1. Answers
  2. Implementing Azure Monitoring Diagnostic Settings

How do I write an Azure monitoring diagnostic setting?

In this example, we will implement an Azure Monitoring Diagnostic Setting to collect and route logs and metrics from an Azure resource to various destinations such as Log Analytics Workspaces, Event Hubs, or Storage Accounts. Here, we’ll set it up to send logs to a Log Analytics Workspace. This is crucial for maintaining insight into the health and performance of your Azure resources.

We’ll start with defining our resource group, Log Analytics Workspace, and then the diagnostic setting that sends the logs to the workspace.

import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

// Define the resource group
const example = new azure.core.ResourceGroup("example", {
    name: "example-resources",
    location: "East US",
});
// Define the Log Analytics Workspace
const exampleAnalyticsWorkspace = new azure.operationalinsights.AnalyticsWorkspace("example", {
    name: "example-workspace",
    location: example.location,
    resourceGroupName: example.name,
    sku: "PerGB2018",
    retentionInDays: 30,
});
// Define an Azure resource to monitor (e.g., Virtual Network)
const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
    name: "example-vnet",
    addressSpaces: ["10.0.0.0/16"],
    location: example.location,
    resourceGroupName: example.name,
});
// Define the Diagnostic Setting for the Virtual Network
const exampleDiagnosticSetting = new azure.monitoring.DiagnosticSetting("example", {
    name: "example-diagnostic-setting",
    targetResourceId: exampleVirtualNetwork.id,
    logAnalyticsWorkspaceId: exampleAnalyticsWorkspace.id,
    logs: [{
        category: "NetworkSecurityGroupEvent",
        enabled: true,
        retentionPolicy: {
            enabled: false,
        },
    }],
    metrics: [{
        category: "AllMetrics",
        enabled: true,
        retentionPolicy: {
            enabled: false,
        },
    }],
});
export const logAnalyticsWorkspaceId = exampleAnalyticsWorkspace.id;
export const diagnosticSettingId = exampleDiagnosticSetting.id;

In this example, we have:

  1. Defined a resource group for organizing resources.
  2. Created a Log Analytics Workspace where logs and metrics are sent.
  3. Provisioned an Azure resource to monitor (in this case, a Virtual Network).
  4. Set up a Diagnostic Setting for the Virtual Network, sending network security group event logs and metrics to the Log Analytics Workspace.
  5. Included outputs for the Log Analytics Workspace ID and Diagnostic Setting ID.

This setup helps you collect and analyze metrics and logs, providing valuable insights into your resources’ performance and operations.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up