Featured image of post How to Enable VM Insights on an Azure Virtual Machine Using Bicep

How to Enable VM Insights on an Azure Virtual Machine Using Bicep

A step-by-step guide to enabling VM Insights on Azure Virtual Machines using a Bicep module to streamline diagnostics and telemetry collection.

When it comes to monitoring your virtual machines in Azure, Application Insights provides a powerful and scalable solution for collecting telemetry data. In this blog post, I’ll walk you through how to enable VM Insights on an Azure Virtual Machine using a Bicep module I recently worked on.

The Goal

We aim to:

  1. Enable diagnostics on an Azure VM.
  2. Send logs and performance metrics to Application Insights.
  3. Use a Bicep module to automate the setup.

The Solution: A Bicep Module

Below is the Bicep module I crafted to enable VM Insights:

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
param name string
param location string
param storageAccountName string
param instanceName string

resource appInsights 'Microsoft.Insights/components@2020-02-02-preview' existing = {
  name: 'appi-${name}'
}

resource storageAccount 'Microsoft.Storage/storageAccounts@2021-06-01' existing = {
  name: storageAccountName
}

resource virtualMachine 'Microsoft.Compute/virtualMachines@2023-03-01' existing = {
  name: 'vm-${instanceName}-${name}'
}

resource extension 'Microsoft.Compute/virtualMachines/extensions@2018-10-01' = {
  location: location
  parent: virtualMachine
  name: 'IaaSDiagnostics'
  properties: {
    publisher: 'Microsoft.Azure.Diagnostics'
    type: 'IaaSDiagnostics'
    typeHandlerVersion: '1.5'
    autoUpgradeMinorVersion: true
    settings: {
      WadCfg: {
        DiagnosticMonitorConfiguration: {
          overallQuotaInMB: '4096'
          sinks: 'applicationInsights'
          Directories: {
            scheduledTransferPeriod: 'PT1M'
            sinks: 'applicationInsights'
            IISLogs: {
              containerName: 'iislogs'
            }
            FailedRequestLogs: {
              containerName: 'failedrequestlogs'
            }
          }
          PerformanceCounters: {
            scheduledTransferPeriod: 'PT1M'
            sinks: 'AzureMonitor'
            PerformanceCounterConfiguration: []
          }
          WindowsEventLog: {
            scheduledTransferPeriod: 'PT5M'
            sinks: 'applicationInsights'
            DataSource: [
              {
                name: 'Application!*[System[(Level <=3)]]'
              }
              {
                name: 'System!*[System[(Level <=3)]]'
              }
              {
                name: 'System!*[System[Provider[@Name=\'Microsoft Antimalware\']]]'
              }
              {
                name: 'Security!*[System[(Level <= 3)]'
              }
            ]
          }
          Logs: {
            sinks: 'applicationInsights'
            DataSource: [
              {
                name: 'Application!*'
              }
              {
                name: 'System!*'
              }
              {
                name: 'Security!*'
              }
            ]
          }
          Crashes: ''
          Syslog: ''
        }
        SinksConfig: {
          Sink: [
            {
              name: 'AzureMonitor'
              AzureMonitor: {}
            }
            {
              name: 'applicationInsights'
              ApplicationInsights: appInsights.properties.InstrumentationKey
            }
          ]
        }
      }
      StorageAccount: storageAccount.name
      StorageType: 'TableAndBlob'
    }
    protectedSettings: {
      storageAccountName: storageAccount.name
      storageAccountKey: storageAccount.listKeys().keys[0].value
    }
  }
}

Key Components

  1. Application Insights

The appInsights resource is defined as an existing resource. Make sure to create an Application Insights instance before using this module.

  1. Storage Account

Used for storing diagnostic logs and data. The storage account is also referenced as an existing resource.

  1. Virtual Machine

The target VM must exist before deploying this module. The Bicep code references the VM as an existing resource.

  1. VM Extension

The IaaSDiagnostics extension is the critical piece that connects the VM to Application Insights. It configures various settings, including performance counters, logs, and event logs.

How It Works

  • Diagnostics Configuration (WadCfg) Defines settings for logs, performance counters, and event logs that are collected from the VM.

  • Sinks Configuration Routes the collected telemetry data to both Azure Monitor and Application Insights.

  • Protected Settings Includes sensitive data such as the storage account key to securely connect to the storage account.

Conclusion

This Bicep module simplifies enabling VM Insights on Azure Virtual Machines, ensuring you have comprehensive monitoring and diagnostics. With the telemetry routed to Application Insights, you gain real-time insights into your VM’s health and performance.

Do you have a different approach to enabling VM Insights? Let me know in the comments!

References:

Built with Hugo
Theme Stack designed by Jimmy