Monitoring AKS data reference
See Monitoring AKS for details on collecting and analyzing monitoring data for AKS.
The following table lists the platform metrics collected for AKS. Follow each link for a detailed list of the metrics for each particular type.
|Metric Type||Resource Provider / Type Namespace
and link to individual metrics
|Virtual machine scale sets||Microsoft.Compute/virtualMachineScaleSets|
|Virtual machine scale sets virtual machines||Microsoft.Compute/virtualMachineScaleSets/virtualMachines|
For more information, see a list of all platform metrics supported in Azure Monitor.
In addition to the above platform metrics, Azure Monitor container insights collects these custom metrics for nodes, pods, containers, and persistent volumes.
The following table lists dimensions for AKS metrics.
|requestKind||Used by metrics such as Inflight Requests to split by type of request.|
|condition||Used by metrics such as Statuses for various node conditions, Number of pods in Ready state to split by condition type.|
|status||Used by metrics such as Statuses for various node conditions to split by status of the condition.|
|status2||Used by metrics such as Statuses for various node conditions to split by status of the condition.|
|node||Used by metrics such as CPU Usage Millicores to split by the name of the node.|
|phase||Used by metrics such as Number of pods by phase to split by the phase of the pod.|
|namespace||Used by metrics such as Number of pods by phase to split by the namespace of the pod.|
|pod||Used by metrics such as Number of pods by phase to split by the name of the pod.|
|nodepool||Used by metrics such as Disk Used Bytes to split by the name of the nodepool.|
|device||Used by metrics such as Disk Used Bytes to split by the name of the device.|
The following table lists the resource log categories you can collect for AKS. These are the logs for AKS control plane components. See Configure monitoring for information on creating a diagnostic setting to collect these logs and recommendations on which to enable. See How to query logs from Container insights for query examples.
For reference, see a list of all resource logs category types supported in Azure Monitor.
|kube-apiserver||Logs from the API server.|
|kube-audit||Audit log data for every audit event including get, list, create, update, delete, patch, and post.|
|kube-audit-admin||Subset of the kube-audit log category. Significantly reduces the number of logs by excluding the get and list audit events from the log.|
|kube-controller-manager||Gain deeper visibility of issues that may arise between Kubernetes and the Azure control plane. A typical example is the AKS cluster having a lack of permissions to interact with Azure.|
|kube-scheduler||Logs from the scheduler.|
|cluster-autoscaler||Understand why the AKS cluster is scaling up or down, which may not be expected. This information is also useful to correlate time intervals where something interesting may have happened in the cluster.|
|cloud-controller-manager||Logs from the cloud-node-manager component of the Kubernetes cloud controller manager.|
|guard||Managed Azure Active Directory and Azure RBAC audits. For managed Azure AD, this includes token in and user info out. For Azure RBAC, this includes access reviews in and out.|
|csi-azuredisk-controller||Logs from the Azure Disk CSI storage driver.|
|csi-azurefile-controller||Logs from the Azure Files CSI storage driver.|
|csi-snapshot-controller||Logs from the Azure CSI driver snapshot controller.|
|AllMetrics||Includes all platform metrics. Sends these values to Log Analytics workspace where it can be evaluated with other data using log queries.|
Azure Monitor Logs tables
This section refers to all of the Azure Monitor Logs tables relevant to AKS and available for query by Log Analytics.
|Kubernetes services||Follow this link for a list of all tables used by AKS and a description of their structure.|
For a reference of all Azure Monitor Logs / Log Analytics tables, see the Azure Monitor Log Table Reference.
The following table lists a few example operations related to AKS that may be created in the Activity log. Use the Activity log to track information such as when a cluster is created or had its configuration change. You can either view this information in the portal or create an Activity log alert to be proactively notified when an event occurs.
|Microsoft.ContainerService/managedClusters/write||Create or update managed cluster|
|Microsoft.ContainerService/managedClusters/delete||Delete Managed Cluster|
|Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action||List clusterMonitoringUser credential|
|Microsoft.ContainerService/managedClusters/listClusterAdminCredential/action||List clusterAdmin credential|
|Microsoft.ContainerService/managedClusters/agentpools/write||Create or Update Agent Pool|
For a complete list of possible log entries, see Microsoft.ContainerService Resource Provider options.
For more information on the schema of Activity Log entries, see Activity Log schema.