Skip to content
Learni
View all tutorials
Cloud

How to Configure Azure Monitor for Your Apps in 2026

12 minBEGINNER
AzureMonitoring
Lire en français

Introduction

Azure Monitor is the central monitoring service for Azure resources. It automatically collects metrics, logs, and traces to help you detect issues before they impact your users. In this 2026 tutorial, you'll create a Log Analytics workspace, enable data collection, and write your first KQL queries. The goal is to lay solid foundations for professional monitoring without unnecessary complexity.

Prerequisites

  • Azure account with contributor rights
  • Azure CLI installed (version 2.50+)
  • Basic shell knowledge
  • An active Azure subscription

Login and Resource Group

setup.sh
#!/bin/bash
az login
az group create --name rg-monitor-demo --location francecentral

This command connects your CLI to Azure and creates a dedicated resource group. Always use an isolated group for your monitoring resources to simplify cost management and permissions.

Create the Log Analytics Workspace

create-workspace.sh
az monitor log-analytics workspace create \
  --resource-group rg-monitor-demo \
  --workspace-name law-demo-2026 \
  --location francecentral

The Log Analytics workspace is the core of Azure Monitor. It stores all logs and metrics. The name must be globally unique. Note the workspace ID for subsequent steps.

Enable Diagnostics on a Resource

diagnostic-settings.json
{
  "properties": {
    "logs": [
      {
        "category": "AuditLogs",
        "enabled": true
      }
    ],
    "metrics": [
      {
        "category": "AllMetrics",
        "enabled": true
      }
    ],
    "workspaceId": "/subscriptions/<id>/resourcegroups/rg-monitor-demo/providers/microsoft.operationalinsights/workspaces/law-demo-2026"
  }
}

This JSON file configures sending logs and metrics to your workspace. Apply it with az monitor diagnostic-settings create on any Azure resource.

First KQL Query

query.kql
AzureDiagnostics
| where TimeGenerated > ago(1h)
| where Category == "AuditLogs"
| summarize count() by bin(TimeGenerated, 5m)
| render timechart

This simple KQL query counts audit events from the last hour and displays them as a chart. Test it directly in the Azure Monitor portal.

Create a Basic Alert

create-alert.sh
az monitor metrics alert create \
  --name "CPU > 80%" \
  --resource-group rg-monitor-demo \
  --scopes /subscriptions/<id>/resourceGroups/rg-monitor-demo \
  --condition "avg Percentage CPU > 80" \
  --window-size 5m \
  --evaluation-frequency 1m

This alert monitors average CPU usage. Once the threshold is exceeded for 5 minutes, a notification is sent. Adjust thresholds according to your SLAs.

Best Practices

  • Always name workspaces with a year suffix
  • Limit log retention to data that is actually useful
  • Use consistent tags across all resources
  • Test alerts in a pre-production environment
  • Centralize dashboards in a single workspace

Common Mistakes to Avoid

  • Forgetting to link diagnostic settings to an existing workspace
  • Using non-unique workspace names
  • Ignoring log retention costs
  • Creating too many alerts without a clear notification policy

Next Steps

Deepen your skills with our Azure Monitor training.