Search Tutorials


AZ-400 - Implement an Instrumentation Strategy | JavaInUse

AZ-400 - Implement an Instrumentation Strategy

1. Azure Monitor Overview

Azure Monitor is the comprehensive monitoring service in Azure that collects, analyzes, and acts on telemetry from cloud and on-premises environments. For DevOps teams, Azure Monitor provides the feedback loop needed to understand application health, detect issues, and diagnose root causes.

Data Types

Metrics vs Logs

Metrics are lightweight numerical values sampled at regular intervals, stored in a time-series database. They are ideal for real-time alerting and have near zero latency. Logs are structured records stored in Log Analytics workspaces, queried using Kusto Query Language (KQL). Logs support complex analysis, correlation, and long-term retention. Both data types can trigger alerts and be visualized in dashboards.

Data Sources

Collection Sources

Azure Monitor collects data from: Application (Application Insights telemetry), Guest OS (Azure Monitor Agent), Azure Resources (diagnostic settings), Azure Subscription (Activity Log), Azure Tenant (Azure AD sign-in/audit logs), and Custom Sources (Data Collector API, custom metrics). Diagnostic settings route resource logs and metrics to Log Analytics, Storage, or Event Hubs.

2. Alerts

Azure Monitor alerts proactively notify you when conditions are found in your monitoring data. They are essential for detecting and addressing issues before users notice them.

Alert Types

Metric Alerts

Metric alerts evaluate metric conditions at regular intervals. They support static thresholds (e.g., CPU > 90%) and dynamic thresholds (machine learning-based anomaly detection that adapts to metric patterns). Metric alerts support multiple conditions (AND logic) and dimensions (e.g., alert per VM in a scale set). Evaluation frequency can be as low as 1 minute.

Log Alerts

Log alerts run a KQL query against Log Analytics data at a configured frequency. They can return the number of matching records or a metric-based measurement. Log alerts are more flexible than metric alerts but have higher latency (evaluation frequency typically 5-15 minutes). Examples: alert when error count exceeds threshold, alert on specific exception patterns, alert on slow database queries.

Activity Log Alerts

Activity log alerts trigger when specific events occur in the Activity Log, such as resource creation, deletion, or modification. Service Health alerts are a special type that notify about Azure service incidents, planned maintenance, and health advisories affecting your resources.

Action Groups

Alert Responses

Action groups define the actions taken when an alert fires. Actions include: Email/SMS/Push/Voice notifications, Azure Function invocation, Logic App trigger, Webhook calls, ITSM connector (create tickets in ServiceNow, etc.), Automation Runbook, and Event Hub streaming. A single action group can be associated with multiple alert rules, and each alert can trigger multiple action groups.

3. Log Analytics

Log Analytics Workspaces

Workspace Design

A Log Analytics workspace is the central repository for log data. Design considerations include: Single workspace for simplicity and cross-resource queries, Multiple workspaces for data sovereignty, access control separation, or compliance requirements. Workspace-based Application Insights stores application telemetry in a Log Analytics workspace, enabling cross-resource KQL queries.

Kusto Query Language (KQL)

Essential KQL Operations

Common KQL operators for monitoring: where (filter), summarize (aggregate), extend (add computed columns), project (select columns), join (combine tables), render (visualize), and ago() (time-relative filter). Example: requests | where timestamp > ago(1h) | summarize count() by resultCode | render piechart. KQL is read-only and does not modify data.

4. Service Map

Service Map Overview

Service Map (part of VM Insights) automatically discovers application components on Windows and Linux systems and maps communication between them. It shows: server dependencies, inbound/outbound connections, port-level details, and failed connections. Service Map requires the Dependency Agent in addition to the Azure Monitor Agent. It integrates with Log Analytics for deep-dive analysis and with Azure Dashboards for visualization.

Application Insights Application Map

Application Map discovers the distributed topology of your application. It shows all components (services) and their dependencies with health indicators (response time, failure rate, call count). You can drill into each component for details. Application Map works with auto-instrumentation or SDK-based instrumentation and supports cross-component correlation using distributed tracing.

5. Monitoring DevOps Pipelines

Pipeline Monitoring

Monitor pipeline health by tracking: Build success/failure rates, Build duration trends, Deployment frequency, Lead time for changes, Mean time to recovery (MTTR), and Change failure rate. These are the four key DORA metrics that measure DevOps performance. Azure DevOps provides built-in analytics with the Analytics service and OData endpoints for custom reporting.

Exam Tip: Understand the difference between metric alerts, log alerts, and activity log alerts. Know when to use static vs dynamic thresholds. Understand Log Analytics workspace design principals (single vs multiple). Know that Service Map requires the Dependency Agent and shows server-level dependencies, while Application Map shows application-level dependencies. Remember the four DORA metrics for measuring DevOps performance.

← Back to AZ-400 Preparation Topics


Popular Posts

1Z0-830 Java SE 21 Developer Certification Prepare with Notes and Real Time Practice Tests 1Z0-819 Java SE 11 Developer Certification Prepare with Notes and Real Time Practice Tests 1Z0-829 Java SE 17 Developer Certification Prepare with Notes and Real Time Practice Tests AWS AI Practitioner Certification Prepare with Notes and Real Time Practice Tests AZ-204 Azure Developer Associate Certification Prepare with Notes and Real Time Practice Tests AZ-305 Azure Solutions Architect Expert Certification Prepare with Notes and Real Time Practice Tests AZ-400 Azure DevOps Engineer Expert Certification Prepare with Notes and Real Time Practice Tests DP-100 Azure Data Scientist Associate Certification Prepare with Notes and Real Time Practice Tests AZ-900 Azure Fundamentals Certification Prepare with Notes and Real Time Practice Tests PL-300 Power BI Data Analyst Certification Prepare with Notes and Real Time Practice Tests Spring Professional Certification Prepare with Notes and Real Time Practice Tests Azure AI Foundry Hello World What is Azure AI Foundry Azure AI Agent Hello World Set up and run your first agent Foundry vs Hub Projects When to choose Foundry or hub-based Build Agents with SDK Threads, messages, runs in Python Bing Web Search Agent Ground agents with real-time data Function Calling Agent Custom functions & tool integration Spring Boot + Azure Key Vault Hello World Example Fetch secrets from Azure Key Vault in Spring Boot Spring Boot + Elasticsearch + Azure Key Vault Example Secure Elasticsearch config using Azure Key Vault Spring Boot Azure AD (Entra ID) OAuth 2.0 Authentication Connect Spring Boot to Azure AD using OAuth2 Deploy Spring Boot App to Azure App Service Host Spring Boot application on Azure App Service Secure Azure App Service using Azure API Management Protect deployed Spring Boot app with API Management Deploy Spring Boot JAR to Azure App Service Deploy executable JAR directly to Azure Deploy Spring Boot + MySQL to Azure App Service Host Spring Boot with MySQL database on Azure Spring Boot + Azure Managed Identity Example Access Azure Key Vault using Managed Identity Secure Spring Boot Azure Web App with Managed Identity + App Registration Secure Spring Boot app via Azure Portal configuration Elasticsearch 8 Security - Integrate Azure AD OIDC Integrate Azure AD OIDC with Elasticsearch & Kibana