Azure Monitor Baseline Alerts (Preview)

Overview

As we continue to evolve the Azure landing zone (ALZ) product, if you follow the ALZ community calls or read the whats-new monthly releases you will see we are continuously enhancing documentation and architecture to accommodate changes to the Azure platform.

Over the past few months, we have been working behind the scenes and with a few select customers to develop a solution to help more easily accelerate and adopt Azure Monitor as part of onboarding to Azure or Enhancing your existing Azure / ALZ investment. Working alongside the Azure Monitor product group we have identified a number of opportunities:

Azure Monitor Baseline Alerts (this post)
Azure Monitor Alert Management
Azure Monitor Visualization and Dashboards
Azure Monitor Optimization (Cost)

We recognize for ALZ today whilst we provide and enforce policies that send diagnostic logs to a central Log Analytics workspace, we need to do more to help our customers with their observability journey and maturity.

Based on the themes we identified above we have been working hard to build out a solution starting with Azure Monitor Baseline Alerts. Whilst we encourage all new and existing Azure customers to align to Azure landing zone architecure, we appreciate that this may not be possible in the short term and therefore have also provided brownfield scenario's that customers may be more familiar with to allow you to benefit from the solution.

What does the Baseline Alerts solution include?

The solution is located in GitHub https://aka.ms/alz/monitor/repo and contains a list of recommended Azure Monitor metric and activity log alert rules for the Azure Infrastructure platform. We've worked to collate these alert rules into a single location with recommended values such as threshold. A full list of the alert details can be found here.

Each of the alert rules documented have been compiled into Azure Policy definitions and these have then been packaged into logical Policy Initiatives based on the ALZ management group structure Management groups - Cloud Adoption Framework | Microsoft Learn as demonstrated below.

Azure landing zone management group architecture showing baseline initiatives assigned at specific management group levels within hierarchy

As previously mentioned, we have also provided guidance for customers who do not have a management group structure aligned to ALZ and more details can be found in the deployment guide DeploymentGuide · Azure/alz-monitor Wiki (github.com).

The baseline alerts solution is a framework built on Azure Policy that is extensible and flexible to allow you to choose which alert rules you wish to deploy, ability to change the thresholds to suit and provides the ability to disable alerts (once deployed) should you wish to do so. You can also build additional alert rule policies and add these to the initiatives if you require additional alerts not included as part of the baseline solution (see contribution guide if you want to us to consider these for inclusion in the baseline solution).

There are numerous ways to deploy the baseline solution and we have catered for a few of these including for automation GitHub action (ADO sample on its way), manually via CLI or PowerShell. We deploy using Bicep and also provide ARM templates in JSON format for the policies and initiatives if you wanted to cherry pick policies to use and deploy manually.

As we move from preview, we'll be moving the repo into the ALZ repo and working to include the solution as part of the default ALZ deployments via Portal, Bicep and Terraform reference implementations. We'll also continue to make sure this can be modularized, so customers not aligned to ALZ continue to be able to leverage the baseline solution.

Call to Action

As titled the solution is in preview, please do make sure you test this in your dev / test environments to make sure you are comfortable with the solution and how it works. We'll continue to make changes as we receive great feedback and will be updating the what's new page as we provide updates. If you have any feedback we'd love to hear from you, please use the Issues in the GitHub repo to provide details.

Published on: May 02, 2023

Learn more

Azure Governance and Management Blog articles

Blog image

Azure Governance and Management Blog articles

Learn more

Azure Monitor Baseline Alerts (Preview)

Overview

What does the Baseline Alerts solution include?

Call to Action

Related posts

Episode 395 – Getting Started with VDI in Azure with Azure Virtual Desktop

Building a Multiplayer Chess App in Power Apps with SignalR, Azure Functions & PCF

Azure AI Agents are in the Public Preview

Simplify your .NET data transfers with the new Azure Storage Data Movement library

External REST Endpoint Invocation in Azure SQL Managed Instance is now in Public Preview

Announcing the end of support for Node.js 18.x in the Azure SDK for JavaScript

February Patches for Azure DevOps Server

Primer: Using Exchange Online PowerShell in Azure Automation Runbooks

Azure Developer CLI (azd) – February 2025

Using Azure AI Foundry SDK for your AI apps and agents