search

Azure / azure-policy

Repository for Azure Resource Policy built-in definitions and samples
MIT License
1.49k stars 1.08k forks source link

Azure Guest Configuration Policy Azure monitor agent #1082

Open Acenl12 opened 1 year ago

Acenl12 commented 1 year ago

It looks like we can only configure one Log Analytics using guest configuration policies to configure the Azure Monitor Agent (MMAAgent). And I'm looking for only policy which enabled to configure multi homing because we have that scenario.

shayoniseth commented 1 year ago

While the title says Azure Monitor agent, the issue description says MMA agent.

@guidovbrakel Can you perhaps clarify which agent, and also post a link to the policy in question?

Acenl12 commented 1 year ago

Hi

This policy for example https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Guest%20Configuration/GuestConfiguration_WindowsLogAnalyticsAgentInstalled_AINE.json

From: shayoniseth @.> Sent: Wednesday, January 18, 2023 2:38:48 AM To: Azure/azure-policy @.> Cc: guidovbrakel @.>; Mention @.> Subject: Re: [Azure/azure-policy] Azure Guest Configuration Policy Azure monitor agent (Issue #1082)

While the title says Azure Monitor agent, the issue description says MMA agent.

@guidovbrakelhttps://github.com/guidovbrakel Can you perhaps clarify which agent, and also post a link to the policy in question?

— Reply to this email directly, view it on GitHubhttps://github.com/Azure/azure-policy/issues/1082#issuecomment-1386341702, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AJIVX3GIDEYIGNKTSNFJ7RLWS5CSRANCNFSM6AAAAAATVHH4IU. You are receiving this because you were mentioned.Message ID: @.***>

shayoniseth commented 1 year ago

@guidovbrakel Can you please help me understand what exactly are you looking for? Do you need an Azure Policy to install the new Azure Monitor Agent?

Acenl12 commented 1 year ago

Im looking for a policy to install the azurw monitor agent and connect it to two log analytics workspaces.

From: shayoniseth @.> Sent: Monday, January 30, 2023 8:10:50 PM To: Azure/azure-policy @.> Cc: guidovbrakel @.>; Mention @.> Subject: Re: [Azure/azure-policy] Azure Guest Configuration Policy Azure monitor agent (Issue #1082)

@guidovbrakelhttps://github.com/guidovbrakel Can you please help me understand what exactly are you looking for? Do you need an Azure Policy to install the new Azure Monitor Agent?

— Reply to this email directly, view it on GitHubhttps://github.com/Azure/azure-policy/issues/1082#issuecomment-1409185620, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AJIVX3FGDRXCYWHOPEYXUKTWVAG3VANCNFSM6AAAAAATVHH4IU. You are receiving this because you were mentioned.Message ID: @.***>

p1johnson commented 1 year ago

The new Azure Monitor Agent uses Data Collection rules to define where to send data. You could create a Data Collection Rule to send data to two different Log Analytics workspaces. See this documentation for Data Collection Rules -

https://learn.microsoft.com/en-gb/azure/azure-monitor/agents/data-collection-rule-sample-agent

https://learn.microsoft.com/en-gb/azure/azure-monitor/agents/data-collection-rule-sample-agent

You could look at the following Azure Policy Initiative to Configure Windows machines to run Azure Monitor Agent and associate them to a Data Collection Rule -

https://github.com/Azure/azure-policy/blob/master/built-in-policies/policySetDefinitions/Monitoring/AzureMonitor_WindowsPlatform_EnableDCR.json

There are similar policy initiatives for Linux and Azure Arc onboarded servers.