Introduction to Connection Monitor
Azure Connection Monitor is a cloud-native solution that enables you to monitor network connectivity from Azure to your applications or any other endpoint. It leverages Azure Network Watcher to provide a scalable and reliable monitoring experience.
Connection Monitor helps you to:
- Proactively detect and diagnose network connectivity issues.
- Understand network performance metrics like latency and packet loss.
- Visualize network paths and identify bottlenecks.
- Set up alerts for critical connectivity changes.
Key Concepts
- Connection Monitor Monitor
- A monitor resource in Azure that allows you to configure and manage network connectivity tests. It acts as the central point for defining sources, destinations, and checking intervals.
- Source Endpoint
- Represents a logical network entity from which connectivity tests originate. This can be an Azure Virtual Machine, an Azure Kubernetes Service (AKS) node, a Virtual Machine Scale Set instance, or a configured on-premises machine using the Log Analytics agent.
- Destination Endpoint
- The target endpoint for your connectivity tests. This can be an Azure resource (like a Virtual Machine, Load Balancer, Application Gateway, Azure Firewall, or Storage Account), a public IP address, a fully qualified domain name (FQDN), or a custom TCP endpoint.
- Connection Monitor Test
- A specific configuration within a Connection Monitor Monitor that defines a connection test between a source and a destination. This includes parameters like the protocol (TCP/HTTP), port, checking interval, and thresholds.
- Log Analytics Workspace
- A centralized repository for logs and performance data collected by Azure services. Connection Monitor sends its monitoring data to a Log Analytics workspace, enabling advanced analysis, visualization, and alerting.
- Agent
- For monitoring connectivity from on-premises machines or VMs that are not directly managed by Azure Monitor, an agent (like the Log Analytics agent) needs to be installed and configured to send telemetry to the Log Analytics workspace.
- Network Path
- The sequence of network hops and network devices that a connection traverses from the source to the destination. Connection Monitor can visualize this path to help identify where issues might be occurring.
- Metrics
- Key performance indicators collected by Connection Monitor, including:
- Round-trip time (RTT): The time it takes for a packet to travel from the source to the destination and back.
- Packet loss: The percentage of packets that are dropped during transit.
- Availability: The percentage of successful connection attempts.
How Connection Monitor Works
Connection Monitor operates by deploying agents or using built-in capabilities to send probes from source endpoints to destination endpoints. These probes are configured with specific parameters like port and protocol.
The data from these probes is collected and sent to a designated Log Analytics workspace. Within the workspace, you can:
- Query the raw data using Kusto Query Language (KQL).
- Create workbooks for interactive dashboards and visualizations.
- Set up alert rules based on metrics or specific event conditions.
Important Considerations
Ensure that network security groups (NSGs), firewalls, and other network security devices allow traffic for the probes between your source and destination endpoints. Connection Monitor relies on ICMP or TCP probes, so appropriate rules must be in place.
Use Cases
Connection Monitor is invaluable for a variety of scenarios:
- Monitoring Hybrid Deployments: Ensuring connectivity between on-premises resources and Azure services.
- Troubleshooting Application Connectivity: Diagnosing why clients cannot reach a web application hosted on Azure.
- Verifying Network Segmentation: Confirming that traffic is restricted as intended between different virtual networks or subnets.
- Performance Baselines: Establishing normal performance metrics for critical network paths.
- DDoS Impact Assessment: Monitoring how network traffic is affected during a DDoS attack.
Next Steps
Now that you understand the fundamental concepts, you can proceed to learn how to: