You can monitor multiple components of your Azure Virtual Desktop environment such as host pools, application groups, session hosts and user sessions. Log Analytics workspace in Azure Monitor is the primary tool for log collection and analysis.
Setting up Log Analytics Workspace
The first step towards configuring log collection and analysis for Azure Virtual Desktop (AVD) session hosts is to create a Log Analytics Workspace on Azure if you don’t have one yet. For this, navigate to the Azure portal, click on “Create a resource” and search for “Log Analytics Workspace”. Provide the necessary information like subscription, resource group, name, and location, then click “Review + Create”.
After setting up the Log Analytics Workspace, you need to install the Log Analytics agent on your session host virtual machines. This is achieved by using Azure policy, specifically the “Deploy Log Analytics agent to Windows Virtual Desktop session host virtual machines” policy.
To create a policy assignment:
- From the Azure portal, search for “Policy”.
- On the Policy page, click Assignments and then click Assign Policy.
- Configure the necessary assignment details such as Scope, Policy Definition etc.
- For the Parameters, choose your Log Analytics workspace.
Enabling Log Collection and Analysis
Azure Virtual Desktop provides a diagnostic feature called Azure Monitor, which allows to turn on the collection and analysis of diagnostic logs. There are two types of logs to consider:
- Diagnostic Logs: These logs contain information about the operation of a resource. Data is presented in JSON format, making it easy to gather detailed information from events.
- Activity Logs: These logs provide insight into the operations on each resource in the subscription level.
- Navigate to Azure Virtual Desktop in your Azure Portal.
- On the Azure Virtual Desktop page, select the Diagnostic settings.
- Click on “+ Add diagnostic setting”.
- Assign a name, check the boxes for both types of logs, and select “Send to Log Analytics”.
- Choose the Log Analytics Workspace you’ve created earlier and save the changes.
- Open your Log Analytics Workspace from Azure Portal.
- On the Workspace page, select “Logs” in the left-hand pane.
- Use Kusto Query Language (KQL) to query the logs and transform your data.
To enable log collection:
Analyzing Collected Logs
Now that you have enabled log collection for AVD, the collected data will be sent to your specified Workspace. To analyze logs:
Here is an example of a query that shows the count of successful and failed sign-ins within a last 24 hours:
KQL
SigninLogs
| where TimeGenerated >= ago(24h)
| summarize SuccessCount = countif(ResultType == 0), FailureCount = countif(ResultType != 0) by UserPrincipalName
In conclusion, log collection and analysis for Azure Virtual Desktop session hosts are two important components of the AVD monitoring process. With the help of Azure Monitor and Log Analytics Workspace, you can easily collect and analyze each log, allowing you to have a powerful insight into your Azure Virtual Desktop’s health, performance, and functionality. Understanding this process is important for the candidates preparing for the AZ-140 Configuring and Operating Microsoft Azure Virtual Desktop exam.
Practice Test
True/False: Azure Log Analytics service is not necessary for log collection and analysis for Azure Virtual Desktop session hosts.
- True
- False
Answer: False
Explanation: Azure Log Analytics service is a primary tool used for log collection and analysis in Azure Virtual Desktop environment.
Which of the following services are used for log collection and analysis for Azure Virtual Desktop session hosts?
- A) Log Analytics
- B) Network Watcher
- C) Azure Security Center
- D) App Insights
Answer: A) Log Analytics, C) Azure Security Center
Explanation: Azure Log Analytics and Azure Security Center are essential tools for log collection and analysis in Azure Virtual Desktop environment.
True/False: Azure Monitor is used to route diagnostic logs from Azure Virtual Desktop session hosts.
- True
- False
Answer: True
Explanation: Azure Monitor collects and stores diagnostic logs. It allows you to analyze the operation of Azure resources, and hence used to route diagnostic logs from Azure Virtual Desktop session hosts.
What is required to enable log analytic workspace for Azure Virtual Desktop?
- A) Workspace ID
- B) Workspace Key
- C) Both A and B
- D) Neither A nor B
Answer: C) Both A and B
Explanation: Both Workspace ID and Workspace Key are required to enable a log analytic workspace for Azure Virtual Desktop.
Single-Select: Can logs in Azure Virtual Desktop be maintained indefinitely?
- A) Yes
- B) No
Answer: B) No
Explanation: By default, logs are kept for 30 days, however, this period can be extended but not indefinitely.
Multi-Select: Which types of logs are available in Azure Virtual Desktop?
- A) Device logs
- B) Connection logs
- C) Application logs
- D) User logs
Answer: B) Connection logs, C) Application logs
Explanation: Connection and Application logs are the types of logs available in Azure Virtual Desktop.
True/False: The Azure Virtual Desktop Diagnostics role does not need any specific privileges.
- True
- False
Answer: False
Explanation: The Azure Virtual Desktop Diagnostics role requires Reader privileges to access and analyze logs.
Single-Select: By default, how long can logs be kept in the Azure Monitor Log Analytics workspace?
- A) 30 days
- B) 60 days
- C) 90 days
- D) 120 days
Answer: A) 30 days
Explanation: By default, logs are kept for 30 days in the Azure Monitor Log Analytics workspace.
True/False: In Azure Virtual Desktop, you can configure auto-collection for some specific event logs.
- True
- False
Answer: True
Explanation: Yes, Azure Virtual Desktop allows the configuration of auto-collection for specific event logs.
Single-Select: What command line tool do Microsoft recommend to diagnose Azure Virtual Desktop session host issues?
- A) PowerShell
- B) CLI
- C) Bash
- D) Shell
Answer: A) PowerShell
Explanation: Microsoft recommends the PowerShell command-line tool to diagnose AVD session host issues because it comes with cmdlets specially designed for it.
Interview Questions
How can you enable Azure Monitor for Azure Virtual Desktop?
You can enable Azure Monitor for Azure Virtual Desktop by going to Logs (Analytics Queries) on the Azure Monitor page in the Azure portal.
What information can the Azure Monitor Insights provide about Azure Virtual Desktop session hosts?
Azure Monitor Insights can provide you with data about overall usage, performance trends, errors, and other diagnostics for your hosted environments.
What type of data does Azure Monitor collect?
Azure Monitor collects two fundamental types of data: metrics (numerical values that describe some aspect of a system) and logs (events or other data collected by Azure resources).
Can you see session host performance information in the Azure Virtual Desktop diagnostics tool?
Yes, you can see session host performance by using Azure Monitor insights for Azure Virtual Desktop.
Which two query types can be run in log search in Azure Monitor for Azure Virtual Desktop?
Two types of search queries that can be run in Azure Monitor for Azure Virtual Desktop are ‘simple queries’ and ‘advanced queries’.
What type of solution should be enabled to get user session information for Azure Virtual Desktop?
To get user session information, the Azure Monitor Log Analytics solution should be enabled for Azure Virtual Desktop.
How can you export Azure Monitor data for further analysis?
In Azure Monitor, export options include Microsoft Excel, Power BI, and Azure Storage. It can be done by pressing on the “Export” button and choosing the desired option.
How does the Azure Monitor pricing work?
Azure Monitor pricing is based on the amount of data ingested for Log Analytics and the amount of metric data stored.
What is the purpose of the Azure Monitor agent in virtual desktop sessions?
The Azure Monitor agent allows the collection of data directly from operating systems and applications, enabling detailed performance tracking and analytics.
Can Azure Monitor be used with Azure Virtual Desktop, on-premises environments and other cloud hosts?
Yes, Azure Monitor can collect data from Azure Virtual Desktop, on-premises environments, and other clouds, providing a complete view across your investments.
What types of insights can you obtain for Azure Virtual Desktop session hosts in Azure Monitor with Log Analytics?
Insights available include overview, user sessions, hosts, applications, and failures.
How often does Azure Monitor evaluate log search alerts?
Azure Monitor evaluates log search alerts every minute.
Can you create custom alerts in Azure Monitor?
Yes, it’s possible to create custom alerts in Azure Monitor if certain conditions are met, such as high CPU utilization on a virtual machine.
What are some best practices in configuring log collection and analysis on Azure Virtual Desktop session hosts?
Some best practices include monitoring key performance indicators like CPU and memory usage, setting up alerts for potential issues, and regularly reviewing and analyzing logs for a better understanding of system performance and issue resolution.
What is the role of Azure Log Analytics in Azure Virtual Desktop monitoring?
Azure Log Analytics plays a key role in Azure Virtual Desktop monitoring by collecting and analyzing data from a variety of sources, including Azure Monitor, to provide comprehensive insights into performance and operational efficiency.
extutorials.com