Azure Monitor Logs Next Evolution: Multi-tier logging by info.odysseyx@gmail.com July 29, 2024 written by info.odysseyx@gmail.com July 29, 2024 0 comment 21 views 21 Today we are releasing a public preview. Auxiliary logA new, low-cost Azure Monitor plan for detailed logs used in compliance and security scenarios. With the recent public preview. Summary Rules As the capabilities of native logs improve, Azure Monitor Logs is evolving toward a new multi-tiered logging vision. Most organizations have different requirements for logging. This is because not all logs are created equal. Some are accessed very frequently, some are needed for investigation when issues arise, and some are primarily kept for audit and compliance purposes. When I talk to customers, I often hear that they are using multiple logging services or products side by side to meet their requirements, which slows them down. They have to deploy, maintain, and learn several different technologies just to observe their services. They also tell me that they have to log much more data than before, which increases the cost of logging. Azure Monitor focuses on solving these problems with a single solution that includes multiple logging plans covering a variety of scenarios. With Azure Monitor Logs, customers have a one-stop shop for observability.. these Log plan am: assistant Log – A new, low-cost log plan that lets you collect and manage detailed logs required for audit and compliance scenarios. These can be sparsely queried with KQL and used to generate summaries. Basic Log – Improved to support richer problem-solving and incident response through faster queries and reduce costs.S. now Available Longer retention periods and added KQL operators for aggregation and querying. Analysis Log – neck~is The plan is designed for frequent and concurrent access and supports interactive usage by multiple users. This plan powers the capabilities of Azure Monitor Insights and powers Microsoft Sentinel. It is designed to manage critical and frequently accessed logs optimized for dashboards, alerts, and business-level queries. For a detailed feature comparison between plans, see: Our Documents. Pricing for these plans is as follows: Look here. All these logs may be retained for up to 12 years.accessible at the same time Job SearchSYou can scan petabytes of data to find specific records. Since all of these logs are in Azure Monitor, it means we have the same KQL query language, API, query, and management experience. Also, andWe not only consolidate these logs under one roof, ~is Provides additional features to ensure that logs function cohesively: Summary Rules – Continuously aggregate raw data into compressed summaries that are easier to analyze and cheaper to store Conversion of intake – Enables data filtering, enrichment, and partitioning across log plans. Ingestion Job Search – organized Long run Queries that can scan petabytes historic Data for a specific record Go to Analytics table for further analysisanalyze Through this, ~is You can easily switch between or mix and match different log plans. Customers can start with a table configured with the Analytics plan and then make a simple configuration change to see if Basic Logs is right for them. If they need more features, they can revert to Analytics. Here are two examples of how these plans can be used together to create improved solutions. Firewall logs can be massive, with hundreds of terabytes of highly detailed data per day. Firewalls are optimized to omit all communication details. While most consumers do not need the raw data for everyday use, organizations need to retain it for audit purposes. With Azure Monitor, customers can now send all their firewall logs to secondary logs and retain them for compliance purposes. From this data, customers can run summary rules that create hourly aggregates. Investigators can use these aggregates for their daily work, and if drill-down is required, they can easily query the secondary logs for relevant records. Some logs contain a mix of critical and less critical data. Customers can use pipeline data collection rules to send these logs and split the data between analytics and basic logs. Critical records have all the analytics capabilities, while less critical information can be used for troubleshooting at a lower cost. We are working closely with our customers to gather feedback and continue to add more features to the service. We are always interested in hearing your thoughts and understanding how you are applying Azure Monitor Logs to your environment. You can contact us at lafeedback@microsoft.com or through us. Feedback Community Forum. For more information on how to configure auxiliary logs, see Look here. More details on how to query auxiliary logs Look here. Source link Share 0 FacebookTwitterPinterestEmail info.odysseyx@gmail.com previous post Windows Admin Center (v2) Public Preview build has been updated! next post Newsletter #085 – ML in production You may also like Enterprise productivity is the easiest AI sell November 20, 2024 Delivers data through IBM’s new Environmental Intelligence API November 19, 2024 Criticism mounts over old risk management frameworks November 19, 2024 What to focus on at Microsoft Ignite: Avoiding AI disasters November 18, 2024 AI search threatens digital economy, researcher warns November 12, 2024 Qualcomm has an ‘AI-first’ vision for the future of smart devices November 11, 2024 Leave a Comment Cancel Reply Save my name, email, and website in this browser for the next time I comment.