Skip to content

Latest commit

 

History

History
165 lines (97 loc) · 8.11 KB

module08.md

File metadata and controls

165 lines (97 loc) · 8.11 KB
Raw

Module 08 - Monitor

< Previous Module - Home - Next Module >

📢 Introduction

Microsoft Purview administrators can use Azure Monitor to track the operational state of a Microsoft Purview account instance. This information, for example, can be the number of scans completed or cancelled. Metrics are collected to provide data points for you to track potential problems, troubleshoot, and improve the reliability of the Microsoft Purview platform.

🤔 Prerequisites

🎯 Objectives

  • View Microsoft Purview metrics.
  • Send Microsoft Purview diagnostic logs to Azure Storage.

📑 Table of Contents

# Section Role
1 Provide a User Access to Microsoft Purview Metrics Azure Administrator
2 Visualize Microsoft Purview Metrics Azure Administrator
3 Send Diagnostic Logs to Azure Storage Azure Administrator

1. Provide a User Access to Microsoft Purview Metrics

Metrics can be accessed from the Azure Portal for a Microsoft Purview account instance. Access to the metrics can be granted via a role assignment.

  • The person who created the Microsoft Purview account automatically gets permissions to view metrics.
  • Other individuals can be provided access by adding them to the Monitoring Reader role.

  1. Sign in to the Azure portal, navigate to your Microsoft Purview account (e.g. pvlab-{randomId}-pv), select Access Control and click Add role assignment.

    Microsoft Purview Access Control

  2. Filter the list of roles by searching for Monitoring Reader, select the Monitoring Reader role and then click Next.

    Add Role Assignment

  3. Click Select members, search for a user within your Azure Active Directory, select that user from the list, and then click Select.

    💡 Did you know?

    Monitoring Reader role can view all monitoring data but cannot modify any resource or edit any settings related to monitoring resources. This role is appropriate for users in an organization such as Microsoft Purview administrators.

    Assign Role

  4. Click Review + assign to progress to the final screen, then click Review + assign once more to add the role assignment.

    Verify Access

2. Visualize Microsoft Purview Metrics

  1. Navigate to your Microsoft Purview account instance and click Metrics.

    Microsoft Purview Metrics

  2. Click to open the Metric drop-down menu and select one of the metrics (e.g. Scan time taken).

    Available Metrics

    Metric ID Metric Name Metric Description
    DataMapCapacityUnits Data Map Capacity Units Indicates the number of capacity units consumed.
    DataMapStorageSize Data Map Storage Size Indicates the data map storage size.
    ScanCancelled Scan Cancelled Indicates the number of scans cancelled.
    ScanCompleted Scan Completed Indicates the number of scans completed successfully.
    ScanFailed Scan Failed Indicates the number of scans failed.
    ScanTimeTaken Scan Time Taken Indicates the total scan time in seconds.

    Select Metric

  3. Click on the chart type to change the graph to a Bar chart.

    Metrics Chart Type

  4. Click on the time range to change the duration to Last 30 Days and click Apply.

    Metrics Time Range

  5. Below is an example. Note: The account instance would need some historical scan activity in order to visualize the metric.

    Metrics Graph

3. Send Diagnostic Logs to Azure Storage

  1. Navigate to your Microsoft Purview account instance, click Diagnostic settings and select Add diagnostic setting.

    💡 Did you know?

    Diagnostic settings can be used to send platform logs and metrics to one or more destinations (Log Analytics Workspace, Storage Account, an Event Hub).

    Add Diagnostic Setting

  2. Provide the diagnostic setting a name (e.g. Audit), select ScanStatus, select Archive to a storage account, select an existing storage account (e.g. pvlab{randomId}adls) and click Save.

    💡 Did you know?

    ScanStatus tracks the scan life cycle. A scan operation follows progress through a sequence of states, from Queued, Running and finally a terminal state of Succeeded | Failed | Canceled. An event is logged for each state transition.

    Save Diagnostic Setting

  3. To test the capture of raw events, trigger a full scan by navigating to the Microsoft Purview Governance Portal > Data map > Sources and click View details on an existing source.

    Source Details

  4. Navigate to the Scans tab and click the name of a previously run scan.

    Source Scans

  5. Open the Run scan now drop-down menu and select Full Scan.

    Full Scan

  6. Monitor the scan status by periodically clicking the Refresh button.

    Scan Progress

  7. Once the scan is complete, navigate to your storage account within the Azure Portal, select Storage browser, expand Blob containers and select insights-logs-scanstatuslogevent, navigate down the folder hierarchy until you reach a JSON document (e.g. PT1H.json).

    Storage Explorer

  8. Download and open a local copy of the JSON document with your choice of text editor (e.g. Notepad++, VSCode, etc) to see details such as dataSourceName, dataSourceType, assetsDiscovered, scanTotalRunTimeInSeconds, and more.

    Event JSON

🎓 Knowledge Check

https://aka.ms/purviewlab/q08

  1. Which built-in role is needed to provide users access to view monitoring data?

    A ) Purview Data Reader
    B ) Metrics Reader
    C ) Monitoring Reader

  2. Which of the following is not available as a Microsoft Purview metric?

    A ) ScanCompleted
    B ) ScanDuration
    C ) ScanTimeTaken

  3. The ScanStatusLogEvent schema contains an attribute that indicates the total run time. What is the name of this attribute?

    A ) scanTotalRunTime
    B ) scanTotalRunTimeInSeconds
    C ) scanTotalDuration

🎉 Summary

This module provided an overview of how to visualize Microsoft Purview metrics within the Azure Portal and how to capture raw telemetry to an Azure Storage account.

Continue >