Ensure that Guest-Level Diagnostics feature is enabled for your Azure virtual machines (VMs) in order to gather diagnostic data useful to create notification alerts and get vital information about the state of your VM applications using advanced metrics.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
efficiency
Microsoft Azure Monitoring service collects host-level metrics such as CPU usage, disk and network usage for all virtual machines without any additional software. For more insight into the state of your virtual machines, you can collect guest-level metrics, logs and other diagnostic data using the Guest-Level Diagnostics feature. Once you enable this monitoring feature, a diagnostics agent is installed on the selected virtual machine and a set of extended metrics are added to collect usage data every minute. The data collected can be used to find usage trends and anomalies, set custom alerts for CPU and memory disk utilization limits, as well as providing information that you can use to control your Azure costs by sizing the virtual machine according to its usage.
Audit
To determine if your Azure virtual machines (VMs) are configured to use Guest-Level Diagnostics, perform the following actions:
Remediation / Resolution
To enable OS guest-level monitoring for your Microsoft Azure virtual machines, perform the following actions:
References
- Azure Official Documentation
- Add extended metrics for Azure virtual machines
- Understanding and using the Azure Linux Agent
- Azure Virtual Machine Agent overview
- Azure PowerShell Documentation
- az vm list
- az vm show
- az storage account list
- az vm diagnostics get-default-config
- az vm diagnostics set