Overview of Azure Monitor

This article provides an overview of the Azure Monitor service in Microsoft Azure. It discusses what Azure Monitor does and provides pointers to additional information on how to use Azure Monitor. If you prefer a video introduction, see Next steps links at the bottom of this article.

Azure Monitor and Microsoft's other monitoring products

Azure Monitor provides base-level infrastructure metrics and logs for most services in Microsoft Azure. Azure services that do not yet put their data into Azure Monitor will put it there in the future.

Microsoft ships additional products and services that provide additional monitoring capabilities for developers, DevOps, or IT Ops that also have on-premises installations. For an overview and understanding of how these different products and services work together, see Monitoring in Microsoft Azure.

Portal overview page

Azure Monitor has a landing page that helps users:

  • Understand the monitoring capabilities offered by Azure.
  • Discover, configure, and on-board Azure‚Äôs platform and premium monitoring capabilities.

The page is a starting point for navigation, including on-boarding. It shows curated notable issues from different services and allows the user to navigate to them in context.

Model for monitoring and diagnostics for non-compute resources

When you open the page, you can select among the subscriptions you have read access to. For a selected subscription, you can see:

  • Triggered alerts and alert sources - This table shows summary counts, alert sources, and how many times alerts fired for the selected time duration. It applies to both older and newer alerts. Read more about the newer Azure Alerts.
  • Activity Log Errors - If any of your Azure resources log events with error-level severity, you can view a high-level count and click through to the activity log page to investigate each event.
  • Azure Service Health - You can see a count of Service Health service issues, planned maintenance events, and health advisories. Azure Service Health provides personalized information when problems in the Azure infrastructure impact your services. See Azure Service Health for more information.
  • Application Insights - See KPIs for each AppInsights resource in the current subscription. The KPIs are optimized for server-side application monitoring across ASP.NET web apps, Java, Node, and General application types. The KPIs include metrics for request rate, response duration, failure rate, and availability %.

If you have not on-boarded to Log Analytics or Application Insights, or if you have not configured any Azure Alerts in the current subscription, the page provides links to begin your on-boarding process.

Azure Monitor Sources - Compute subset

Model for monitoring and diagnostics for non-compute resources

The Compute services here include

  • Cloud Services
  • Virtual Machines
  • Virtual Machine scale sets
  • Service Fabric

Application - Diagnostics Logs, Application Logs, and Metrics

Applications can run on top of the Guest OS in the compute model. They emit their own set of logs and metrics. Azure Monitor relies on the Azure diagnostics extension (Windows or Linux) to collect most application level metrics and logs. The types include

  • Performance counters
  • Application Logs
  • Windows Event Logs
  • .NET Event Source
  • IIS Logs
  • Manifest based ETW
  • Crash Dumps
  • Customer Error Logs

Without the diagnostics extension, only a few metrics like CPU usage are available.

Host and Guest VM metrics

The previously listed compute resources have a dedicated host VM and guest OS they interact with. The host VM and guest OS are the equivalent of root VM and guest VM in the Hyper-V hypervisor model. You can collect metrics on both. You can also collect diagnostics logs on the guest OS.

Activity Log

You can search the Activity Log (previously called Operational or Audit Logs) for information about your resource as seen by the Azure infrastructure. The log contains information such as times when resources are created or destroyed. For more information, see Overview of Activity Log.

Azure Monitor Sources - everything else

Model for monitoring and diagnostics for compute resources

Resource - Metrics and Diagnostics Logs

Collectable metrics and diagnostics logs vary based on the resource type. For example, Web Apps provides statistics on the Disk IO and Percent CPU. Those metrics don't exist for a Service Bus queue, which instead provides metrics like queue size and message throughput. A list of collectable metrics for each resource is available at supported metrics.

Host and Guest VM metrics

There is not necessarily a 1:1 mapping between your resource and a particular Host or Guest VM so metrics are not available.

Activity Log

The activity log is the same as for compute resources.

Uses for Monitoring Data

Once you collect your data, you can do the following with it in Azure Monitor.


You can stream monitoring data to other locations.

Examples include:

  • Send to Application Insights so you can use its richer visualization and analysis tools.
  • Send to Event Hubs so you can route to third-party tools.

Store and Archive

Some monitoring data is already stored and available in Azure Monitor for a set amount of time.

  • Metrics are stored for 90 days.
  • Activity log entries are stored for 90 days.
  • Diagnostics logs are not stored at all.

If you want to store data longer than the time periods listed above, you can use an Azure storage. Monitoring data is kept in your storage account based on a retention policy you set. You do have to pay for the space the data takes up in Azure storage.

A few ways to use this data:

  • Once written, you can have other tools within or outside of Azure read it and process it.
  • You download the data locally for a local archive or change your retention policy in the cloud to keep data for extended periods of time.
  • You leave the data in Azure storage indefinitely for archive purposes.


You can use the Azure Monitor REST API, cross platform Command-Line Interface (CLI) commands, PowerShell cmdlets, or the .NET SDK to access the data in the system or Azure storage

Examples include:

  • Getting data for a custom monitoring application you have written
  • Creating custom queries and sending that data to a third-party application.


Visualizing your monitoring data in graphics and charts helps you find trends quicker than looking through the data itself.

A few visualization methods include:

  • Use the Azure portal
  • Route data to Azure Application Insights
  • Route data to Microsoft PowerBI
  • Route the data to a third-party visualization tool using either live streaming or by having the tool read from an archive in Azure storage



As part of the ongoing evolution of alerts on Microsoft Azure, now a unified experience for alerting is available. More details on new Azure alerts

In the Azure alerts, you can use monitoring data to trigger alerts or even whole processes. Examples include:

  • Use data to autoscale compute instances up or down based on application load.
  • Send emails based on metric or log conditions.
  • Call a web URL (webhook) to execute an action in a system outside of Azure
  • Start a runbook in Azure automation to perform any variety of tasks

Methods of accessing Azure Monitor

In general, you can manipulate data tracking, routing, and retrieval using one of the following methods. Not all methods are available for all actions or data types.

Next steps

Learn more about