In this article I will demonstrate about how to analyze Microsoft Azure cloud resources with the help of Grafana monitoring tool. I hope that you already installed and configured Grafana service on a machine, if not please follow below tutorial to setup.
In the above tutorial we have used InfluxDB as data source but to configure Azure we need another data source called “Azure Monitor”. Please note that Azure monitoring is officially released on Grafana v6.0.0. The azure monitoring plugin is shipped with this package so we don’t want to install it manually.
Azure monitor plugin verification:
I have installed configured Grafana on my Azure cloud. Login to Grafana and make sure that the Azure Monitor plugin is available. Login to Grafana Home and click on “data source” ( Create your first data source) and search for azure. It display the plugin.
Select the data source and you will be redirected to the data source configuration page. Here we have to enter all the required details. Here you can see that there three different monitoring options
- Azure Monitor Details :- With the help of this configuration we can monitor all azure resources.
- Azure Log Analytics API Details:- This is to view all the log collected from Operating system, Network device, application etc. For more details about these read Microsoft azure documents
- Application Insights Details: This is an Application Performance management (APM) Service to monitor your live web application.
In this blog post we will configure all the above but create Grafana dashboard only for Azure Monitor.
From the above screenshot it is clear that we need Tenant ID, Client, secret etc to configure this data source.
Grafana use Active Directory service principle to connect azure monitoring API and collect data from Azure. First create a service principle, you can follow Microsoft documentation (below) or I will explain all the steps one by one.
Create service principle:
For this create an Active directory application.
- Login to Azure account
- Select Azure active directory
- Go to App Registration
- select New registration.
Given any name for your application and select single tenant. Add “http://localhost:3000” as Redirect url. Refer the below image.
Register the application. Once the registration completed, you can view the Tenant ID and Client ID in the dashboard. Copy these details and save it safely. We need this details to configure Grafana.
Add application role:
Next, we need to add a role for the newly created application then only it access resource in our subscription.
Go to All Service -> Select “Subscription”
Select your subscription which you want to add the rule. If your subscription is not listed select “Global subscription filter”
- Select Access Control (IAM)
- Select “Add a role assignment.
Add “Log Analytics Reader” role for the App. Refer below screenshot for more details. Click save to commit the changes.
In the “Role Assignment” tab you could able to view the application and assigned role.
yes, now the Service principle has created. Next application need credentials to authenticate with Azure Active Directory (AD). This can be achieved by two methods, Azure AD certificate and application secrets. I will explain the about Application secret.
Create new application secret:
Go back to the App registration and choose “Certificate & Secrets”. Click on “New client secret” to generate a secret key.
Keep the generated key in a safe place (we required it to configure Grafana) because we will not able to retrieve the key once we left the session.
Now, we have all the values which is required to setupAzure Monitor Details. Next we are configuring Azure Log Analytics API, for this we need same details as Azure Monitor and additionally “Default workspace”.
Create Log Analytics Workspace:
Go to All services -> Log Analytics Workspace and click “Add” button to create a new one.
Add all required details and click ok to generate the workspace.
Create Application Insights:
Go to all services and search for Application Insights. Click “Add” button and add requested details to create an Application insight.
For communication create an API key. Click API Access from left side panel.
Add required details and create the key. (Permission is Read telemetry”)
Note down the generated API key to a safe place as we need to add it in the Grafana. Please note that, once we lost this key we Cann’t recover it.
Now, we have all the values which required to configure Grafana. Add all details as below in the Grafana data source.
If you added all the details as above then you will get the above message without any error message.
Data source configuration is done, next we have to create Grafana dashboard with this data source. Please go next page to see the details.