Azure Monitor | Data Collection Rules
Data collection rules in Azure Monitor
Data Collection Rules (DCR) define data coming
into Azure Monitor and specify where that data should be sent or stored. This
article provides an overview of data collection rules including their contents
and structure and how you can create and work with them.
Data collection rules currently support the
following input sources:
Azure Monitor Agent running on virtual
machines, virtual machine scale sets and Azure Arc for servers.
Components of a data collection rule
A data collection rule
includes the following components.
|
COMPONENTS OF A DATA COLLECTION RULE |
|
|
Component |
Description |
|
Data sources |
Unique source of monitoring data with its own format and
method of exposing its data. Examples of a data source include Windows event
log, performance counters, and syslog. Each data source matches a particular
data source type as described below. |
|
Streams |
Unique handle that describes a set of data sources that
will be transformed and schematized as one type. Each data source requires
one or more streams, and one stream may be used by multiple data sources. All
data sources in a stream share a common schema. Use multiple streams for
example, when you want to send a particular data source to multiple tables in
the same Log Analytics workspace. |
|
Destinations |
Set of destinations where the data should be sent.
Examples include Log Analytics workspace and Azure Monitor Metrics. |
|
Data flows |
Definition of which streams should be sent to which
destinations. |
Data collection rules are stored regionally, and are available
in all public regions where Log Analytics is supported. Government regions and
clouds are not currently supported.
The following diagram shows the components of a data collection
rule and their relationship:
Create DCR and associations with Azure
PowerShell.
Parameters
have to be defined based on above PowerShell commands.
No comments:
Post a Comment