WELCOME TO CLOUD MATTER

Search
  • Roman Guoussev-Donskoi

Azure Alerts - Monitor Web Site Availability (and on-premises too)

Updated: May 5, 2019

Microsoft released preview of unified alert experience in Azure Monitor. Based on initial quick test seems to work really well and easy to setup and manage.

What you can alert on

Azure Monitor now includes alerts that were managed by Log Analytics and Application Insights. You can alert on metrics and logs as described in monitoring data sources. These include but are not limited to:

Metric values, Log search queries, Activity Log events, Billing data, Health of the underlying Azure platform, Tests for web site availability.

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-overview

https://docs.microsoft.com/en-us/azure/azure-monitor/app/monitor-web-app-availability


Setup Web Site Monitoring

Go to Application Insights Availability blade and create a simple website Ping test.



You can expand success criteria and alerts sections configure details (e.g. HTTP code you expect) and types of alerts. I tested the preview of new alerts.



Now we can configure alert




At the bottom of the screen you can specify alert severity and description



If you click on "Condition" you can configure signal.

Best description I have seen so far on "Period (grain)" field is "Setting the time period to a wider window accounts for the potential of data latency, and ensures the query returns data to avoid a false negative where the alert never fires." in Respond to events with Azure Monitor Alerts.

WebHook

You can also specify alert actions by creating new or selecting existing Action Group.

We will Add Web Hook, email, SMS and phone call notifications.


SMS and Voice


At this point notification registration SMS is sent.




To test notifications bring down the monitored App service

Then we can observe the Azure function execution in Live Metrics and Application Insights trace.


Phone calls, SMS messages and emails for alert activation and deactivation are all delivered as well. (I have setup several alerts to monitor the same test website. )



Monitor->Alerts will show us history and the current state of alerts


Common alert schema

Unless you have existing integration that can break it seems always better use Common Alerts Schema. "Historically, the three alert types in Azure today (metric, log, and activity log) have had their own email templates, webhook schemas, etc. With the common alert schema, you can now receive alert notifications with a consistent schema. " (Common alert schema Microsoft docs).


Visualization - Dashboards

Azure dashboard provide a nice visualization for Azure availability monitoring. Application Insights metrics and availability monitoring, alerts and other monitoring blades can be pinned to Azure Dashboard to provide and summary of the monitored resources state.


Pin Availability blade to Dashboard


Pin Alerts blade to Dashboard


Enjoy the Dashboard



Monitor on-premises resources

Microsoft documentation states that for Application Insights web test URL can be any web page, but it must be visible from the public internet. This is very unfortunate since this excludes on-premises devices and internal load balancer App Service Environment (ILB ASE).

Luckily at least basic availability tests are easy to setup for on-premises and ILB ASE web sites as well.

We will use Azure Functions Proxies and Azure App Service Hybrid Connections.


First we setup Azure Functions Proxy to point to on-premises or ILB ASE website.



Then we configure Hybrid Connections for Azure Functions App Service (Azure Web App Hybrid Connection post describes details). Now calls to Azure Functions Proxies will invoke the on-premises or ILB ASE web site. (Test with Postman really helps if you encounter any issues here).


Then we point Applications Insights web test to Azure Functions Proxy.

That is it really. Now stop the App Service deployed on-premises or in ILB ASE and the alert is raised.


Security

The resources deployed on-premises and in internal load balancer App Service Environment (ILB ASE) are usually deployed to avoid exposure to attacks from Internet via public IP addresses. Monitoring should compromise this by adding public entry points. To accomplish this adding network IP restrictions provides protection for proxy function from unauthorized external access.

(and as usual do not forget to protect *.scm.azurewebsites.net entry point as well).


As usual automation provides scalable approach for management of IP restrictions. In Github AppService-Functions.psm1 provides PowerShell code.


Integration

If you need to integrate alert with your systems seems leveraging message queues seems like a good idea. This prevents alerts from being lost when target system is temporarily not available.

For example Azure Function triggered by alert writes a message into Azure Service Bus whereas another Azure function processes those messages and communicates with the target system.


Multi-step web tests - we need to find another tool

As per Microsoft Cloud-based load testing service end of life

"The cloud-based load testing service is also used in the following places, which will no longer be available after March 31st, 2020.

  • Running load tests in Azure Pipelines using the load testing tasks (Cloud-based load test task, Apache JMeter task and the cloud-based web performance test task: These tasks will stop working after March 31st, 2020 and will be removed

  • Cloud-based load tests in CI/CD pipelines will run until March 31st, 2020. After that you need to self-host them and run using the Test Controller/Test Agent setup invoking the tests through the mstest.exe command-line

  • Running performance tests using the Azure portal (performance test option in App Services and Application Insights blades): These options will no longer be available after March 31st, 2020.”

" Visual Studio web performance tests (.webtest files) are tied to the load test functionality and is also deprecated. "




901 views0 comments

Recent Posts

See All

Databricks is an amazing platform for data engineering, data science and machine learning. One of the critical requirements of secure data processing is data audit - the ability to identity what data

SAS access to storage account is very convenient and easy and while Microsoft recommends that you use Azure AD credentials when possible as security best practice still SAS sometimes hard to avoid. Le

 

Subscribe

 

CONTACT

Your details were sent successfully!

Computers