Share via

How to setup VMInsights using Terraform to provision AMA, DCR

Daniel Ademeso 0 Reputation points
2024-01-10T09:31:34.5933333+00:00

I provisioned DCR, Log Analytics, VM, AMA, and the rest with terraform.

But my issue is I enabled VMInsights but I'm not getting and data in my Log Analytics Workspace and the VM insights is showing no data, I checked the extension on the VM it's running, the DCR is properly associated with the VM, but I don't know why I'm not getting the logs in Azure Monitor.

Here is my Terraform code.

resource "azurerm_log_analytics_workspace" "log_ignition" {
  name                = "LOG-${local.resource_name_suffix}"
  location            = var.location
  resource_group_name = local.resource_group_name
  sku                 = "PerGB2018"
  retention_in_days   = var.log_retention_in_days
  tags                = local.common_tags
}

resource "azurerm_log_analytics_solution" "log_solution_ignition" {
  solution_name         = "SecurityCenterFree"
  location              = azurerm_resource_group.rg.location
  resource_group_name   = azurerm_resource_group.rg.name
  workspace_resource_id = azurerm_log_analytics_workspace.log_ignition.id
  workspace_name        = azurerm_log_analytics_workspace.log_ignition.name
  tags                  = local.common_tags
  plan {
    publisher = "Microsoft"
    product   = "OMSGallery/SecurityCenterFree"
  }
}

resource "azurerm_virtual_machine_extension" "vm_ignition_extension" {
  name                       = "AzureMonitorLinuxAgent"  
  virtual_machine_id         = azurerm_linux_virtual_machine.vm_ignition.id  
  publisher                  = "Microsoft.Azure.Monitor"  
  type                       = "AzureMonitorLinuxAgent"  
  type_handler_version       = "1.29"  
  auto_upgrade_minor_version = true  
  automatic_upgrade_enabled  = true  
  tags                       = local.common_tags
}

resource "azurerm_monitor_data_collection_rule" "dcr_ignition" {
  name                        = "DCR-${local.resource_name_suffix}"
  resource_group_name         = azurerm_resource_group.rg.name
  location                    = azurerm_resource_group.rg.location
  tags                        = local.common_tags
  description                 = "Data collection rule for VM Insights."
  destination{
	log_analytics {      
		workspace_resource_id = azurerm_log_analytics_workspace.log_ignition.id      
		name                  = "VMInsightsPerf-Logs-Dest"    
		}  
	}  
 data_flow {    
	streams      = ["Microsoft-InsightsMetrics"]    
	destinations = ["VMInsightsPerf-Logs-Dest"]  
 }  
 data_sources {    
	performance_counter {      
		streams                       = ["Microsoft-InsightsMetrics"]      
		sampling_frequency_in_seconds = 60      
		counter_specifiers            = ["\\VmInsights\\DetailedMetrics"]      
		name                          = "VMInsightsPerfCounters"    
	}  
 }  
 depends_on = [    azurerm_log_analytics_solution.log_solution_ignition  ]
}
Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,459 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,333 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Stanislav Zhelyazkov 25,936 Reputation points MVP
    2024-01-11T07:06:59.9566667+00:00

    Hi, I cannot answer specifically what you need to do in terraform as that is something you should ask on terraform related forums but you are missing but you are missing data collection rule association for the vm. This is an extension resource that is applied to the VM. You can check the official documentation for ARM for that resource

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.