Use PowerShell to enable Azure Diagnostics in a virtual machine running Windows
Azure Diagnostics is the capability within Azure that enables the collection of diagnostic data on a deployed application. You can use the diagnostics extension to collect diagnostic data like application logs or performance counters from an Azure virtual machine (VM) that is running Windows.
Enable the diagnostics extension if you use the Resource Manager deployment model
You can enable the diagnostics extension while you create a Windows VM through the Azure Resource Manager deployment model by adding the extension configuration to the Resource Manager template. See Create a Windows virtual machine with monitoring and diagnostics by using the Azure Resource Manager template.
To enable the diagnostics extension on an existing VM that was created through the Resource Manager deployment model, you can use the Set-AzVMDiagnosticsExtension PowerShell cmdlet as shown below.
$vm_resourcegroup = "myvmresourcegroup"
$vm_name = "myvm"
$diagnosticsconfig_path = "DiagnosticsPubConfig.xml"
Set-AzVMDiagnosticsExtension -ResourceGroupName $vm_resourcegroup -VMName $vm_name -DiagnosticsConfigurationPath $diagnosticsconfig_path
$diagnosticsconfig_path is the path to the file that contains the diagnostics configuration in XML, as described in the sample below.
If the diagnostics configuration file specifies a StorageAccount element with a storage account name, then the Set-AzVMDiagnosticsExtension script will automatically set the diagnostics extension to send diagnostic data to that storage account. For this to work, the storage account needs to be in the same subscription as the VM.
If no StorageAccount was specified in the diagnostics configuration, then you need to pass in the StorageAccountName parameter to the cmdlet. If the StorageAccountName parameter is specified, then the cmdlet will always use the storage account that is specified in the parameter and not the one that is specified in the diagnostics configuration file.
If the diagnostics storage account is in a different subscription from the VM, then you need to explicitly pass in the StorageAccountName and StorageAccountKey parameters to the cmdlet. The StorageAccountKey parameter is not needed when the diagnostics storage account is in the same subscription, as the cmdlet can automatically query and set the key value when enabling the diagnostics extension. However, if the diagnostics storage account is in a different subscription, then the cmdlet might not be able to get the key automatically and you need to explicitly specify the key through the StorageAccountKey parameter.
Set-AzVMDiagnosticsExtension -ResourceGroupName $vm_resourcegroup -VMName $vm_name -DiagnosticsConfigurationPath $diagnosticsconfig_path -StorageAccountName $diagnosticsstorage_name -StorageAccountKey $diagnosticsstorage_key
Once the diagnostics extension is enabled on a VM, you can get the current settings by using the Get-AzVmDiagnosticsExtension cmdlet.
Get-AzVMDiagnosticsExtension -ResourceGroupName $vm_resourcegroup -VMName $vm_name
The cmdlet returns PublicSettings, which contains the diagnostics configuration. There are two kinds of configuration supported, WadCfg and xmlCfg. WadCfg is JSON configuration, and xmlCfg is XML configuration in a Base64-encoded format. To read the XML, you need to decode it.
$publicsettings = (Get-AzVMDiagnosticsExtension -ResourceGroupName $vm_resourcegroup -VMName $vm_name).PublicSettings
$encodedconfig = (ConvertFrom-Json -InputObject $publicsettings).xmlCfg
$xmlconfig = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($encodedconfig))
Write-Host $xmlconfig
The Remove-AzVmDiagnosticsExtension cmdlet can be used to remove the diagnostics extension from the VM.
Enable the diagnostics extension if you use the classic deployment model
Important
VMs created through the classic deployment model will be retired on September 1, 2023.
If you use IaaS resources from Azure Service Management, please complete your migration by September 1, 2023. We encourage you to make the switch sooner to take advantage of the many feature enhancements in Azure Resource Manager.
For more information, see Migrate your IaaS resources to Azure Resource Manager by September 1, 2023.
You can use the Set-AzureVMDiagnosticsExtension cmdlet to enable a diagnostics extension on a VM that you create through the classic deployment model. The following example shows how to create a new VM through the classic deployment model with the diagnostics extension enabled.
$VM = New-AzureVMConfig -Name $VM -InstanceSize Small -ImageName $VMImage
$VM = Add-AzureProvisioningConfig -VM $VM -AdminUsername $Username -Password $Password -Windows
$VM = Set-AzureVMDiagnosticsExtension -DiagnosticsConfigurationPath $Config_Path -VM $VM -StorageContext $Storage_Context
New-AzVM -Location $Location -ServiceName $Service_Name -VM $VM
To enable the diagnostics extension on an existing VM that was created through the classic deployment model, first use the Get-AzureVM cmdlet to get the VM configuration. Then update the VM configuration to include the diagnostics extension by using the Set-AzureVMDiagnosticsExtension cmdlet. Finally, apply the updated configuration to the VM by using Update-AzureVM.
$VM = Get-AzureVM -ServiceName $Service_Name -Name $VM_Name
$VM_Update = Set-AzureVMDiagnosticsExtension -DiagnosticsConfigurationPath $Config_Path -VM $VM -StorageContext $Storage_Context
Update-AzureVM -ServiceName $Service_Name -Name $VM_Name -VM $VM_Update.VM
Sample diagnostics configuration
The following XML can be used for the diagnostics public configuration with the above scripts. This sample configuration will transfer various performance counters to the diagnostics storage account, along with errors from the application, security, and system channels in the Windows event logs and any errors from the diagnostics infrastructure logs.
The configuration needs to be updated to include the following:
The resourceID attribute of the Metrics element needs to be updated with the resource ID for the VM.
The resource ID can be constructed by using the following pattern: "/subscriptions/{subscription ID for the subscription with the VM}/resourceGroups/{The resourcegroup name for the VM}/providers/Microsoft.Compute/virtualMachines/{The VM Name}".
For example, if the subscription ID for the subscription where the VM is running is 11111111-1111-1111-1111-111111111111, the resource group name for the resource group is MyResourceGroup, and the VM Name is MyWindowsVM, then the value for resourceID would be:
<Metrics resourceId="/subscriptions/11111111-1111-1111-1111-111111111111/resourceGroups/MyResourceGroup/providers/Microsoft.Compute/virtualMachines/MyWindowsVM" >For more information on how metrics are generated based on the performance counters and metrics configuration, see Azure Diagnostics metrics table in storage.
The StorageAccount element needs to be updated with the name of the diagnostics storage account.
<?xml version="1.0" encoding="utf-8"?> <PublicConfig xmlns="http://schemas.microsoft.com/ServiceHosting/2010/10/DiagnosticsConfiguration"> <WadCfg> <DiagnosticMonitorConfiguration overallQuotaInMB="4096"> <DiagnosticInfrastructureLogs scheduledTransferLogLevelFilter="Error"/> <PerformanceCounters scheduledTransferPeriod="PT1M"> <PerformanceCounterConfiguration counterSpecifier="\Processor(_Total)\% Processor Time" sampleRate="PT15S" unit="Percent"> <annotation displayName="CPU utilization" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\Processor(_Total)\% Privileged Time" sampleRate="PT15S" unit="Percent"> <annotation displayName="CPU privileged time" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\Processor(_Total)\% User Time" sampleRate="PT15S" unit="Percent"> <annotation displayName="CPU user time" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\Processor Information(_Total)\Processor Frequency" sampleRate="PT15S" unit="Count"> <annotation displayName="CPU frequency" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\System\Processes" sampleRate="PT15S" unit="Count"> <annotation displayName="Processes" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\Process(_Total)\Thread Count" sampleRate="PT15S" unit="Count"> <annotation displayName="Threads" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\Process(_Total)\Handle Count" sampleRate="PT15S" unit="Count"> <annotation displayName="Handles" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\Memory\% Committed Bytes In Use" sampleRate="PT15S" unit="Percent"> <annotation displayName="Memory usage" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\Memory\Available Bytes" sampleRate="PT15S" unit="Bytes"> <annotation displayName="Memory available" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\Memory\Committed Bytes" sampleRate="PT15S" unit="Bytes"> <annotation displayName="Memory committed" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\Memory\Commit Limit" sampleRate="PT15S" unit="Bytes"> <annotation displayName="Memory commit limit" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\Memory\Pool Paged Bytes" sampleRate="PT15S" unit="Bytes"> <annotation displayName="Memory paged pool" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\Memory\Pool Nonpaged Bytes" sampleRate="PT15S" unit="Bytes"> <annotation displayName="Memory non-paged pool" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\% Disk Time" sampleRate="PT15S" unit="Percent"> <annotation displayName="Disk active time" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\% Disk Read Time" sampleRate="PT15S" unit="Percent"> <annotation displayName="Disk active read time" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\% Disk Write Time" sampleRate="PT15S" unit="Percent"> <annotation displayName="Disk active write time" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\Disk Transfers/sec" sampleRate="PT15S" unit="CountPerSecond"> <annotation displayName="Disk operations" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\Disk Reads/sec" sampleRate="PT15S" unit="CountPerSecond"> <annotation displayName="Disk read operations" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\Disk Writes/sec" sampleRate="PT15S" unit="CountPerSecond"> <annotation displayName="Disk write operations" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\Disk Bytes/sec" sampleRate="PT15S" unit="BytesPerSecond"> <annotation displayName="Disk speed" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\Disk Read Bytes/sec" sampleRate="PT15S" unit="BytesPerSecond"> <annotation displayName="Disk read speed" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\Disk Write Bytes/sec" sampleRate="PT15S" unit="BytesPerSecond"> <annotation displayName="Disk write speed" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\Avg. Disk Queue Length" sampleRate="PT15S" unit="Count"> <annotation displayName="Disk average queue length" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\Avg. Disk Read Queue Length" sampleRate="PT15S" unit="Count"> <annotation displayName="Disk average read queue length" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\PhysicalDisk(_Total)\Avg. Disk Write Queue Length" sampleRate="PT15S" unit="Count"> <annotation displayName="Disk average write queue length" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\LogicalDisk(_Total)\% Free Space" sampleRate="PT15S" unit="Percent"> <annotation displayName="Disk free space (percentage)" locale="en-us"/> </PerformanceCounterConfiguration> <PerformanceCounterConfiguration counterSpecifier="\LogicalDisk(_Total)\Free Megabytes" sampleRate="PT15S" unit="Count"> <annotation displayName="Disk free space (MB)" locale="en-us"/> </PerformanceCounterConfiguration> </PerformanceCounters> <Metrics resourceId="(Update with resource ID for the VM)" > <MetricAggregation scheduledTransferPeriod="PT1H"/> <MetricAggregation scheduledTransferPeriod="PT1M"/> </Metrics> <WindowsEventLog scheduledTransferPeriod="PT1M"> <DataSource name="Application!*[System[(Level = 1 or Level = 2)]]"/> <DataSource name="Security!*[System[(Level = 1 or Level = 2)]"/> <DataSource name="System!*[System[(Level = 1 or Level = 2)]]"/> </WindowsEventLog> </DiagnosticMonitorConfiguration> </WadCfg> <StorageAccount>(Update with diagnostics storage account name)</StorageAccount> </PublicConfig>
Next steps
- For additional guidance on using the Azure Diagnostics capability and other techniques to troubleshoot problems, see Enabling Diagnostics in Azure Cloud Services and Virtual Machines.
- Diagnostics configurations schema explains the various XML configurations options for the diagnostics extension.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for