Monitoring metrics and logs in Azure Front Door Service
By using Azure Front Door Service, you can monitor resources in the following ways:
- Metrics. Application Gateway currently has seven metrics to view performance counters.
- Logs. Activity and diagnostic logs allow performance, access, and other data to be saved or consumed from a resource for monitoring purposes.
Metrics are a feature for certain Azure resources that allow you to view performance counters in the portal. The following are available Front Door metrics:
|Metric||Metric Display Name||Unit||Dimensions||Description|
|The number of client requests served by Front Door.|
|The number of bytes sent as requests from clients to Front Door.|
|The number of bytes sent as responses from Front Door to clients.|
|The time calculated from the client request received by Front Door until the client acknowledged the last response byte from Front Door.|
|BackendRequestCount||Backend Request Count||Count||HttpStatus
|The number of requests sent from Front Door to backends.|
|BackendRequestLatency||Backend Request Latency||Milliseconds||Backend||The time calculated from when the request was sent by Front Door to the backend until Front Door received the last response byte from the backend.|
|BackendHealthPercentage||Backend Health Percentage||Percent||Backend
|The percentage of successful health probes from Front Door to backends.|
|WebApplicationFirewallRequestCount||Web Application Firewall Request Count||Count||PolicyName
|The number of client requests processed by the application layer security of Front Door.|
Activity logs provide information about the operations done on Front Door Service. They also determine the what, who, and when for any write operations (put, post, or delete) taken on Front Door Service.
Activity logs don't include read (get) operations. They also don't include operations that you perform by using either the Azure portal or the original Management API.
Access activity logs in your Front Door Service or all the logs of your Azure resources in Azure Monitor. To view activity logs:
Select your Front Door instance.
Select Activity log.
Choose a filtering scope, and then select Apply.
Diagnostic logs provide rich information about operations and errors that are important for auditing and troubleshooting. Diagnostic logs differ from activity logs.
Activity logs provide insights into the operations done on Azure resources. Diagnostic logs provide insight into operations that your resource performed. For more information, see Azure Monitor diagnostic logs.
To configure diagnostic logs for your Front Door Service:
Select your Azure Front Door service.
Choose Diagnostic settings.
Select Turn on diagnostics. Archive diagnostic logs along with metrics to a storage account, stream them to an event hub, or send them to Azure Monitor logs.
Front Door Service currently provides diagnostic logs (batched hourly). Diagnostic logs provide individual API requests with each entry having the following schema:
|ClientIp||The IP address of the client that made the request.|
|ClientPort||The IP port of the client that made the request.|
|HttpMethod||HTTP method used by the request.|
|HttpStatusCode||The HTTP status code returned from the proxy.|
|HttpStatusDetails||Resulting status on the request. Meaning of this string value can be found at a Status reference table.|
|HttpVersion||Type of the request or connection.|
|RequestBytes||The size of the HTTP request message in bytes, including the request headers and the request body.|
|RequestUri||URI of the received request.|
|ResponseBytes||Bytes sent by the backend server as the response.|
|RoutingRuleName||The name of the routing rule that the request matched.|
|SecurityProtocol||The TLS/SSL protocol version used by the request or null if no encryption.|
|TimeTaken||The length of time that the action took, in milliseconds.|
|UserAgent||The browser type that the client used|
|TrackingReference||The unique reference string that identifies a request served by Front Door, also sent as X-Azure-Ref header to the client. Required for searching details in the access logs for a specific request.|