I'm not going to turn this on because this does take a little while. 0:07:37.260000 --> 0:07:41.960000 I can turn on that site extension and further integrate a very rich set 0:07:41.960000 --> 0:07:45.640000 of analytics for the application itself. 0:07:45.640000 --> 0:07:50.140000 The next thing that I want to do, which pop over to databases here, I 0:07:50.140000 --> 0:07:58.120000 have a SQL database and I'm going to set up my logging for this, which 0:07:58.120000 --> 0:08:02.260000 is really more auditing than logging. 0:08:02.260000 --> 0:08:07.820000 I have both. I'm going to go to the diagnostics of my SQL database. 0:08:07.820000 --> 0:08:12.140000 I can turn on diagnostics and you can see all of the different options 0:08:12.140000 --> 0:08:22.380000 that I have. I'm going to go ahead and turn on diagnostics. 0:08:22.380000 --> 0:08:25.780000 I can archive this to a storage account. 0:08:25.780000 --> 0:08:30.960000 Select the storage account. 0:08:30.960000 --> 0:08:36.980000 I will keep this in my monitoring storage account. 0:08:36.980000 --> 0:08:41.180000 I can also stream to an event hub or stream to log analytics. 0:08:41.180000 --> 0:08:45.500000 Then I can choose what I want to collect. 0:08:45.500000 --> 0:08:49.140000 You don't necessarily want to collect everything because this is taking 0:08:49.140000 --> 0:08:52.700000 up storage and it is costing some money. 0:08:52.700000 --> 0:08:59.500000 I, in fact, want all of these log actions. 0:08:59.500000 --> 0:09:03.180000 I'm not sure why I went in a backwards order. 0:09:03.180000 --> 0:09:10.160000 I want to store my basic performance metrics as well. 0:09:10.160000 --> 0:09:15.800000 We'll go with 15 days of storage for each of these. 0:09:15.800000 --> 0:09:19.160000 You set it to zero. 0:09:19.160000 --> 0:09:26.300000 It's going to be unlimited. 0:09:26.300000 --> 0:09:30.800000 I'm going to save those settings. 0:09:30.800000 --> 0:09:36.280000 That sets up the diagnostics for my server. 0:09:36.280000 --> 0:09:40.820000 I want to show you one other thing for my database. 0:09:40.820000 --> 0:09:43.800000 I can also set up auditing for the database. 0:09:43.800000 --> 0:09:49.540000 Some of your resources have this auditing capability. 0:09:49.540000 --> 0:09:54.540000 I can set up auditing at the server level and it will audit everything 0:09:54.540000 --> 0:09:55.960000 at the database level. 0:09:55.960000 --> 0:10:00.280000 Or I can set up auditing for an individual database. 0:10:00.280000 --> 0:10:04.080000 If I'm going to audit a database, I can set up where I want that audit 0:10:04.080000 --> 0:10:08.620000 information to go, storage or log analytics or event hub. 0:10:08.620000 --> 0:10:20.180000 I'm just going to set the subscription and set the storage account. 0:10:20.180000 --> 0:10:22.120000 And the retention. 0:10:22.120000 --> 0:10:28.900000 Or 365 days of audit information on this database. 0:10:28.900000 --> 0:10:32.280000 And then I can save that. 0:10:32.280000 --> 0:10:38.780000 In addition to diagnostic data and performance data, I also am now storing 0:10:38.780000 --> 0:10:45.760000 audit data. That's really the story with configuring the collection of 0:10:45.760000 --> 0:10:48.560000 diagnostic data and performance metrics. 0:10:48.560000 --> 0:10:54.340000 Each resource is going to allow you to set that up a little bit differently. 0:10:54.340000 --> 0:10:58.340000 And you need to look at each resource and figure out what data you can 0:10:58.340000 --> 0:11:02.540000 collect, what data you want to collect and how long you want to keep that