VM Insights - Not logging all running processes?
I was wondering why VM Insights doesn't log all running processes on a VM when using the Service MAP & Dependency options. I dump this information into a log analytic workspace and run the KQL:
VMProcess | where UserName =~'admin_local'
It shows me only a few processes that are running, but not everything, e.g. 'notepad.exe', even though I have Notepad open & running in the VM.
How would one achieve this?
Many thanks in advance!
When you use service dependencies or enable Monitoring for Azure VM’s from Azure Monitor section, Not all processes are logged. As every process writes to a performance counter that is not collected by Azure monitor or device map dependencies. Notepad.exe falls under performance counter logs in Azure Log analytics. So you need to select the required process from the data-source to enable logging of all the processes you need.
I tried enabling Azure VM logging via Azure Monitor with Service Map or Dependency but did not receive logs on all the processes. But when I explicitly added Notepad as a data source in the Windows Performance counter, I got the required notepad process.
Notepad is not visible in the VMProcesses or Service Map :-
Deploy a Log Analytics Workspace and select Agents management > Data Collection Rules >
Click on Add resources and add your VM
Collect the notepad process and other required processes data that are needed to be logged.
As Notepad is part of performance counter and not an Event create a custom rule for notepad performance counter like below :-
Select other processes for Logs :-
And Added Data collection rules for both Performance Counters and Event Logs like below :-
My VM got connected to the Log analytics workspace like below :-
after 30 mins, the selected custom log data is visible in the Logs section in the Perf table :-
You can also enable Performance counter logs from your existing Data collection rule from Azure Monitor like below :-
In order to get logs of all the processes you need to enable Logs from Performance counter and add custom logs if required by adding those logs in Data collection rule.
- Cannot add data to a ComplexField using Python SDK for Azure AI Search
- letsencrypt cert request failing for AKS ingress
- Playwright Test execution on Azure Windows machine fails in pipeline with error as No test found, It works perfectly with same command
- How to Combining PowerShell Output from multiple server to Single csv
- How can I find all Azure app registrations with API permissions to a specific app registration?
- Azure Deployment Groups vs Agent Pools
- I cannot extract .sql CREATE TABLEs for each table in my Azure SQL Database in my Azure Repo
- Can not read blobs through BlobContainerClient for blobs with empty folder prefixes
- Are task logs deleted when the node is deleted due to autoscaling in Azure Batch service?
- Azure Function Blob Storage Monitor
- I want to fetch Azure SQL table data from ADF to use as input in copy activity
- How to access code of my Azure website?
- Run JMeter script in AzureDevOps - Bearer Access Token generation
- Azure Function - HTTP trigger request length exceeded
- How and where to define an environment variable on Azure
- Stream Analytics doesn't output the data to SQL but does to a blob storage
- While Hierarchical namespace enabled cannot upload blob with metadata hdi_isfolder
- Cannot log in to Visual Studio Account in VS 2022
- SchemaColumnConvertNotSupportedException: column: [Col_Name], physicalType: INT64, logicalType: string
- create Azure Keyvault secret without exposing values
- Can you create 'User Flows' in Azure with a pay-as-you-go account
- Deploy ARM template at management group scope with Azure DevOps Pipeline
- How to make an azure function that deploys my bicep script from Azure Storage Account
- Basic SQL commands in Terraform
- Can we Deploy Web Application in Azure OpenAI of Production Level
- Get-MgGroupMember by display name instead of userID
- Azure DevOps REST API parent relation link to existing work item error
- What should be put to 'repoOwners' in Managed Identity Federated Credentials policy?
- How to get list of users from CSV file whose LastSignInDate column has a date that is before 90 days from current date or is empty?
- Langchain cannot connect with Azure SQL Database