Moniter and Maintain Azure Resources Flashcards
- compare latencies
-monitor, diagnose, connectivity-related metrics - cross-region, cross-workspace connectivity monitoring
Azure Network Watcher Connection Monitor
- data flow between NSGs
- network traffic allowed/denied in VNet
Azure Network Watcher NSG diagnostics
- VNet gateways and their connections
- Azure portal, PowerShell, CLI, REST API
- health of gateway or connection
Azure Network Watcher VPN Troubleshoot
- network connectivity at a packet level
- which packets are allowed/denied to/from VM
- direction, protocol, local/remote IP, local/remove port
5 tuple packet parameter-based verification method
Azure Network Watcher IP Flow Verify
- calculates the filters that affect a VM in a RG
- analyzes results of Test-AzNetworkWatcher IPFlow
Get-AzEffectiveNetworkSecurityGroup
- routing issues
Test-AzNetworkWatcherNextHop
- tests oubound connection from source VM/port to destination IP/port using TCP or UDP
- returns NSG that contains filerting rule that blocked
Test-AzNetworkWatcherIPFlow
- outbound connectivity between VM and destination
Test-AzNetworkWatcherConnectivity
- shows details about NSG
Get-AzNetworkSecurityGroup
check for TCP connection between source/destination VM
- specify FQDN, URI, or IP
Connection troubleshoot
See how packets travel from VM to destination
Next hop
- shows all the NSG rules applied to network interface
Effective security rules
- SIEM
- SOAR
- used to collect threat data, investigate, and respond to threats using AI
Microsoft Sentinel
- run queries against a large amount of logs collected from various sources
- Kusto queries
Azure Log Analytics
- comphrehensive solution
- collecting, analyzing, acting on telemetry
- feed various metrics and logs to storage accounts
- query and visualize logs
- build alerts to take actions
Azure Monitor
- APM (Application Performance Monitoring)
- telemetry data
- not comprehensive
- no alerting
Azure Application Insights
Dashboard on top of Azure Storage metrics and logs
Examine transaction volume and used capacity
Storage Insights
Simplifies deploying, scaling, managing, and configuring a SAN
Azure Elastic SAN
Premium block blob storage
Standard storage account type for: blobs, file shares, queues, and tables
Standard GPv2 storage
Offeres fully managed file shares accessible via SMB protocol, NFS protocol, and Azure Files REST API
Azure Files
Users premium block blob storage
Azure Site Recovery supports churn (data change rate) up to 100 MV/s per VM
Achieve better recovery point objective (RPO)
Azure Site Recovery High Churn
Monitor performance between different points in netowrk
1. Performance Monitor - connectivity
2. Service Connectivity Monitor - connectivity with network services
3. ExpressRoute Monitor - end-to-end connectivity over Azure EpxressRoute
Azure Network Performance Monitor
Does NOT support ‘Premium’ storage account
boot diagnostics
- NSGs in target region
- Recovery Plan
- Customize Plan, add step for attaching public IP
- Traffic Manager profile
Azure Site Recovery
Resource-level diagnostics logs monitor events that happen inside the resource
For IoT Hub, has event DeviceTelemetry
Azure Monitor resource diagnostics logs on IoT Hub
Provides info about the high-level health of resource
Azure Resource Health
Provides info about application performance while application is running
Azure Application Insights
Provides info about actions performed on resources in subscription while using Resource Manager
Azure activity logs
- Start the file recovery process and select the recovery point
- Download/execute PowerShell script to browse/recover files
- Copy file from ounted volumn to VM
- Unmount the volumes
Steps to restore Vm from Azure Recovery Services Vault
Send to Log Analytics
Azure Recovery Services vault diagnostics
Stored in Recovery Services Vault
Snapshot
Resources need to be in same region as RSV
Can NOT backup Azure Blob containers or Azure SQL database
Azure Backup
Root “A” record - points to domain
Root “TXT” record - verification
“CNAME” record - subdomain
DNS records
– Create a Recovery Services vault
– Define a backup policy
– Apply the backup policy to protect multiple virtual machines
Steps to backup an Azure VM
Schedule for how often/when recovery points are taken
Retention range for the recovery points
Backup policy
Back up on-premises physical servers, VMs, and apps running on them
Microsoft Azure Backup Server (MABS)