Monitoring best practices for Microsoft Cloud for Financial Services
In this article, you'll learn how to use Power Platform admin center, Azure Monitor, Microsoft Defender for Cloud, Microsoft Purview, and Microsoft Sentinel to monitor your Microsoft Cloud for Financial Services solution. You'll also learn some specific monitoring tips for each capability in the solution: Unified Customer Profile, Onboarding Essentials, and Document Intelligence.
Monitoring considerations
- Only environments with Dataverse provide auditing capabilities (access logs) at the environment and database layer. You can view and consume the logs from Microsoft Purview compliance portal.
- Auditing for environments with Dataverse is off by default, and you can't enable auditing during provisioning. After you create the environment, you can enable auditing within the environment settings.
- Power Platform admin center provides default analytics capabilities for the various Power Platform components, such as Dataverse, Power Apps, and Power Automate.
- Power Platform admins can configure data export for all Power Apps in the tenant and export to an Azure Data Lake Storage (Gen2) account for an overview of the adoption, usage, inventory, and application metadata. Currently, you can't provide public IP addresses for the Dataverse Analytics Data Export service that can be used in Azure Data Lake firewall settings.
- For each environment with Dataverse, Power Platform admins can export Dataverse diagnostics, such as API usage, form load diagnostics, and performance metrics to an Azure Application Insights instance.
- Activity logs for Power Apps are integrated with Microsoft Purview compliance portal, which provides an API to query the data.
- Power Platform provides connectors specifically for management scenarios so organizations can build on top of existing capabilities provided natively in the platform.
- Evaluate the latency of data updates in Power Platform admin center Dataverse analytics.
- Power Platform Performance insights (preview) generates performance metrics based on collected user data of your model-driven app every 24 hours. The performance insights engine uses and analyzes this data to generate insights and recommendations related to performance enhancements.
Best practices to monitor Microsoft Cloud for Financial Services
Microsoft Cloud for Financial Services solution uses components that run in Power Platform. You can also extend the solution using the following approaches: native integrations with Microsoft 365 and custom integrations with internal and external accessible data sources, analytics, and machine learning models via Azure, other cloud or on-premises infrastructure.
With all these components in the architecture, it's important to track how customers use your system, monitor the health and performance of your system, maximize the performance and availability of your resources, and proactively identify problems.
The following table represents solution components used in each capability in Microsoft Cloud for Financial Services.
| Solution components | Unified customer/Client profile | Onboarding essentials | Document intelligence |
|---|---|---|---|
| Power Apps / PCF Controls | X | X | X |
| Power BI Embedded | |||
| Dataverse | X | X | X |
| Power Automate | X | X | |
| Plug-ins / Custom API / Custom Action | X | X | X |
| System jobs (workflows) | X | ||
| AI Builder | X |
You can see centralized monitoring reference architecture for Industry Cloud as a starting point that scopes to monitor the highlighted solution components. It uses a seamlessly integrated centralized monitoring capability using Power Platform admin center, Azure Monitor, Microsoft Defender for Cloud, Microsoft Purview, and Microsoft Sentinel. You can then further extend the reference architecture to include special monitoring instructions shared in subsequent sections for each capability:
Unified customer profile (UCP)
As the solution health heavily relies on data integration from master systems to the data model of UCP, we strongly recommend proper monitoring, logging (auditing, telemetry, and diagnostic), and alerting mechanisms in place for data integration.
Onboarding essentials
In addition to the centralized monitoring approach for common elements like Power Automates and PCF controls, the solution's overall health depends significantly on data integration with core systems. We recommend establishing comprehensive monitoring, logging (including auditing, telemetry, and diagnostics), and alerting mechanisms tailored for data integration.
Document intelligence
Aside from the centralized monitoring approach for common elements such as Power Automate flows and PCF controls, you can also keep track of the status of individual documents using the following tables:
- Document Request table: The State Updated On fields provide the status of each document uploaded.
- Document Pipeline table: The Pipeline document state fields provide status of the document processing pipeline.
- Document Pipeline Step table: The Pipeline step document state fields provide the status of each step in the document processing pipeline.
To align with a centralized monitoring approach, you can extend your monitoring dashboard with some analytics generated using these tables.