Monitor AKS data reference

See Monitoring AKS for details on collecting and analyzing monitoring data for AKS.

Metrics

The following table lists the platform metrics collected for AKS. Follow each link for a detailed list of the metrics for each particular type.

Metric Type Resource Provider / Type Namespace
and link to individual metrics
Managed clusters Microsoft.ContainerService/managedClusters
Connected clusters microsoft.kubernetes/connectedClusters
Virtual machines Microsoft.Compute/virtualMachines
Virtual machine scale sets Microsoft.Compute/virtualMachineScaleSets
Virtual machine scale sets virtual machines Microsoft.Compute/virtualMachineScaleSets/virtualMachines

For more information, see a list of all platform metrics supported in Azure Monitor.

In addition to the above platform metrics, Azure Monitor Container insights collects these custom metrics for nodes, pods, containers, and persistent volumes.

Metric dimensions

The following table lists dimensions for AKS metrics.

Dimension Name Description
requestKind Used by metrics such as Inflight Requests to split by type of request.
condition Used by metrics such as Statuses for various node conditions, Number of pods in Ready state to split by condition type.
status Used by metrics such as Statuses for various node conditions to split by status of the condition.
status2 Used by metrics such as Statuses for various node conditions to split by status of the condition.
node Used by metrics such as CPU Usage Millicores to split by the name of the node.
phase Used by metrics such as Number of pods by phase to split by the phase of the pod.
namespace Used by metrics such as Number of pods by phase to split by the namespace of the pod.
pod Used by metrics such as Number of pods by phase to split by the name of the pod.
nodepool Used by metrics such as Disk Used Bytes to split by the name of the nodepool.
device Used by metrics such as Disk Used Bytes to split by the name of the device.

Resource logs

AKS implements control plane logs for the cluster as resource logs in Azure Monitor. See Resource logs for details on creating a diagnostic setting to collect these logs and Sample queries for query examples.

The following table lists the resource log categories you can collect for AKS. It also includes the table the logs for each category are sent to when you send the logs to a Log Analytics workspace using resource-specific mode. In Azure diagnostics mode, all logs are written to the AzureDiagnostics table.

Category Description Table
(resource-specific mode)
kube-apiserver Logs from the API server. AKSControlPlane
kube-audit Audit log data for every audit event including get, list, create, update, delete, patch, and post. AKSAudit
kube-audit-admin Subset of the kube-audit log category. Significantly reduces the number of logs by excluding the get and list audit events from the log. AKSAuditAdmin
kube-controller-manager Gain deeper visibility of issues that may arise between Kubernetes and the Azure control plane. A typical example is the AKS cluster having a lack of permissions to interact with Azure. AKSControlPlane
kube-scheduler Logs from the scheduler. AKSControlPlane
cluster-autoscaler Understand why the AKS cluster is scaling up or down, which may not be expected. This information is also useful to correlate time intervals where something interesting may have happened in the cluster. AKSControlPlane
cloud-controller-manager Logs from the cloud-node-manager component of the Kubernetes cloud controller manager. AKSControlPlane
guard Managed Microsoft Entra ID and Azure RBAC audits. For managed Microsoft Entra ID, this includes token in and user info out. For Azure RBAC, this includes access reviews in and out. AKSControlPlane
csi-azuredisk-controller Logs from the Azure Disk CSI storage driver. AKSControlPlane
csi-azurefile-controller Logs from the Azure Files CSI storage driver. AKSControlPlane
csi-snapshot-controller Logs from the Azure CSI driver snapshot controller. AKSControlPlane
AllMetrics Includes all platform metrics. Sends these values to Log Analytics workspace where it can be evaluated with other data using log queries. AzureMetrics

For reference, see a list of all resource logs category types supported in Azure Monitor.

Azure Monitor Logs tables

This section refers to all of the Azure Monitor Logs tables relevant to AKS and available for query by Log Analytics.

Resource Type Notes
Kubernetes services Follow this link for a list of all tables used by AKS and a description of their structure.

For a reference of all Azure Monitor Logs / Log Analytics tables, see the Azure Monitor Log Table Reference.

Activity log

The following table lists a few example operations related to AKS that may be created in the Activity log. Use the Activity log to track information such as when a cluster is created or had its configuration change. You can view this information in the portal or by using other methods. You can also use it to create an Activity log alert to be proactively notified when an event occurs.

Operation Description
Microsoft.ContainerService/managedClusters/write Create or update managed cluster
Microsoft.ContainerService/managedClusters/delete Delete Managed Cluster
Microsoft.ContainerService/managedClusters/listClusterMonitoringUserCredential/action List clusterMonitoringUser credential
Microsoft.ContainerService/managedClusters/listClusterAdminCredential/action List clusterAdmin credential
Microsoft.ContainerService/managedClusters/agentpools/write Create or Update Agent Pool

For a complete list of possible log entries, see Microsoft.ContainerService Resource Provider options.

For more information on the schema of Activity Log entries, see Activity Log schema.

See also