雲端監視指南:雲端部署模型的監視策略Cloud monitoring guide: Monitoring strategy for cloud deployment models

本文包含我們針對每個雲端部署模型建議的監視策略,根據下列準則:This article includes our recommended monitoring strategy for each of the cloud deployment models, based on the following criteria:

  • 您必須維持對 Operations Manager 或其他企業監視平臺的承諾,因為它已與您的 IT 營運流程、知識和專業知識整合,或某些功能尚未在 Azure 監視器中提供。You must maintain your commitment to Operations Manager or another enterprise monitoring platform, because it's integrated with your IT operations processes, knowledge, and expertise, or certain functionality isn't available yet in Azure Monitor.
  • 您必須監視內部部署和公用雲端中的工作負載,或只監視雲端中的工作負載。You must monitor workloads both on-premises and in the public cloud, or just in the cloud.
  • 您的雲端遷移策略包括現代化 IT 作業,並移至我們的雲端監視服務和解決方案。Your cloud migration strategy includes modernizing IT operations and moving to our cloud monitoring services and solutions.
  • 您可能有很重要的系統,這些系統是以空調或實體方式隔離,或是裝載在私用雲端或實體硬體上,而且這些系統都需要進行監視。You might have critical systems that are air-gapped or physically isolated, or are hosted in a private cloud or on physical hardware, and these systems need to be monitored.

我們的策略包括支援監視基礎結構 (計算、儲存體和伺服器工作負載) 、應用程式 (使用者、例外狀況和用戶端) ,以及網路資源。Our strategy includes support for monitoring infrastructure (compute, storage, and server workloads), application (end-user, exceptions, and client), and network resources. 它提供完整的服務導向監視觀點。It delivers a complete, service-oriented monitoring perspective.

Azure 雲端監視Azure cloud monitoring

Azure 監視器是 Azure 原生平臺服務,提供監視 Azure 資源的單一來源。Azure Monitor is the Azure native platform service that provides a single source for monitoring Azure resources. 它是專為下列雲端解決方案所設計:It's designed for cloud solutions that:

  • 是以 Azure 為基礎。Are built on Azure.
  • 支援以虛擬機器 (VM) 工作負載或使用微服務和其他平臺資源的複雜架構為基礎的商務功能。Support a business capability that's based on virtual machine (VM) workloads or complex architectures that use microservices and other platform resources.

它會從租使用者服務(例如 Azure Active Directory 網域服務)和訂用帳戶層級事件和 Azure 服務健康狀態,監視堆疊的所有層級。It monitors all layers of the stack, starting with tenant services, such as Azure Active Directory Domain Services, and subscription-level events and Azure Service Health.

它也會監視基礎結構資源,例如 Vm、儲存體和網路資源。It also monitors infrastructure resources, such as VMs, storage, and network resources. 在最上層,它會監視您的應用程式。At the top layer, it monitors your application.

藉由監視每個相依性,並收集每個相依性可發出的正確信號,您就可以可檢視性應用程式和所需的金鑰基礎結構。By monitoring each of these dependencies, and collecting the right signals that each can emit, you get the observability of applications and the key infrastructure you need.

下表摘要說明監視堆疊各層的建議方法:Our recommended approach to monitoring each layer of the stack is summarized in the following table:

Layer 資源Resource 影響範圍Scope 方法Method
應用程式Application 以 web 為基礎的應用程式,可在 Azure VM、Azure App Service、Azure Service Fabric、Azure 函式和 Azure 雲端服務上,以 .NET、.NET Core、JAVA、JavaScript 和 Node.js 平臺執行。A web-based application that runs on .NET, .NET Core, Java, JavaScript, and Node.js platform on an Azure VM, Azure App Service, Azure Service Fabric, Azure Functions, and Azure Cloud Services. 監視即時 web 應用程式以自動偵測效能異常、識別程式碼例外狀況和問題,以及收集使用者行為分析。Monitor a live web application to automatically detect performance anomalies, identify code exceptions and issues, and collect user behavior analytics. Application Insights (Azure 監視器) 的功能。Application Insights (a feature of Azure Monitor).
Azure 資源-平臺即服務 (PaaS) Azure resources - platform as a service (PaaS) Azure 資料庫服務 (例如 SQL 或 MySQL) 。Azure database services (for example, SQL or MySQL). Azure SQL Database 效能度量。Azure SQL Database performance metrics. 啟用診斷記錄,以將 SQL 資料串流至 Azure 監視器記錄。Enable diagnostics logging to stream SQL data to Azure Monitor Logs.
Azure 資源-基礎結構即服務 (IaaS) Azure resources - infrastructure as a service (IaaS) 1. Azure 儲存體1. Azure Storage
2. Azure 負載平衡服務2. Azure load balancing services
3. 網路安全性群組3. Network security groups
4. Azure 虛擬機器4. Azure Virtual Machines
5. azure Kubernetes Service / azure 容器實例5. Azure Kubernetes Service/Azure Container Instances
1. 容量、可用性和效能。1. Capacity, availability, and performance.
2. 效能和診斷記錄 (活動、存取、效能和防火牆) 。2. Performance and diagnostics logs (activity, access, performance, and firewall).
3. 套用規則時監視事件,以及將規則套用至拒絕或允許的次數規則計數器。3. Monitor events when rules are applied, and the rule counter for how many times a rule is applied to deny or allow.
4. 監視來賓 VM 作業系統 (OS) 中的容量、可用性和效能。4. Monitor capacity, availability, and performance in a guest VM operating system (OS). 對應每個 VM 上裝載的應用程式相依性,包括伺服器之間的作用中網路連線可見度、輸入和輸出連線延遲,以及任何 TCP 連接架構之間的埠。Map application dependencies hosted on each VM, including the visibility of active network connections between servers, inbound and outbound connection latency, and ports across any TCP-connected architecture.
5. 監視容器和容器實例上執行之工作負載的容量、可用性和效能。5. Monitor capacity, availability, and performance of workloads running on containers and container instances.
針對第一個資料行中的專案1到5,系統會自動收集平臺計量和活動記錄,並可在 Azure 監視器中使用以進行分析和警示。For items 1 through 5 in the first column, platform metrics and the activity log are automatically collected and available in Azure Monitor for analysis and alerting.
設定診斷設定,以將資源記錄轉送至 Azure 監視器記錄。Configure diagnostic settings to forward resource logs to Azure Monitor Logs.
4. 啟用 適用于 vm 的 Azure 監視器4. Enable Azure Monitor for VMs.
5. 啟用 適用于容器的 Azure 監視器5. Enable Azure Monitor for containers.
網路Network 虛擬機器與一或多個端點之間的通訊 (另一個 VM、完整功能變數名稱、統一資源識別項或 IPv4 位址) 。Communication between your virtual machine and one or more endpoints (another VM, a fully qualified domain name, a uniform resource identifier, or an IPv4 address). 監視 VM 與端點之間發生的連線能力、延遲和網路拓撲變更。Monitor reachability, latency, and network topology changes that occur between the VM and the endpoint. Azure 網路監看員。Azure Network Watcher.
Azure 訂用帳戶Azure subscription Azure 服務健康狀態和基本資源健康狀態,從 azure 服務的觀點來看。Azure Service Health and basic resource health from the perspective of the Azure service.
  • 對服務或資源執行的系統管理動作。Administrative actions performed on a service or resource.
  • Azure 服務的服務健康狀態為「已降級」或「無法使用」狀態。Service health of an Azure service is in a degraded or unavailable state.
  • 從 Azure 服務的觀點來看,Azure 資源偵測到健康情況問題。Health issues detected with an Azure resource from the Azure service perspective.
  • 使用 Azure 自動調整來執行的作業,指出失敗或例外狀況。Operations performed with Azure autoscale indicating a failure or exception.
  • 以 Azure 原則執行的作業,表示發生允許或拒絕的動作。Operations performed with Azure Policy indicating that an allowed or denied action occurred.
  • Azure 安全性中心產生的警示記錄。Record of alerts generated by Azure Security Center.
  • 在活動記錄中傳遞,以使用 Azure 監視器進行監視和警示。Delivered in the activity log for monitoring and alerting by using Azure Monitor.
    Azure 租用戶Azure tenant Azure Active DirectoryAzure Active Directory Azure AD audit 記錄和登入記錄。Azure AD audit logs and sign-in logs. 啟用 診斷記錄,並設定串流處理至 Azure 監視器記錄。Enable diagnostics logging, and configure streaming to Azure Monitor Logs.

    混合式雲端監視Hybrid cloud monitoring

    對於許多組織而言,轉換至雲端必須逐漸進行,其中混合式雲端模型是旅程圖中最常見的第一個步驟。For many organizations, transition to the cloud must be approached gradually, where the hybrid cloud model is the most common first step in the journey. 您可以謹慎地選取適當的應用程式和基礎結構子集來開始進行遷移,同時避免業務中斷。You carefully select the appropriate subset of applications and infrastructure to begin your migration, while you avoid disruption to your business. 不過,因為我們提供了兩個支援此雲端模型的監視平臺,所以 IT 決策者可能不確定哪一種平臺是支援其業務和 IT 營運目標的最佳選擇。However, because we offer two monitoring platforms that support this cloud model, IT decision makers might be uncertain as to which platform is the best choice to support their business and IT operational goals.

    在本節中,我們會藉由檢查數個因素並提供瞭解所要考慮的平臺,來解決不確定性。In this section, we address the uncertainty by reviewing several factors and offering an understanding of which platform to consider.

    請記住下列主要技術層面:Keep in mind the following key technical aspects:

    • 您必須從支援工作負載的 Azure 資源收集資料,並將其轉送至您現有的內部部署或受控服務提供者工具。You need to collect data from Azure resources that support the workload, and forward them to your existing on-premises or managed service provider tools.

    • 您必須在 System Center Operations Manager 中維護目前的投資,並將其設定為監視在 Azure 中執行的 IaaS 和 PaaS 資源。You need to maintain your current investment in System Center Operations Manager, and configure it to monitor IaaS and PaaS resources that are running in Azure. (選擇性)因為您要根據需求監視具有不同特性的兩個環境,所以您需要判斷與 Azure 監視器的整合如何支援您的策略。Optionally, because you're monitoring two environments with different characteristics, based on your requirements, you need to determine how integrating with Azure Monitor supports your strategy.

    • 作為現代化策略的一部分,以標準化單一工具來降低成本和複雜性,您需要認可至 Azure 監視器,以監視 Azure 和您公司網路上的資源。As part of your modernization strategy to standardize on a single tool to reduce cost and complexity, you need to commit to Azure Monitor for monitoring the resources in Azure and on your corporate network.

    下表摘要說明 Azure 監視器和 System Center Operations Manager 支援的需求,並根據一組常見的準則來監視混合式雲端模型。The following table summarizes the requirements that Azure Monitor and System Center Operations Manager support with monitoring the hybrid cloud model based on a common set of criteria.

    需求Requirement Azure 監視器Azure Monitor Operations ManagerOperations Manager
    基礎結構需求Infrastructure requirements No Yes

    至少需要一台管理伺服器和 SQL Server 實例來裝載運算元據庫和報表資料倉儲資料庫。Requires, at a minimum, a management server and a SQL Server instance to host the operational database and the reporting data warehouse database. 當需要高可用性和嚴重損壞修復,而且有多個網站中的機器、不受信任的系統和其他複雜的設計考慮時,複雜性就會增加。The complexity increases when high availability and disaster recovery are required, and there are machines in multiple sites, untrusted systems, and other complex design considerations.
    有限的連線能力-沒有網際網路或隔離的網路Limited connectivity - no internet or isolated network No Yes
    有限的連線能力控制網際網路存取Limited connectivity - controlled internet access Yes Yes
    有限的連接-經常中斷連線Limited connectivity - frequently disconnected Yes Yes
    可設定的健全狀況監視Configurable health monitoring No Yes
    Web 應用程式可用性測試 (隔離網路) Web app availability test (isolated network) 是,有限Yes, limited

    Azure 監視器在此區域的支援有限,且需要自訂防火牆例外。Azure Monitor has limited support in this area and requires custom firewall exceptions.
    Yes
    Web 應用程式可用性測試 (全域散發) Web app availability test (globally distributed) No Yes
    監視 VM 工作負載Monitor VM workloads 是,有限Yes, limited

    可以收集 IIS 和 SQL Server 錯誤記錄檔、Windows 事件和效能計數器。Can collect IIS and SQL Server error logs, Windows events, and performance counters. 需要建立自訂查詢、警示和視覺效果。Requires creating custom queries, alerts, and visualizations.
    Yes

    支援使用可用的管理元件監視大部分的伺服器工作負載。Supports monitoring most of the server workloads with available management packs. 需要 VM 上的 Log Analytics Windows 代理程式或 Operations Manager 代理程式,回報給公司網路上的管理群組。Requires either the Log Analytics Windows agent or Operations Manager agent on the VM, reporting back to the management group on the corporate network.
    監視 Azure IaaSMonitor Azure IaaS Yes Yes

    支援從公司網路監視大部分的基礎結構。Supports monitoring most of the infrastructure from the corporate network. 透過 Azure 管理元件追蹤 Azure Vm、SQL 和儲存體的可用性狀態、計量和警示。Tracks availability state, metrics, and alerts for Azure VMs, SQL, and storage via the Azure management pack.
    監視 Azure PaaSMonitor Azure PaaS Yes 是,有限Yes, limited

    根據 Azure 管理元件所支援的功能。Based on what's supported in the Azure management pack.
    Azure 服務監視Azure service monitoring Yes Yes

    雖然目前沒有透過管理元件提供的 Azure 服務健康狀態原生監視,您也可以建立自訂工作流程來查詢服務健康狀態警示。Although there's no native monitoring of Azure Service Health provided today through a management pack, you can create custom workflows to query Service Health alerts. 使用 Azure REST API 透過您現有的通知取得警示。Use the Azure REST API to get alerts through your existing notifications.
    新式 web 應用程式監視Modern web application monitoring Yes No
    舊版 web 應用程式監視Legacy web application monitoring 是、受限、因 SDK 而異Yes, limited, varies by SDK

    支援監視較舊版本的 .NET 和 JAVA web 應用程式。Supports monitoring older versions of .NET and Java web applications.
    是,有限Yes, limited
    監視 Azure Kubernetes 服務容器Monitor Azure Kubernetes Service containers Yes No
    監視 Docker 或 Windows 容器Monitor Docker or Windows containers Yes No
    網路效能監視Network performance monitoring Yes 是,有限Yes, limited

    支援可用性檢查,並使用來自公司網路的簡易網路管理通訊協定 (SNMP) ,收集網路裝置的基本統計資料。Supports availability checks, and collects basic statistics from network devices by using the Simple Network Management Protocol (SNMP) from the corporate network.
    互動式資料分析Interactive data analysis Yes No

    依賴 SQL Server Reporting Services 的現成或自訂報表、協力廠商的視覺效果解決方案,或自訂的 Power BI 執行。Relies on SQL Server Reporting Services canned or custom reports, third-party visualization solutions, or a custom Power BI implementation. Operations Manager 資料倉儲有調整規模和效能限制。There are scale and performance limitations with the Operations Manager data warehouse. 與 Azure 監視器記錄整合,以作為資料匯總需求的替代方案。Integrate with Azure Monitor Logs as an alternative for data aggregation requirements. 您可以設定 Log Analytics 連接器以達成整合。You achieve integration by configuring the Log Analytics connector.
    端對端診斷、根本原因分析和及時疑難排解End-to-end diagnostics, root-cause analysis, and timely troubleshooting Yes 是,有限Yes, limited

    僅支援內部部署基礎結構和應用程式的端對端診斷和疑難排解。Supports end-to-end diagnostics and troubleshooting only for on-premises infrastructure and applications. 使用其他 System Center 元件或合作夥伴解決方案。Uses other System Center components or partner solutions.
    (儀表板的互動式視覺效果) Interactive visualizations (dashboards) Yes 是,有限Yes, limited

    透過其 HTML5 web 主控台或來自合作夥伴解決方案的先進體驗(例如,平方向上和 Savision),提供重要的儀表板。Delivers essential dashboards with its HTML5 web console or an advanced experience from partner solutions, such as Squared Up and Savision.
    與 IT 或 DevOps 工具整合Integration with IT or DevOps tools Yes 是,有限Yes, limited

    收集監視資料並將其串流至協力廠商或內部部署工具Collect and stream monitoring data to third-party or on-premises tools

    若要從 Azure 基礎結構和平臺資源收集計量和記錄,您必須為這些資源啟用 Azure 診斷記錄。To collect metrics and logs from Azure infrastructure and platform resources, you need to enable Azure Diagnostics logs for those resources. 此外,使用 Azure Vm,您可以藉由啟用 Azure 診斷擴充功能,從虛擬作業系統收集計量和記錄。Additionally, with Azure VMs, you can collect metrics and logs from the guest OS by enabling the Azure Diagnostics extension. 若要將從 Azure 資源發出的診斷資料轉送至內部部署工具或受控服務提供者,請設定 事件中樞 將資料串流至這些資料。To forward the diagnostics data that's emitted from your Azure resources to your on-premises tools or managed service provider, configure Event Hubs to stream the data to them.

    使用 System Center Operations Manager 進行監視Monitor with System Center Operations Manager

    雖然 System Center Operations Manager 原本是設計成內部部署解決方案,以便在您的 IT 環境中執行的應用程式、工作負載和基礎結構元件之間進行監視,但它演進為包含雲端監視功能。Although System Center Operations Manager was originally designed as an on-premises solution to monitor across applications, workloads, and infrastructure components that are running in your IT environment, it evolved to include cloud-monitoring capabilities. 它會與 Azure、Microsoft 365 和 Amazon Web Services (AWS) 整合。It integrates with Azure, Microsoft 365, and Amazon Web Services (AWS). 它可以透過設計和更新的管理元件來監視這些不同的環境,以支援這些環境。It can monitor across these diverse environments with management packs that are designed and updated to support them.

    如果客戶已在 Operations Manager 中進行大量投資,以達成與 IT 服務管理程式和工具緊密整合的全面監視,或針對 Azure 的新客戶,則可瞭解如何提出下列問題:For customers who have made significant investments in Operations Manager to achieve comprehensive monitoring that's tightly integrated with their IT service management processes and tools, or for customers new to Azure, it's understandable to ask the following questions:

    • Operations Manager 是否能繼續提供價值,並讓它成為商業意義?Can Operations Manager continue to deliver value, and does it make business sense?
    • Operations Manager 中的功能使它適合我們的 IT 組織嗎?Do the features in Operations Manager make it the right fit for our IT organization?
    • 整合 Operations Manager 與 Azure 監視器可提供符合成本效益且全面的監視解決方案嗎?Does integrating Operations Manager with Azure Monitor provide the cost-effective and comprehensive monitoring solution that we require?

    如果您已投資 Operations Manager,則不需要將焦點放在規劃遷移來立即取代。If you've already invested in Operations Manager, you don't need to focus on planning a migration to replace it immediately. 使用 Azure 或其他雲端提供者(以您自己的內部部署網路延伸的形式存在),Operations Manager 可以監視來賓 Vm 和 Azure 資源,就像是在您的公司網路上一樣。With Azure or other cloud providers that exist as an extension of your own on-premises network, Operations Manager can monitor the guest VMs and Azure resources as if they were on your corporate network. 這種方法需要您的網路與 Azure 中具有足夠頻寬的虛擬網路之間有可靠的網路連線。This approach requires a reliable network connection between your network and the virtual network in Azure that has sufficient bandwidth.

    若要監視在 Azure 中執行的工作負載,您需要:To monitor the workloads that are running in Azure, you need:

    • 適用于 Azure 的 System Center Operations Manager 管理元件The System Center Operations Manager management pack for Azure. 它會收集 Azure 服務所發出的效能計量,例如 web 和背景工作角色、Application Insights 可用性測試 (web 測試) 、Azure 服務匯流排等等。It collects performance metrics emitted by Azure services such as web and worker roles, Application Insights availability tests (web tests), Azure Service Bus, and so on. 管理元件會使用 Azure REST API 來監視這些資源的可用性和效能。The management pack uses the Azure REST API to monitor the availability and performance of these resources. 某些 Azure 服務類型在管理元件中沒有計量或預先定義的監視器,但您仍然可以透過 Azure 管理元件中針對已探索服務所定義的關聯性來監視它們。Some Azure service types have no metrics or predefined monitors in the management pack, but you can still monitor them through the relationships defined in the Azure management pack for discovered services.

    • 適用于 AZURE Sql database 的管理元件,可使用 AZURE REST API 和 t-SQL 查詢來監視 Azure sql Database 和 Azure sql database 實例的可用性和效能,以及 sql Server 系統檢視。The management pack for Azure SQL Database to monitor the availability and performance of Azure SQL databases and Azure SQL Database instances using the Azure REST API and T-SQL queries to SQL Server system views.

    • 若要監視 VM 上執行的虛擬作業系統和工作負載,例如 SQL Server、IIS 或 Apache Tomcat,您需要下載並匯入支援應用程式、服務和作業系統的管理元件。To monitor the guest OS and workloads that are running on the VM, such as SQL Server, IIS, or Apache Tomcat, you need to download and import the management pack that supports the application, service, and OS.

    知識定義于管理元件中,其描述如何監視個別的相依性和元件。Knowledge is defined in the management pack, which describes how to monitor the individual dependencies and components. 這兩個 Azure 管理套件都需要在 Azure 和 Operations Manager 中執行一組設定步驟,才能開始監視這些資源。Both Azure management packs require performing a set of configuration steps in Azure and Operations Manager before you can begin monitoring these resources.

    在應用層中,Operations Manager 為某些舊版的 .NET 和 JAVA 提供基本的應用程式效能監視功能。At the application tier, Operations Manager offers basic application performance monitoring capabilities for some legacy versions of .NET and Java. 如果您的混合式雲端環境中的特定應用程式以離線或網路隔離模式運作,使其無法與公用雲端服務通訊,則 Operations Manager 應用程式效能監視 (APM) 可能是特定有限案例的可行選項。If certain applications within your hybrid cloud environment operate in an offline or network-isolated mode, such that they can't communicate with a public cloud service, Operations Manager application performance monitoring (APM) might be a viable option for certain limited scenarios. 如果應用程式不是在舊版平臺上執行,而是裝載在內部部署和任何公用雲端中,以允許透過防火牆進行通訊 (直接或透過 proxy) 到 Azure,請使用 Azure 監視器 Application Insights。For applications that are not running on legacy platforms but are hosted both on-premises and in any public cloud that allows communication through a firewall (either direct or via a proxy) to Azure, use Azure Monitor Application Insights. 這種服務提供深度的程式碼層級監視,並提供 ASP.NET、ASP.NET Core、JAVA、JavaScript 和 Node.js 的頂級支援。This service offers deep, code-level monitoring, with first-class support for ASP.NET, ASP.NET Core, Java, JavaScript, and Node.js.

    針對可從外部連線的任何 web 應用程式,您應該啟用一種稱為 可用性監視的綜合交易類型。For any web application that can be reached externally, you should enable a type of synthetic transaction known as availability monitoring. 請務必瞭解您的應用程式或應用程式所依賴的重要 HTTP/HTTPS 端點是否可用且有回應。It's important to know whether your application or a critical HTTP/HTTPS endpoint that your application relies on, is available and responsive. 透過 Application Insights 可用性監視,您可以從多個 Azure 資料中心執行測試,並從全球觀點深入瞭解應用程式的健康情況。With Application Insights availability monitoring, you can run tests from multiple Azure datacenters and provide insight into the health of your application from a global perspective.

    雖然 Operations Manager 可監視 Azure 中裝載的資源,但有數個優點可包含 Azure 監視器,因為它的優點是克服 Operations Manager 中的限制,而且可以建立強大的基礎,以支援從它的最終遷移。Although Operations Manager is capable of monitoring resources that are hosted in Azure, there are several advantages to including Azure Monitor, because its strengths overcome the limitations in Operations Manager and can establish a strong foundation to support eventual migration from it. 在這裡,我們將探討每個優點和缺點,並建議您在混合式監視策略中包含 Azure 監視器。Here we review each of those strengths and weaknesses, with our recommendation to include Azure Monitor in your hybrid monitoring strategy.

    使用 Operations Manager 本身的缺點Disadvantages of using Operations Manager by itself

    • 在 Operations Manager 中分析監視資料的方式,通常是使用從主控台存取之管理元件所提供的預先定義的視圖、從 SQL Server Reporting Services (SSRS) 報表,或從使用者已建立的自訂視圖中進行。Analyzing monitoring data in Operations Manager is commonly performed by using predefined views that are provided by management packs accessed from the console, from SQL Server Reporting Services (SSRS) reports, or from custom views that end users have created. 臨機運算元據分析並非現成可用。Ad hoc data analysis isn't possible out of the box. Operations Manager 報告沒有彈性。Operations Manager reporting is inflexible. 提供監視資料長期保留的資料倉儲無法調整或執行效能不佳。The data warehouse that provides long-term retention of the monitoring data doesn't scale or perform well. 若要支援 IT 組織中各種不同角色的需求,需要撰寫 T-sql 語句、開發 Power BI 解決方案或使用協力廠商解決方案的專業知識。And expertise in writing T-SQL statements, developing a Power BI solution, or using third-party solutions is required to support the requirements for the various personas in the IT organization.

    • Operations Manager 中的警示不支援複雜的運算式或包含相互關聯邏輯。Alerting in Operations Manager doesn't support complex expressions or include correlation logic. 為了協助減少雜訊,會將警示分組以顯示它們之間的關聯性,並識別其原因。To help reduce noise, alerts are grouped to show the relationships between them and to identify their causes.

    搭配使用 Operations Manager 與 Azure 監視器的優點Advantages of using Operations Manager with Azure Monitor

    • Azure 監視器是解決 Operations Manager 限制的方法。Azure Monitor is the way to work around the limitations of Operations Manager. 它會收集重要的效能和記錄資料,以補充 Operations Manager 資料倉儲資料庫。It complements the Operations Manager data warehouse database by collecting important performance and log data. 當查詢大型資料磁片區) 時,Azure 監視器會提供更佳的分析、效能 (,以及高於 Operations Manager 資料倉儲的保留。Azure Monitor delivers better analytics, performance (when querying large data volume), and retention than the Operations Manager data warehouse.

      使用 Azure 監視器記錄查詢語言,您可以建立更複雜且更複雜的查詢。With the Azure Monitor Logs query language, you can create much more complex and sophisticated queries. 您可以在數秒內跨數 tb 的資料執行查詢。You can run queries across terabytes of data in seconds. 您可以快速地將資料轉換成圓形圖、時間圖表以及許多其他視覺效果。You can quickly transform your data into pie charts, time charts, and many other visualizations. 若要分析此資料,您不再受限於使用以 SQL Server Reporting Services、自訂 SQL 查詢或其他因應措施為基礎的 Operations Manager 報表。To analyze this data, you're no longer constrained by working with Operations Manager reports that are based on SQL Server Reporting Services, custom SQL queries, or other workarounds.

    • 您可以藉由執行 Azure 監視器警示管理解決方案來提供改良的警示體驗。You can deliver an improved alerting experience by implementing the Azure Monitor Alert Management solution. Operations Manager 管理群組中產生的警示可轉送至 Azure 監視器 Log Analytics 工作區。Alerts that are generated in the Operations Manager management group can be forwarded to the Azure Monitor Log Analytics workspace. 您可以設定負責將警示從 Operations Manager 轉送至 Azure 監視器記錄的訂用帳戶,以轉寄特定警示。You can configure the subscription that's responsible for forwarding alerts from Operations Manager to Azure Monitor Logs to forward only certain alerts. 例如,您可以只轉寄符合您的準則的警示,以支援問題管理的趨勢,以及透過單一窗格來調查失敗或問題的根本原因。For example, you can forward only alerts that meet your criteria for querying in support of problem management for trends, and investigation of the root cause of failures or problems, through a single pane of glass. 此外,您可以將其他記錄資料與 Application Insights 或其他來源相互關聯,以深入瞭解可協助改善使用者體驗、增加執行時間,以及縮短解決事件的時間。Additionally, you can correlate other log data from Application Insights or other sources, to gain insight that help improve user experience, increase uptime, and reduce time to resolve incidents.

    • 您可以使用 Azure 監視器從 Azure 中的簡單或多層式架構監視雲端原生基礎結構和應用程式,也可以使用 Operations Manager 來監視內部部署基礎結構。You can monitor cloud-native infrastructure and applications, from a simple or multitier architecture in Azure using Azure Monitor, and you can use Operations Manager to monitor on-premises infrastructure. 此監視包括一或多個 Vm、放置於可用性設定組或虛擬機器擴展集中的多個 Vm,或部署至 Azure Kubernetes Service 的容器化應用程式, (在 Windows Server 或 Linux 容器上執行的 AKS) 。This monitoring includes one or more VMs, multiple VMs placed in an availability set or virtual machine scale set, or a containerized application deployed to Azure Kubernetes Service (AKS) that's running on Windows Server or Linux containers.

      如果您需要針對在 Azure Vm 上執行的 Microsoft 或協力廠商工作負載進行全面的監視,而且您有無法以單獨記錄或效能資料為基礎來評估的 advanced 案例,請使用 System Center Operations Manager。If you need comprehensive monitoring of Microsoft or third-party workloads running on your Azure VMs, and you have advanced scenarios that cannot be evaluated based on log or performance data alone, use System Center Operations Manager. 其管理元件可提供先進的邏輯,包括服務和健康狀態模型,以判斷工作負載的操作健全狀況。Its management packs delivers advanced logic, which includes a service and health model, to determine the operational health of the workload.

    • 藉由使用適用于 Vm 的 Azure 監視器對應功能,您可以從 Azure Vm 和內部部署 Vm 之間的網路連線監視標準連線計量。By using the Map feature of Azure Monitor for VMs, you can monitor standard connectivity metrics from network connections between your Azure VMs and on-premises VMs. 這些計量包括回應時間、每分鐘的要求數、流量輸送量和連結。These metrics include response time, requests per minute, traffic throughput, and links. 您可以識別失敗的連接、進行疑難排解、執行遷移驗證、執行安全性分析,以及驗證服務的整體架構。You can identify failed connections, troubleshoot, perform migration validation, perform security analysis, and verify the overall architecture of the service. Map 可以自動探索 Windows 和 Linux 系統上的應用程式元件,並對應服務之間的通訊。Map can automatically discover application components on Windows and Linux systems, and map the communication between services. 這項自動化可協助您找出您不知道的連線和相依性、規劃並驗證 Azure 的遷移,並將事件解決期間的推測降至最低。This automation helps you identify connections and dependencies you were unaware of, plan and validate migration to Azure, and minimize speculation during incident resolution.

    • 使用網路效能監控,您可以監視下列各項之間的網路連線能力:By using Network Performance Monitor, you can monitor the network connectivity between:

      • 您的公司網路和 Azure。Your corporate network and Azure.

      • 任務關鍵性多層式應用程式和微服務。Mission-critical multitier applications and microservices.

      • (HTTP/HTTPS) 的使用者位置和 web 架構應用程式。User locations and web-based applications (HTTP/HTTPS).

        此策略會提供網路層的可見度,而不需要 SNMP。This strategy delivers visibility of the network layer, without the need for SNMP. 它也可以出現在互動式拓撲圖中,也就是來源和目的地端點之間路由的逐一躍點拓撲。It can also present, in an interactive topology map, the hop-by-hop topology of routes between the source and destination endpoint. 比起嘗試使用 Operations Manager 中的網路監視,或您的環境中目前使用的其他網路監視工具來完成相同的結果,這是較好的選擇。It's a better choice than attempting to accomplish the same result with network monitoring in Operations Manager or with other network monitoring tools currently used in your environment.

    使用 Azure 監視器進行監視Monitor with Azure Monitor

    雖然遷移至雲端帶來了許多挑戰,但它也提供了機會。Although a migration to the cloud presents numerous challenges, it also provides opportunities. 它可讓您的組織從一或多個內部部署企業監視工具遷移,不僅可能降低資本支出和營運成本,還能從雲端監視平臺(例如 Azure 監視器)可在雲端規模提供的優點中獲益。It enables your organization to migrate from one or more on-premises enterprise monitoring tools to not only potentially reduce capital expenditures and operating costs, but also to benefit from the advantages that a cloud monitoring platform such as Azure Monitor can deliver at cloud scale. 檢查您的監視和警示需求、現有監視工具的設定,以及轉換至雲端的工作負載。Examine your monitoring and alerting requirements, configuration of existing monitoring tools, and workloads transitioning to the cloud. 當您的方案完成之後,請設定 Azure 監視器。After your plan is finalized, configure Azure Monitor.

    • 從 Azure、其他雲端提供者和您的公司網路之間託管元件的簡單或多層式架構,監視混合式基礎結構和應用程式。Monitor the hybrid infrastructure and applications, from a simple or multitier architecture where components are hosted between Azure, other cloud providers, and your corporate network. 這些元件可能包括一或多個 Vm、放置在可用性設定組或虛擬機器擴展集中的多個 Vm,或部署至 Azure Kubernetes Service 的容器化應用程式, (AKS 在 Windows Server 或 Linux 容器上執行的) 。The components might include one or more VMs, multiple VMs placed in an availability set or virtual machine scale set, or a containerized application that's deployed to Azure Kubernetes Service (AKS) running on Windows Server or Linux containers.

    • 使用 Azure Arc 來準備您的環境中的伺服器、虛擬機器、Kubernetes 叢集和資料庫以進行管理,就像是在 Azure 中執行一樣。Use Azure Arc to prepare your servers, virtual machines, Kubernetes clusters, and databases across your environment for management as if they are running in Azure. Azure Arc 提供一致的清查、管理、治理和安全性,並提供熟悉的 Azure 服務和管理功能。Azure Arc delivers consistent inventory, management, governance, and security with familiar Azure services and management capabilities.

    • 啟用適用于 Vm 的 Azure 監視器、適用于容器的 Azure 監視器和 Application Insights,以偵測及診斷基礎結構和應用程式之間的問題。Enable Azure Monitor for VMs, Azure Monitor for containers, and Application Insights to detect and diagnose issues between infrastructure and applications. 若要對從多個元件或支援應用程式之相依性收集的資料進行更徹底的分析和相互關聯,您必須使用 Azure 監視器記錄。For a more thorough analysis and correlation of data collected from the multiple components or dependencies supporting the application, you need to use Azure Monitor Logs.

    • 建立適用于一組核心應用程式和服務元件的智慧型警示、使用複雜信號的動態閾值來協助減少警示雜訊,以及使用以機器學習演算法為基礎的警示匯總,協助您快速找出問題。Create intelligent alerts that apply to a core set of applications and service components, help reduce alert noise with dynamic thresholds for complex signals, and use alert aggregation based on machine learning algorithms to help identify the issue quickly.

    • 定義查詢和儀表板的程式庫,以支援 IT 組織中各種不同角色的需求。Define a library of queries and dashboards to support the requirements of the various personas in the IT organization.

    • 定義在混合式和雲端資源之間啟用監視的標準和方法、每個資源的監視基準、警示閾值等等。Define standards and methods for enabling monitoring across the hybrid and cloud resources, a monitoring baseline for each resource, alert thresholds, and so on.

    • (Azure RBAC) 設定 Azure 角色型存取控制,因此您只授與使用者和群組監視所管理資源的資料所需的存取權。Configure Azure role-based access control (Azure RBAC) so you grant users and groups only the access required to monitor data from the resources they manage.

    • 包含自動化和自助服務,讓每個小組都能視需要建立、啟用和調整其監視和警示設定。Include automation and self-service to enable each team to create, enable, and tune their monitoring and alerting configurations as needed.

    私用雲端監視Private cloud monitoring

    您可以透過 System Center Operations Manager 達成 Azure Stack 的整體監視。You can achieve holistic monitoring of Azure Stack with System Center Operations Manager. 具體而言,您可以監視在租使用者中執行的工作負載、資源層級、虛擬機器上執行的工作負載,以及裝載 Azure Stack (實體伺服器和網路交換器) 的基礎結構。Specifically, you can monitor the workloads that are running in the tenant, the resource level, on the virtual machines, and the infrastructure hosting Azure Stack (physical servers and network switches).

    您也可以使用 Azure Stack 中包含的 基礎結構監視功能 組合來進行全面監視。You can also achieve holistic monitoring with a combination of infrastructure monitoring capabilities that are included in Azure Stack. 這些功能可協助您查看 Azure stack 區域的健康情況和警示,以及 azure Stack 中的 Azure 監視器服務 ,以提供適用于大部分服務的基本層級基礎結構計量和記錄。These capabilities help you view health and alerts for an Azure Stack region and the Azure Monitor service in Azure Stack, which provides base-level infrastructure metrics and logs for most services.

    如果您已投資 Operations Manager,請使用 Azure Stack 管理元件來監視 Azure Stack 部署的可用性和健康情況狀態,包括區域、資源提供者、更新、更新執行、縮放單位、單位節點、基礎結構角色,以及其 (邏輯實體(由硬體資源) 組成)。If you've already invested in Operations Manager, use the Azure Stack management pack to monitor the availability and health state of Azure Stack deployments, including regions, resource providers, updates, update runs, scale units, unit nodes, infrastructure roles, and their instances (logical entities comprised of the hardware resources). 此管理元件會使用健康情況和更新資源提供者 REST Api 與 Azure Stack 進行通訊。This management pack uses the health and update resource provider REST APIs to communicate with Azure Stack. 若要監視實體伺服器和存放裝置,請使用 OEM 廠商的管理元件 (例如,由聯想、HPE 或 Dell) 提供。To monitor physical servers and storage devices, use the OEM vendors' management pack (for example, provided by Lenovo, HPE, or Dell). Operations Manager 可透過使用 SNMP,以原生方式監視網路交換器以收集基本統計資料。Operations Manager can natively monitor the network switches to collect basic statistics by using SNMP. 您可以透過下列兩個基本步驟,使用 Azure 管理元件來監視租使用者工作負載。Monitoring the tenant workloads is possible with the Azure management pack by following two basic steps. 設定您想要監視的訂用帳戶,然後新增該訂用帳戶的監視器。Configure the subscription that you want to monitor, and then add the monitors for that subscription.

    下一步Next steps