Monitor and Back up Azure Resources

Question 1

What two types of data feed into Azure Monitor ?

Answer 1

Metrics

Logs

Question 2

What are the three big differentiators between metrics and logs ?

Answer 2

Retention

Properties

Data Availability

Question 3

Can be stored for up to 2 years

• Metrics
• Log Analytics

Answer 3

Log Analytics

Question 4

Typically retained for up to 93 days

• Metrics
• Log Analytics

Answer 4

Metrics

Question 5

Metrics have a fixed set of properties (or attributes). What are these five properties ?

Answer 5

Time
Type 
Resource
Value
Dimensions

Question 6

Typically gathered over time and available for immediate query

• Metrics
• Log Analytics

Answer 6

Metrics

Question 7

………………………… are often gathered after being triggered by an event (such as an event is written to an application log) and can take time to process before they are available for query.

Answer 7

Log Analytics

Question 8

……………………… will typically be used for fast alerts, and …………………….. are used for more complex analysis.

Answer 8

metrics

logs

Question 9

Data stored in Log Analytics can also be queried directly through a ……………………………… , where you will have access to the same query interfaces as you have through Azure Monitor, but you also can make customizations to the configuration of the workspace

Answer 9

Log Analytics Workspace

Question 10

What is the time interval at which Azure Metrics are collected ?

Answer 10

one - minute intervals

Question 11

How is an Azure metric identified ? (2 things)

Answer 11

metric name

namespace (category)

Question 12

What is the typical retention period of metrics ?

Answer 12

93 days

Question 13

What must you enable and set up to query application metrics ?

Answer 13

Application Insights

Question 14

Virtual machines in Azure can also push custom metrics to the monitor service using the ………………………… extension on Windows servers

Answer 14

Windows Diagnostic

Question 15

Virtual machines in Azure can also push custom metrics to the monitor service using the ……………………………………. on Linux VMs

Answer 15

InfluxData Telegraf Agent

Question 16

What are two ways to increase the retention period of metrics ?

Answer 16

Send them to Log Analytics

Send them to a storage account with a retention policy

Question 17

What are the four properties of each metric ?

Answer 17

■ The time the value was collected
■ The type of measurement the value represents
■ The resource with which the value is associated
■ The value itself

Question 18

True or false : Using Azure Monitor, you can chart resources and metrics across several different subscriptions

Answer 18

True

Question 19

True or false : Using Azure Monitor, you can chart resources and metric, but they must reside within the same subscription.

Answer 19

False

Question 20

A Log Analytics Workspace is an Azure……………………….. , meaning that……………………………. can be applied for granular access to the service and the data stored within it.

Answer 20

resource

RBAC

Question 21

After having provisioned a Log Analytics Workspace, which blade in the Logs Analytics Workspace blade allows you to obtain the Agent ID, the primary key, and the secondary key for the Agent ?

Answer 21

Agent Management

Question 22

For VM machines to begin reporting telemetry to Log Analytics, what must they have installed ?

Answer 22

Azure Log Analytics Agent

Question 23

For the agent to send telemetry, you must also ensure that the required………….. are available, and the required………………. are added to the approved-list.

Answer 23

ports

URIs

Question 24

A Log Analytics Agent on a machine uses which port for all outbound communication to the Log Analytics Workspace ?

Answer 24

Port 443

Question 25

What are the three different types of platform logs ? | What layer of Azure are they associated with ? (tenant, subscription, resources...)

Answer 25

Resource logs - resource layer Activity logs - subscription layer Azure Active Directory logs - tenant layer

Question 26

What are 4 destinations where one can send their logs ?

Answer 26

The Azure Portal Azure Log Analytics A storage account An event hub

Question 27

The Azure ............................... surfaces data at the subscription level and can be useful for understanding actions that occur within your environment against the Resource Manager APIs.

Answer 27

Activity Log

Question 28

The query language used by Log Analytics is called...................

Answer 28

Kusto

Question 29

Queries always begin with a.................. –either a table or search-based query

Answer 29

scope

Question 30

..................................... target a single table in a Log Analytics Workspace (or database), while ............................ target all tables by default.

Answer 30

Table-based queries search-based queries

Question 31

What are the two types of queries Log Analytics ?

Answer 31

Table - based queries Search - based queries

Question 32

.............................. queries can be saved for later and/or marked as favorites so they can be retrieved later using the Query explorer

Answer 32

Authored

Question 33

What is the path for accessing Sample Queries and authoring your own queries ?

Answer 33

Azure Portal - Azure Monitor - Logs blade

Question 34

What is the path in the Azure Portal to create an Application Insight resource ?

Answer 34

Azure Monitor - Insights - Applications (left side pane) - Create Application Insight App

Question 35

Alerts in Azure Monitor are centered on alert rules. Alert Rules contain what 4 components ?

Answer 35

■ A target resource (or resource type) ■ Conditional logic for the alert with criteria based on the available signals for the target resource ■ An Action Group, or what should happen when the alert rule condition is met ■ A name and description for the alert rule

Question 36

When creating an alert rule, the target resource defines the scope and signals available for the alert. A target resource is an Azure resource that generates signals. What are the three types of signals ?

Answer 36

■ Metrics ■ Log search queries ■ Activity Logs

Question 37

A(n) ................. is a collection of actions that should occur in response to an alert being triggered.

Answer 37

Action Group

Question 38

Action groups are separate resources and are independent of the alert rule. What does this mean iif you have a large amount of alert rules ?

Answer 38

This means that the same Action Group can be used across multiple alert rules.

Question 39

When configuring an action group, in addition to sending email notifications, what are five other actions that you can automate ?

Answer 39

``` Runbook (Powershell that runs in Azure Automation Service) Function Apps ITSM (ServiceNow for example) Logic Apps Webhook ```

Question 40

True or false : Alerts are managed independently of alert rules and maintain their own state.

Answer 40

True

Question 41

What are the three states an alert can have ?

Answer 41

■ New. The alert is new and has not been reviewed ■ Acknowledged. The issue that generated the alert is being actioned by an administrator ■ Closed. The issue that generated the alert has been resolved, and the alert has been marked as closed

Question 42

True or false : The state of an alert is updated by the user who is interacting with the alert and is not updated automatically by the Azure platform.

Answer 42

True

Question 43

True or false : The state of an alert is updated automatically by the Azure platform.

Answer 43

False

Question 44

Alert state is not the same as the monitor condition of an alert. When the Azure platform generates an alert based on an alert rule, the alert’s monitor condition is set to .............. and when the underlying condition clears, the monitor condition is set to ................

Answer 44

fired resolved

Question 45

[Backup and restore with on-premises workloads] To back up files and folders from on-premises VMs, you need to use the MARS agent. What does MARS stand for ?

Answer 45

Microsoft Azure Recovery Services