Enable VM insights overview
This article provides an overview of how to enable VM insights to monitor the health and performance of:
- Azure virtual machines.
- Azure Virtual Machine Scale Sets.
- Hybrid virtual machines connected with Azure Arc.
- On-premises virtual machines.
- Virtual machines hosted in another cloud environment.
Installation options and supported machines
The following table shows the installation methods available for enabling VM insights on supported machines.
|Azure portal||Enable individual machines with the Azure portal.|
|Azure Policy||Create policy to automatically enable when a supported machine is created.|
|Azure Resource Manager templates||Enable multiple machines by using any of the supported methods to deploy a Resource Manager template, such as the Azure CLI and PowerShell.|
|PowerShell||Use a PowerShell script to enable multiple machines. Log Analytics agent only.|
|Manual install||Virtual machines or physical computers on-premises with other cloud environments. Log Analytics agent only.|
Supported Azure Arc machines
VM insights is available for Azure Arc-enabled servers in regions where the Arc extension service is available. You must be running version 0.9 or above of the Azure Arc agent.
Supported operating systems
VM insights supports any operating system that supports the Dependency agent and either the Azure Monitor agent (preview) or Log Analytics agent. For a complete list, see Azure Monitor agent overview.
If the Ethernet device for your virtual machine has more than nine characters, it won't be recognized by VM insights and data won't be sent to the InsightsMetrics table. The agent will collect data from other sources.
See the following list of considerations on Linux support of the Dependency agent that supports VM insights:
- Only default and SMP Linux kernel releases are supported.
- Nonstandard kernel releases, such as physical address extension (PAE) and Xen, aren't supported for any Linux distribution. For example, a system with the release string of 220.127.116.11-0.8-xen isn't supported.
- Custom kernels, including recompilations of standard kernels, aren't supported.
- For Debian distros other than version 9.4, the Map feature isn't supported. The Performance feature is available only from the Azure Monitor menu. It isn't available directly from the left pane of the Azure VM.
- CentOSPlus kernel is supported.
The Linux kernel must be patched for the Spectre and Meltdown vulnerabilities. For more information, consult with your Linux distribution vendor. Run the following command to check for availability if Spectre/Meltdown has been mitigated:
$ grep . /sys/devices/system/cpu/vulnerabilities/*
Output for this command will look similar to the following and specify whether a machine is vulnerable to either issue. If these files are missing, the machine is unpatched.
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable /sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal generic ASM retpoline
When you enable VM insights for a machine, the following agents are installed. For the network requirements for these agents, see Network requirements.
VM insights support for the Azure Monitor agent is currently in public preview. The Azure Monitor agent has several advantages over the Log Analytics agent. It's the preferred agent for virtual machines and virtual machine scale sets. For a comparison of the agent and information on migrating, see Migrate to Azure Monitor agent from Log Analytics agent.
- Azure Monitor agent or Log Analytics agent: Collects data from the virtual machine or Virtual Machine Scale Set and delivers it to the Log Analytics workspace.
- Dependency agent: Collects discovered data about processes running on the virtual machine and external process dependencies, which are used by the Map feature in VM insights. The Dependency agent relies on the Azure Monitor agent or Log Analytics agent to deliver its data to Azure Monitor.
For Azure Monitor Agent, the machine must have access to the following HTTPS endpoints:
<virtual-machine-region-name>.handler.control.monitor.azure.com (example: westus.handler.control.azure.com)
<log-analytics-workspace-id>.ods.opinsights.azure.com (example: 12345a01-b1cd-1234-e1f2-1234567g8h99.ods.opinsights.azure.com) (If using private links on the agent, you must also add the data collection endpoints)
The Dependency agent requires a connection from the virtual machine to the address 169.254.169.254. This address identifies the Azure metadata service endpoint. Ensure that firewall settings allow connections to this endpoint.
Data collection rule
When you enable VM insights on a machine with the Azure Monitor agent, you must specify a data collection rule (DCR) to use. The DCR specifies the data to collect and the workspace to use. VM insights creates a default DCR if one doesn't already exist. For more information on how to create and edit the VM insights DCR, see Enable VM insights for Azure Monitor Agent.
The DCR is defined by the options in the following table.
|Guest performance||Specifies whether to collect performance data from the guest operating system. This option is required for all machines.|
|Processes and dependencies||Collects information about processes running on the virtual machine and dependencies between machines. This information enables the Map feature in VM insights. This is optional and enables the VM insights Map feature for the machine.|
|Log Analytics workspace||Workspace to store the data. Only workspaces with VM insights are listed.|
Don't create your own DCR to support VM insights. The DCR created by VM insights includes a special data stream required for its operation. You can edit this DCR to collect more data, such as Windows and Syslog events, but you should create more DCRs and associate them with the machine.
If you associate a data collection rule with the Map feature enabled to a machine on which Dependency Agent isn't installed, the Map view won't be available. To enable the Map view, set
enableAMA property = true in the Dependency Agent extension when you install Dependency Agent. We recommend following the procedure described in Enable VM insights for Azure Monitor Agent.
Migrate from Log Analytics agent to Azure Monitor Agent
You can install both Azure Monitor Agent and Log Analytics agent on the same machine during migration. If a machine has both agents installed, you'll see a warning in the Azure portal that you might be collecting duplicate data.
Collecting duplicate data from a single machine with both Azure Monitor Agent and Log Analytics agent can result in:
- Extra ingestion costs from sending duplicate data to the Log Analytics workspace.
- Inaccuracy in the Map feature of VM insights because the feature doesn't check for duplicate data.
You must remove the Log Analytics agent yourself from any machines that are using it. Before you do this step, ensure that the machine isn't relying on any other solutions that require the Log Analytics agent. For more information, see Migrate to Azure Monitor Agent from Log Analytics agent.
After you verify that no Log Analytics agents are still connected to your Log Analytics workspace, you can remove the VM Insights solution from the workspace. It's no longer needed.
To check if you have any machines with both agents sending data to your Log Analytics workspace, run the following log query in Log Analytics. This query will show the last heartbeat for each computer. If a computer has both agents, it will return two records, each with a different
category. The Azure Monitor agent will have a
categoryof Azure Monitor Agent. The Log Analytics agent will have a
categoryof Direct Agent.
Heartbeat | summarize max(TimeGenerated) by Computer, Category | sort by Computer
Diagnostic and usage data
Microsoft automatically collects usage and performance data through your use of Azure Monitor. Microsoft uses this data to improve the quality, security, and integrity of the service.
To provide accurate and efficient troubleshooting capabilities, the Map feature includes data about the configuration of your software. The data provides information such as the operating system and version, IP address, DNS name, and workstation name. Microsoft doesn't collect names, addresses, or other contact information.
For more information about data collection and usage, see the Microsoft Online Services Privacy Statement.
For information about viewing or deleting personal data, see Azure Data Subject Requests for the GDPR. For more information about GDPR, see the GDPR section of the Microsoft Trust Center and the GDPR section of the Service Trust portal.