Monitoring for DevOps: Azure Monitor & App Insights

Why monitoring completes the DevOps loop

The Azure Monitor ecosystem

Azure Monitor is the umbrella platform for all monitoring, logging, and alerting in Azure. It collects data from multiple sources and provides tools to analyse and act on that data.

Architecture overview

Data Sources              Collection           Analysis & Action
─────────────            ──────────           ──────────────────
Applications       ──→   App Insights    ──→  Log Analytics workspace
VMs                ──→   VM Insights     ──→  Metrics Explorer
Containers (AKS)   ──→   Container       ──→  Workbooks
                          Insights
Storage accounts   ──→   Storage         ──→  Alerts
                          Insights
Network resources  ──→   Network         ──→  Dashboards
                          Insights
Azure resources    ──→   Diagnostic      ──→  Autoscale
                          Settings
Custom sources     ──→   Data Collection ──→  Azure Monitor
                          Rules (DCR)          SCOM MI

Two data types

Data Type	What It Is	Storage	Query Language
Metrics	Numeric time-series data — CPU percentage, request count, response time	Azure Monitor Metrics store (fast, 93-day retention)	Metrics Explorer (visual)
Logs	Structured event records — requests, exceptions, traces, custom events	Log Analytics workspace (configurable retention, up to 12 years)	KQL (Kusto Query Language)

Metrics are lightweight and near-real-time (1-minute granularity). Use them for dashboards and alerts on current state. Logs are rich and queryable. Use them for deep investigation, correlation, and historical analysis.

Question

What is the key difference between Azure Monitor Metrics and Azure Monitor Logs?

Click or press Enter to reveal answer

Answer

Metrics are lightweight numeric time-series (CPU%, request count) stored in a fast metrics store with up to 93-day retention, queried via Metrics Explorer. Logs are rich structured event records (requests, exceptions, traces) stored in a Log Analytics workspace with configurable retention up to 12 years, queried via KQL. Metrics are for real-time dashboards and alerts. Logs are for deep analysis and correlation.

Click to flip back

Application Insights

Application Insights is the application performance monitoring (APM) component of Azure Monitor. It monitors your live applications and detects performance anomalies.

Telemetry types

Telemetry Type	What It Captures	Example
Requests	Incoming HTTP requests to your app	GET /api/users took 234ms, returned 200
Dependencies	Outgoing calls to external services	SQL query took 89ms, HTTP call to payment API took 1.2s
Exceptions	Unhandled and tracked exceptions	NullReferenceException in OrderService.Process()
Traces	Custom diagnostic messages (your ILogger output)	“Processing order 12345 for customer ABC”
Page views	Client-side page load telemetry	Homepage loaded in 1.8s on Chrome
Custom events	Business-relevant events you define	”User completed checkout”, “Report generated”
Custom metrics	Business-relevant numeric values	”Cart value: $147”, “Queue depth: 23”

Instrumentation approaches

Application Insights Instrumentation

Approach	How It Works	When to Use
Auto-instrumentation (codeless)	Enable via Azure Portal, ARM, or agent. No code changes needed.	Azure App Service, Azure Functions, VMs with the agent. Fastest path to monitoring.
SDK integration	Add the Application Insights SDK NuGet/npm package and configure in code.	When you need custom telemetry (custom events, metrics), or when auto-instrumentation is not available for your platform.
OpenTelemetry	Use the Azure Monitor OpenTelemetry exporter. Vendor-neutral instrumentation.	New applications, multi-cloud scenarios, or teams adopting OpenTelemetry standards.

Connection strings vs instrumentation keys

Application Insights connection strings replaced instrumentation keys as the recommended configuration method. Connection strings contain the ingestion endpoint and the instrumentation key, supporting regional ingestion endpoints and private link scenarios. Always store the connection string in application settings or Key Vault — never hardcode it.

Question

What are the three ways to instrument an application with Application Insights?

Click or press Enter to reveal answer

Answer

1. Auto-instrumentation (codeless) — enable in Azure Portal or via agent, no code changes. Works for App Service, Functions, VMs. 2. SDK integration — add the App Insights SDK package to your code for custom telemetry. 3. OpenTelemetry — use the Azure Monitor OpenTelemetry exporter for vendor-neutral, standards-based instrumentation. Auto-instrumentation is fastest; SDK gives most control; OpenTelemetry is the modern standard.

Click to flip back

Insights services: VM, Container, Storage, Network

VM Insights

Monitors virtual machine performance and health:

• CPU, memory, disk, and network metrics per VM
• Process-level detail (which processes consume resources)
• Dependency mapping — visualises network connections between VMs and external services (requires the Dependency Agent)
• Data sent to Log Analytics workspace for KQL analysis

Enable: Install the Azure Monitor Agent (AMA) and configure a Data Collection Rule (DCR).

Container Insights

Monitors AKS clusters and container workloads:

• Node and pod resource utilisation (CPU, memory)
• Container restart counts and failure rates
• Kubernetes events (pod scheduling, image pull failures)
• Prometheus metrics integration (custom app metrics)
• Live logs — real-time container stdout/stderr in the portal

Enable: Enable during AKS cluster creation or add the monitoring add-on later. Uses Azure Monitor Agent with ContainerLogV2 schema.

Storage Insights and Network Insights

• Storage Insights — unified view of storage account health, performance, capacity, and transactions across all accounts
• Network Insights — topology visualisation, connectivity monitoring, traffic analysis, and NSG flow logs

Question

What does the Dependency Agent provide in VM Insights that the Azure Monitor Agent alone does not?

Click or press Enter to reveal answer

Answer

The Dependency Agent provides dependency mapping — it discovers and visualises network connections between VMs and external services (databases, APIs, third-party services). The Azure Monitor Agent collects performance metrics and logs but does not map inter-service dependencies. Together they give you both performance data and architecture visibility.

Click to flip back

GitHub monitoring

Actions insights

GitHub provides workflow monitoring through the Actions tab:

• Workflow run history — success/failure rates, duration trends
• Usage metrics — runner minutes consumed (billable minutes for private repos)
• Workflow visualisation — job dependencies and timing breakdown

Configuring charts (repository insights)

Repository Insights (under the Insights tab) provide:

• Pulse — summary of activity (PRs merged, issues closed, contributors active)
• Contributors — commit frequency by contributor over time
• Traffic — page views, unique visitors, referral sources, popular content
• Dependency graph — all dependencies and their known vulnerabilities

For organisations with GitHub Enterprise, GitHub Insights provides custom charts and metrics across all repositories.

Audit log

The GitHub audit log records administrative and security events:

• Organisation membership changes
• Repository permission changes
• Branch protection modifications
• Secret scanning bypass events
• Workflow permission changes

Audit logs can be streamed to external SIEM systems (Azure Sentinel, Splunk) for long-term retention and correlation.

Pipeline alerts

Azure DevOps notifications

Azure DevOps supports built-in notifications for pipeline events:

Event	Notification Type	Configuration
Build completes	Email, Teams webhook	Personal or team subscription
Build fails	Email, Teams webhook, service hook	Team subscription (auto-notify assignees)
Release deployment pending	Email to approvers	Automatic when approval gates are configured
Release deployment fails	Email, Teams webhook	Team subscription
Work item linked to build	Email	Personal subscription

Service hooks extend notifications to external systems — Slack, Teams, webhooks, Azure Functions, Grafana.

GitHub Actions alerts

GitHub Actions does not have a built-in alerting system like Azure DevOps. Instead, use:

• Repository notification settings — watch workflow runs for failure notifications
• Third-party GitHub Apps — Slack GitHub integration, Teams GitHub connector
• Custom webhook steps — add a job step that posts to Slack/Teams on failure:

- name: Notify on failure
  if: failure()
  uses: slackapi/slack-github-action@v2
  with:
    webhook: ${{ secrets.SLACK_WEBHOOK }}
    payload: |
      "text": "Workflow failed: ${{ github.workflow }}"

Work item creation from alerts

Azure Monitor alerts can automatically create work items in Azure DevOps or GitHub Issues when triggered:

1. Configure an Azure Monitor alert rule (e.g., response time > 2 seconds)
2. Attach an action group with an “Azure DevOps Work Item” or “Webhook” action
3. When the alert fires, a bug or task is created in your backlog automatically

This closes the loop: production issue → alert → work item → fix → deploy → monitor.

Scenario: Kai sets up monitoring for Launchpad Labs

🚀 Kai Tanaka’s SaaS startup has just deployed their first production service to AKS. Sam (CTO) asks: “How do we know it is working?”

Kai’s monitoring stack:

1. Application Insights — auto-instrumented on the .NET API via the AKS monitoring add-on. Captures requests, dependencies, and exceptions.
2. Container Insights — enabled on the AKS cluster. Monitors pod health, node resource usage, and restart counts.
3. Azure Monitor alerts — configured for: response time P95 over 2s (warning), error rate over 5% (critical), pod restart count over 3 in 10 minutes (critical).
4. Action groups — critical alerts create GitHub Issues automatically via webhook, plus Slack notification.
5. GitHub Actions monitoring — Slack integration notifies the team channel on deployment failures.

Result: Within the first week, Container Insights detects a memory leak causing pod restarts. The alert fires, a GitHub Issue is created, Riku (frontend dev) picks it up, and the fix is deployed the same day.

💡 Exam tip: Know which Insights service for which resource

The exam may describe a resource type and ask which monitoring solution to use:

• Web app or API → Application Insights
• Virtual machines → VM Insights (with Dependency Agent for mapping)
• AKS / containers → Container Insights
• Storage accounts → Azure Monitor for Storage (Storage Insights)
• VNets, load balancers, NSGs → Azure Monitor for Networks (Network Insights)
• All of the above, unified → Azure Monitor (umbrella) with Log Analytics workspace

Also remember: all Insights services send data to a Log Analytics workspace, where you can write KQL queries to correlate data across resource types.

Knowledge check

Knowledge Check

Jordan wants to monitor an AKS cluster to see pod resource utilisation, container restart counts, and real-time container logs. Which service should he enable?

AApplication Insights with the Kubernetes SDKBContainer Insights on the AKS clusterCVM Insights on the AKS node VMsDAzure Monitor for Networks

Check Answer

Knowledge Check

Nadia's Azure Monitor alert fires when the claims API response time exceeds 3 seconds. She wants a bug to be automatically created in Azure DevOps Boards. What should she configure?

AA Log Analytics workspace alert with an email action groupBAn Azure Monitor alert rule with an action group that includes an Azure DevOps work item action (via ITSM connector or webhook)CA Grafana dashboard with an Azure DevOps pluginDAn Azure DevOps pipeline scheduled trigger that checks Application Insights

Check Answer

🎬 Video coming soon

Monitoring for DevOps: Azure Monitor & App Insights

Next up: Metrics and KQL: Analysing Telemetry and Traces