Azure Application Gateway

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. It works on application layer (OSI layer 7) and supports URL based routing. This integration helps in analyzing access patterns, tracking performance information for each instance, including total requests served, throughput in bytes, healthy and unhealthy backend instance count.
Log and Metric types​
For Azure Application Gateway, you can collect the following logs and metrics:
- Access log. These logs provide information on access patterns including the caller's IP, requested URL, response latency, return code, and bytes in and out.
- Performance log. These log captures performance information for each instance, including total requests served, throughput in bytes, total requests served, failed request count, and healthy and unhealthy backend instance count. The Performance log is available only for the v1 SKU. For the v2 SKU, use Metrics for performance data.
- Firewall log. You can use this log to view the requests that are logged through either detection or prevention mode of an application gateway that is configured with the web application firewall.
To know more about the different resource log category types and schemas collected for Azure Application Gateway, refer to Azure documentation.
- Platform Metrics for Azure Application Gateway. These metrics are available in Microsoft.Network/applicationGateways namespace. For more information on supported metrics in Azure Application Gateway v1 and Azure Application Gateway v2, refer to Azure documentation.
Setup​
Azure service sends monitoring data to Azure Monitor, which can then stream data to Eventhub. Sumo Logic supports:
- Logs collection from Azure Monitor using our Azure Event Hubs source.
- Metrics collection using our HTTP Logs and Metrics source via Azure Functions deployed using the ARM template.
You must explicitly enable diagnostic settings for each Azure Application Gateway you want to monitor. You can forward logs to the same event hub provided they satisfy the limitations and permissions as described here.
When you configure the event hubs source or HTTP source, plan your source category to ease the querying process. A hierarchical approach allows you to make use of wildcards. For example: Azure/ApplicationGateway/Logs
, Azure/ApplicationGateway/Metrics
.
Configure metrics collection​
In this section, you will configure a pipeline for shipping metrics from Azure Monitor to an Event Hub, on to an Azure Function, and finally to an HTTP Source on a hosted collector in Sumo Logic.
- Configure an HTTP Source.
- Configure and deploy the ARM Template.
- Export metrics to Event Hub. Perform below steps for each Azure Application Gateway that you want to monitor.
- Choose
Stream to an event hub
as destination. - Select
AllMetrics
. - Use the Event hub namespace created by the ARM template in Step 2 above. You can create a new Event hub or use the one created by ARM template. You can use the default policy
RootManageSharedAccessKey
as the policy name.
- Choose
Configure logs collection​
In this section, you will configure a pipeline for shipping diagnostic logs from Azure Monitor to an Event Hub.
- To set up the Azure Event Hubs cloud-to-cloud source in Sumo Logic portal, refer to our Azure Event Hubs source documentation.
- To create the Diagnostic settings in Azure portal, refer to the Azure documentation. Perform below steps for each Azure Application Gateway that you want to monitor.
- Choose
Stream to an event hub
as the destination. - Select
allLogs
. - Use the Event hub namespace and Event hub name configured in previous step in destination details section. You can use the default policy
RootManageSharedAccessKey
as the policy name.
- Choose
Troubleshooting​
Azure Event Hubs Source​
Common error types are described here.
You can try restarting the source for ThirdPartyConfig
errors.
HTTP Logs and Metrics Source used by Azure Functions​
To troubleshoot metrics collection, follow the instructions in Collect Metrics from Azure Monitor > Troubleshooting metrics collection.