Azure Purview metrics in Azure Monitor

This article describes how to configure metrics, alerts, and diagnostic settings for Azure Purview using Azure Monitor.

Monitor Azure Purview

Azure Purview admins can use Azure Monitor to track the operational state of Azure Purview account. Metrics are collected to provide data points for you to track potential problems, troubleshoot, and improve the reliability of the Azure Purview account. The metrics are sent to Azure monitor for events occurring in Azure Purview.

Aggregated metrics

The metrics can be accessed from the Azure portal for an Azure Purview account. Access to the metrics are controlled by the role assignment of Azure Purview account. Users need to be part of the "Monitoring Reader" role in Azure Purview to see the metrics. Check out Monitoring Reader Role permissions to learn more about the roles access levels.

The person who created the Azure Purview account automatically gets permissions to view metrics. If anyone else wants to see metrics, add them to the Monitoring Reader role, by following these steps:

Add a user to the Monitoring Reader role

To add a user to the Monitoring Reader role, the owner of Azure Purview account or the Subscription owner can follow these steps:

  1. Go to the Azure portal and search for the Azure Purview account name.

  2. Select Access control (IAM).

    Screenshot showing how to access IAM.

  3. Select Add a role assignment.

    Screenshot showing how to add role assignment.

  4. Select the Role Monitoring Reader and set assign access to Azure AD user, group, or service principal. And assign the AAD account to access the metrics.

    Screenshot showing how to add monitoring reader role.

Metrics visualization

Users in the Monitoring Reader role can see the aggregated metrics and diagnostic logs sent to Azure Monitor. The metrics are listed in the Azure portal for the corresponding Azure Purview account. In the Azure portal, select the Metrics section to see the list of all available metrics.

Screenshot showing available Azure Purview metrics section.

Azure Purview users can also access the metrics page directly from the management center of the Azure Purview account. Select Azure Monitor in the main page of Azure Purview management center to launch Azure portal.

Screenshot to launch Azure Purview metrics from management center.

Available metrics

To get familiarized with how to use the metric section in the Azure portal pre read the following two documents. Getting started with Metric Explorer and Advanced features of Metric Explorer.

The following table contains the list of metrics available to explore in the Azure portal:

Metric Name Metric Namespace Aggregation type Description
Data Map Capacity Units Elastic data map Sum
Count
Aggregate the elastic data map capacity units over time period
Data Map Storage Size Elastic data map Sum
Avg
Aggregate the elastic data map storage size over time period
Scan Canceled Automated scan Sum
Count
Aggregate the canceled data source scans over time period
Scan Completed Automated scan Sum
Count
Aggregate the completed data source scans over time period
Scan Failed Automated scan Sum
Count
Aggregate the failed data source scans over time period
Scan time taken Automated scan Min
Max
Sum
Avg
Aggregate the total time taken by scans over time period

Diagnostic Logs to Azure Storage account

Raw telemetry events are emitted to Azure Monitor. Events can be logged to a customer storage account of choice for further analysis. Exporting of logs is done via the Diagnostic settings for the Azure Purview account on the Azure portal.

Follow the steps to create a Diagnostic setting for your Azure Purview account.

  1. Create a new diagnostic setting to collect platform logs and metrics by following this article: Create diagnostic settings to send platform logs and metrics to different destinations. Select the destination only as Azure storage account.

    Screenshot showing creating diagnostic log.

  2. Log the events to a storage account. A dedicated storage account is recommended for archiving the diagnostic logs. Following this article to Create a storage account.

    Screenshot showing assigning storage account for diagnostic log.

Allow up to 15 minutes to start receiving logs in the newly created storage account. See data retention and schema of resource logs in Azure Storage account. Once the diagnostic logs are configured, the events flow to the storage account.

ScanStatusLogEvent

The event tracks the scan life cycle. A scan operation follows progress through a sequence of states, from Queued, Running and finally a terminal state of Succeeded | Failed | Canceled. An event is logged for each state transition and the schema of the event will have the following properties.

{
  "time": "<The UTC time when the event occurred>",
  "properties": {
    "dataSourceName": "<Registered data source friendly name>",
    "dataSourceType": "<Registered data source type>",
    "scanName": "<Scan instance friendly name>",
    "assetsDiscovered": "<If the resultType is succeeded, count of assets discovered in scan run>",
    "assetsClassified": "<If the resultType is succeeded, count of assets classified in scan run>",
    "scanQueueTimeInSeconds": "<If the resultType is succeeded, total seconds the scan instance in queue>",
    "scanTotalRunTimeInSeconds": "<If the resultType is succeeded, total seconds the scan took to run>",
    "runType": "<How the scan is triggered>",
    "errorDetails": "<Scan failure error>",
    "scanResultId": "<Unique GUID for the scan instance>"
  },
  "resourceId": "<The azure resource identifier>",
  "category": "<The diagnostic log category>",
  "operationName": "<The operation that cause the event Possible values for ScanStatusLogEvent category are: 
                    |AdhocScanRun 
                    |TriggeredScanRun 
                    |StatusChangeNotification>",
  "resultType": "Queued – indicates a scan is queued. 
                 Running – indicates a scan entered a running state. 
                 Succeeded – indicates a scan completed successfully. 
                 Failed – indicates a scan failure event. 
                 Cancelled – indicates a scan was cancelled. ",
  "resultSignature": "<Not used for ScanStatusLogEvent category. >",
  "resultDescription": "<This will have an error message if the resultType is Failed. >",
  "durationMs": "<Not used for ScanStatusLogEvent category. >",
  "level": "<The log severity level. Possible values are:
            |Informational
            |Error >",
  "location": "<The location of the Azure Purview account>",
}

The Sample log for an event instance is shown in the below section.

{
  "time": "2020-11-24T20:25:13.022860553Z",
  "properties": {
    "dataSourceName": "AzureDataExplorer-swD",
    "dataSourceType": "AzureDataExplorer",
    "scanName": "Scan-Kzw-shoebox-test",
    "assetsDiscovered": "0",
    "assetsClassified": "0",
    "scanQueueTimeInSeconds": "0",
    "scanTotalRunTimeInSeconds": "0",
    "runType": "Manual",
    "errorDetails": "empty_value",
    "scanResultId": "0dc51a72-4156-40e3-8539-b5728394561f"
  },
  "resourceId": "/SUBSCRIPTIONS/111111111111-111-4EB2/RESOURCEGROUPS/FOOBAR-TEST-RG/PROVIDERS/MICROSOFT.PURVIEW/ACCOUNTS/FOOBAR-HEY-TEST-NEW-MANIFEST-EUS",
  "category": "ScanStatusLogEvent",
  "operationName": "TriggeredScanRun",
  "resultType": "Delayed",
  "resultSignature": "empty_value",
  "resultDescription": "empty_value",
  "durationMs": 0,
  "level": "Informational",
  "location": "eastus",
}

Next steps

View Asset insights