Azure Monitor and Loki Integration

Input and output integration overview

Gather metrics from Azure resources using the Azure Monitor API.

The Loki plugin allows users to send logs to Loki for aggregation and querying, leveraging Loki’s efficient storage capabilities.

Integration details

Azure Monitor

The Azure Monitor Telegraf plugin is specifically designed for gathering metrics from various Azure resources using the Azure Monitor API. Users must provide specific credentials such as client_id, client_secret, tenant_id, and subscription_id to authenticate and gain access to their Azure resources. Additionally, the plugin supports functionality to collect metrics from both individual resources and resource groups or subscriptions, allowing for flexible and scalable metric collection tailored to user needs. This plugin is ideal for organizations leveraging Azure cloud infrastructure, providing crucial insights into resource performance and utilization over time, facilitating proactive management and optimization of cloud resources.

Loki

This Loki plugin integrates with Grafana Loki, a powerful log aggregation system. By sending logs in a format compatible with Loki, this plugin allows for efficient storage and querying of logs. Each log entry is structured in a key-value format where keys represent the field names and values represent the corresponding log information. The sorting of logs by timestamp ensures that the log streams maintain chronological order when queried through Loki. This plugin’s support for secrets makes it easier to manage authentication parameters securely, while options for HTTP headers, gzip encoding, and TLS configuration enhance the adaptability and security of log transmission, fitting various deployment needs.

Configuration

Azure Monitor

# Gather Azure resources metrics from Azure Monitor API
[[inputs.azure_monitor]]
  # can be found under Overview->Essentials in the Azure portal for your application/service
  subscription_id = "<>"
  # can be obtained by registering an application under Azure Active Directory
  client_id = "<>"
  # can be obtained by registering an application under Azure Active Directory.
  # If not specified Default Azure Credentials chain will be attempted:
  # - Environment credentials (AZURE_*)
  # - Workload Identity in Kubernetes cluster
  # - Managed Identity
  # - Azure CLI auth
  # - Developer Azure CLI auth
  client_secret = "<>"
  # can be found under Azure Active Directory->Properties
  tenant_id = "<>"
  # Define the optional Azure cloud option e.g. AzureChina, AzureGovernment or AzurePublic. The default is AzurePublic.
  # cloud_option = "AzurePublic"

  # resource target #1 to collect metrics from
  [[inputs.azure_monitor.resource_target]]
    # can be found under Overview->Essentials->JSON View in the Azure portal for your application/service
    # must start with 'resourceGroups/...' ('/subscriptions/xxxxxxxx-xxxx-xxxx-xxx-xxxxxxxxxxxx'
    # must be removed from the beginning of Resource ID property value)
    resource_id = "<>"
    # the metric names to collect
    # leave the array empty to use all metrics available to this resource
    metrics = [ "<>", "<>" ]
    # metrics aggregation type value to collect
    # can be 'Total', 'Count', 'Average', 'Minimum', 'Maximum'
    # leave the array empty to collect all aggregation types values for each metric
    aggregations = [ "<>", "<>" ]

  # resource target #2 to collect metrics from
  [[inputs.azure_monitor.resource_target]]
    resource_id = "<>"
    metrics = [ "<>", "<>" ]
    aggregations = [ "<>", "<>" ]

  # resource group target #1 to collect metrics from resources under it with resource type
  [[inputs.azure_monitor.resource_group_target]]
    # the resource group name
    resource_group = "<>"

    # defines the resources to collect metrics from
    [[inputs.azure_monitor.resource_group_target.resource]]
      # the resource type
      resource_type = "<>"
      metrics = [ "<>", "<>" ]
      aggregations = [ "<>", "<>" ]

    # defines the resources to collect metrics from
    [[inputs.azure_monitor.resource_group_target.resource]]
      resource_type = "<>"
      metrics = [ "<>", "<>" ]
      aggregations = [ "<>", "<>" ]

  # resource group target #2 to collect metrics from resources under it with resource type
  [[inputs.azure_monitor.resource_group_target]]
    resource_group = "<>"

    [[inputs.azure_monitor.resource_group_target.resource]]
      resource_type = "<>"
      metrics = [ "<>", "<>" ]
      aggregations = [ "<>", "<>" ]

  # subscription target #1 to collect metrics from resources under it with resource type
  [[inputs.azure_monitor.subscription_target]]
    resource_type = "<>"
    metrics = [ "<>", "<>" ]
    aggregations = [ "<>", "<>" ]

  # subscription target #2 to collect metrics from resources under it with resource type
  [[inputs.azure_monitor.subscription_target]]
    resource_type = "<>"
    metrics = [ "<>", "<>" ]
    aggregations = [ "<>", "<>" ]
</code></pre>

Loki

[[outputs.loki]]
  ## The domain of Loki
  domain = "https://loki.domain.tld"

  ## Endpoint to write api
  # endpoint = "/loki/api/v1/push"

  ## Connection timeout, defaults to "5s" if not set.
  # timeout = "5s"

  ## Basic auth credential
  # username = "loki"
  # password = "pass"

  ## Additional HTTP headers
  # http_headers = {"X-Scope-OrgID" = "1"}

  ## If the request must be gzip encoded
  # gzip_request = false

  ## Optional TLS Config
  # tls_ca = "/etc/telegraf/ca.pem"
  # tls_cert = "/etc/telegraf/cert.pem"
  # tls_key = "/etc/telegraf/key.pem"

  ## Sanitize Tag Names
  ## If true, all tag names will have invalid characters replaced with
  ## underscores that do not match the regex: ^[a-zA-Z_:][a-zA-Z0-9_:]*.
  # sanitize_label_names = false

  ## Metric Name Label
  ## Label to use for the metric name to when sending metrics. If set to an
  ## empty string, this will not add the label. This is NOT suggested as there
  ## is no way to differentiate between multiple metrics.
  # metric_name_label = "__name"

Input and output integration examples

Azure Monitor

1. Dynamic Resource Monitoring: Use the Azure Monitor plugin to dynamically gather metrics from Azure resources based on specific criteria like tags or resource types. Organizations can automate the process of loading and unloading resource metrics, enabling better performance tracking and optimization based on resource utilization patterns.

2. Multi-Cloud Monitoring Integration: Integrate metrics collected from Azure Monitor with other cloud providers using a centralized monitoring solution. This allows organizations to view and analyze performance data across multiple cloud deployments, providing a holistic overview of resource performance and costs, and streamlining operations.

3. Anomaly Detection and Alerting: Leverage the metrics gathered via the Azure Monitor plugin in conjunction with machine learning algorithms to detect anomalies in resource utilization. By establishing baseline performance metrics and automatically alerting on deviations, organizations can mitigate risks and address performance issues before they escalate.

4. Historical Performance Analysis: Use the collected Azure metrics to conduct historical analysis by feeding the data into a data warehousing solution. This enables organizations to track trends over time, allowing for detailed reporting and decision-making based on historical performance data.

Loki

1. Centralized Logging for Microservices: Utilize the Loki plugin to gather logs from multiple microservices running in a Kubernetes cluster. By directing logs to a centralized Loki instance, developers can monitor, search, and analyze logs from all services in one place, facilitating easier troubleshooting and performance monitoring. This setup streamlines operations and supports rapid response to issues across distributed applications.

2. Real-Time Log Anomaly Detection: Combine Loki with monitoring tools to analyze log outputs in real-time for unusual patterns that could indicate system errors or security threats. Implementing anomaly detection on log streams enables teams to proactively identify and respond to incidents, thereby improving system reliability and enhancing security postures.

3. Enhanced Log Processing with Gzip Compression: Configure the Loki plugin to utilize gzip compression for log transmission. This approach can reduce bandwidth usage and improve transmission speeds, especially beneficial in environments where network bandwidth may be a constraint. It’s particularly useful for high-volume logging applications where every byte counts and performance is critical.

4. Multi-Tenancy Support with Custom Headers: Leverage the ability to add custom HTTP headers to segregate logs from different tenants in a multi-tenant application environment. By using the Loki plugin to send different headers for each tenant, operators can ensure proper log management and compliance with data isolation requirements, making it a versatile solution for SaaS applications.

Feedback

Thank you for being part of our community! If you have any general feedback or found any bugs on these pages, we welcome and encourage your input. Please submit your feedback in the InfluxDB community Slack.