Azure virtual machines (VMs) compute instances can run on demand. You can use them like servers deployed on-premises, operating systems and applications, or containerized workloads. Monitoring operating systems performance for Azure VMs is one of the core critical elements of your day-to-day operations.
In this article, we will show you how to get Azure VM insights and performance using KQL queries.
Table of Contents
Introduction
VM insights include a performance set that targets several key performance indicators (KPIs) to help you determine how well an Azure virtual machine is performing.
While there are numerous elements to consider when dealing with performance, VM insights monitor key operating system performance indicators related to the processor, memory, network adapter, and disk utilization. VM insights performance complements the health monitoring feature. It helps you to expose issues that indicate a possible system component failure, support tuning, and optimization to achieve efficiency or support capacity planning.
If you already have VM insights configured, then you could view the performance chart directly from an Azure VM or for multiple VMs in the Azure portal as described by Microsoft.
The purpose of this article is to use KQL queries to find disk drive free space, free available memory, CPU utilization, and network bandwidth of all the Azure VMs without logging into every server or using the VM insights chart.
Prerequisites
To follow this article, you need to have the following:
1) Azure subscription – If you don’t have an Azure subscription, you can create a free one here.
2) Azure Resource Group (RG).
3) At least one supported operating system (x64) is deployed in the desired RG. Please check the following table lists for the supported operating systems for update assessments and patching.
4) Log Analytics Workspace. Check the following article on how to create a Log Analytics workspace.
5) Enable VM insights to monitor the performance of your Azure VM. Check the following article to configure the Log Analytics workspace for VM insights. To configure a single workspace for all your VMs, go to the Virtual Machines blade under Insights in the Azure Monitor menu, select Configure Insights, in the Not monitored tab as shown in the figure below, and select a subscription, a workspace and then click Configure.
You could also use Azure Policy to ensure all VMs and VM Scale Sets in your subscriptions and resource groups are configured for monitoring automatically.
Assuming you have all the prerequisites in place, take now the following steps:
KQL Query CPU Utilization
Open the log analytics workspace and run the following query. You can run the query in Azure Monitor or Azure VM Logs or Log Analytics Workspace.
InsightsMetrics
| where Origin == "vm.azm.ms"
and Namespace == "Processor"
and Name == "UtilizationPercentage"
| extend CPU=tostring(todynamic(Tags)["vm.azm.ms/totalCpus"])
| summarize CPU_Load_Percentage = avg(Val) by Computer, CPU, _ResourceId
| project Computer, Total_vCPUs=CPU, CPU_Load_PercentageThis query returns the result of Select Computer from Scope, the total CPU set on the VM, and CPU load in Percentage.
We have blur-boxed the Computer values for obvious reasons.
KQL Query Free Disk Space
To get the free disk space in GB for all Azure VMs, run the following query:
InsightsMetrics
| where Origin == "vm.azm.ms"
and Namespace == "LogicalDisk"
and Name == "FreeSpaceMB"
| extend Disk=tostring(todynamic(Tags)["vm.azm.ms/mountId"]),
Disk_Size_GB=(todynamic(Tags)["vm.azm.ms/diskSizeMB"])/(1024)
| summarize Disk_Free_Space_GB = avg(Val)/(1024) by Computer,
Disk, Disk_Size_GB, _ResourceId
| project Computer, Disk, Disk_Size_GB, Disk_Free_Space_GBThis query returns the result of Select Computer from Scope, all disks for each computer, the disk size, and the free disk space in GB.
KQL Query Free Available Memory
To get the free available memory in GB for all Azure VMs, run the following query:
InsightsMetrics
| where Origin == "vm.azm.ms" and Namespace == "Memory"
| extend TotalMemoryGB=(todynamic(Tags)["vm.azm.ms/memorySizeMB"])/(1000)
| summarize FreeMemoryGB = avg(Val)/(1000) by Computer, TotalMemoryGB, _ResourceId
| project Computer, TotalMemoryGB, FreeMemoryGBThis query returns the result of Select Computer from Scope, the total memory set on the VM, and the free memory available in GB.
KQL Query Network Bandwidth
To get the network bandwidth in MB (In and Out) for all Azure VMs, run the following query:
InsightsMetrics
| where Origin == "vm.azm.ms" and Namespace == "Network"
| extend NIC_Name=tostring(todynamic(Tags)["vm.azm.ms/networkDeviceId"])
| summarize NIC_Bandwidth_MB = avg(Val)/(1024/1024) by Computer, NIC_Name, Name
| project Computer, NIC_Name, ReadReceived_WriteSent=Name, NIC_Bandwidth_MBThis query returns the result of Select Computer from Scope, the Network Interface Name, the bandwidth (Read=Received=In) and (Write=Sent=Out), and the consumed bandwidth in MB for each NIC in any direction.
That’s it! This was a simple way to check the CPU utilization in percentage, available disk space, available memory, and network bandwidth on all Azure VMs using KQL.
Summary
In this article, we discussed how to monitor Azure virtual machines’ performance using KQL. All those queries will work on Windows and Linux virtual machines.
You can use them to check resource utilization over a period of time so you can identify bottlenecks, and anomalies, or switch to a perspective listing each machine to view resource utilization based on the metric selected.
Then you can create alert rules for your virtual machines and their guest operating systems. Alerts in Azure Monitor proactively notify you of interesting data and patterns in your monitoring data. There are no preconfigured alert rules for virtual machines, but you can create your own based on data collected by VM insights and KQL.
__
Thank you for reading my blog.
If you have any questions or feedback, please leave a comment.
-Charbel Nemnom-
