Azure Alert when vm is down or disk space is reaching for more then 80% of the Disk capacity with azure log analytics

Question

Azure Alert when vm is down or disk space is reaching for more then 80% of the Disk capacity with azure log analytics

Rajaniesh Kaushikk 201 MVP

Hi,

I have setup the azure log analytics and vms are reporting to the workspace now want to create two alerts separately

User should get an Azure Alert when VM is down. Not sure how can we achieve because I tried using the heartbeat query but it is not giving the result:

To test this query I stopped the vm and tested this query to see if it shows the vm which was stopped but it did not worked.

Azure Alert when disk space is reaching more then 80% of the Disk capacity. I am not sure how to write the KQL for this one?

Regards
Rajaniesh

1 answer

Your answer

Answer 1

vipullag-MSFT 26,492 Moderator

@Anonymous

For the Alerts on VM down, you can use Azure Monitor Service and get these alerts configured.
Please check this document for more information:
https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-metric

I just tried this and you have more signal names to choose in this way:

One more way of configuring alerts for VM is by configuring health alerts in Azure portal.
For the disk space alert, please check these documents which can help you create as per your requirement:

https://learn.microsoft.com/en-us/archive/blogs/ukhybridcloud/azure-log-analytics-disk-space-usage
https://learn.microsoft.com/en-us/archive/blogs/ukhybridcloud/azure-log-analytics-disk-space-usage-part-2

Below is an example for reference:

//This query below will show you the Machines with less than 10 Gb. With free diskspace.
// you can change the value, currently in 10 Gb.

InsightsMetrics
| where Name == "FreeSpacePercentage"
| summarize arg_max(TimeGenerated, *) by Tags
// arg_max over TimeGenerated returns the latest record
| project TimeGenerated, Computer, Val, Tags
| where Val < 10

Steps to create the Log Search Alert

Please go ahead into Log Analytics Workspace > Logs
Run the query above and adjust it to your need.
Click on run to test the result.
New alert rule

Hope this information helps.
Please 'Accept as answer' if the provided information is helpful, so that it can help others in the community looking for help on similar topics.

Rajaniesh Kaushikk 201 Reputation points MVP

2021-10-04T12:25:39.46+00:00

Hi Vipullag,

Thanks for the prompt reply. For VM alert I am looking for an alert when VM stops responding due to any issue so we can notify Production support team and they can have a look. The signal alert are used for activities performed on these VMs like shutdown or restart the VMs and they can not be used for the kind of alerts I am looking for.I think we should use heartbeat alert for such kind of thing or any other mechanism.

Regards
Rajaniesh
Rajaniesh Kaushikk 201 Reputation points MVP

2021-10-05T14:25:54.577+00:00

Microsoft Team,

Do you have any update?

Regards
Rajaniesh
vipullag-MSFT 26,492 Reputation points Moderator

2021-10-06T05:26:19.973+00:00

@Anonymous

Apologies for delayed response on this.

Based on your ask, you want VM health alerts (typically when a VM is not reachable). These can achieved by the Azure Service Health as I mentioned in my previous response.
Alert for VM stops responding (issue with underlying host).

Please check these documents for more info on this:

https://learn.microsoft.com/en-us/azure/service-health/resource-health-alert-monitor-guide
https://azure.microsoft.com/en-in/blog/get-notified-when-your-azure-resources-become-unavailable/

Share via

Azure Alert when vm is down or disk space is reaching for more then 80% of the Disk capacity with azure log analytics

1 answer

Your answer