how-to-log-from-azure-virtual-machines

You have evaluated the many IaaS providers out there and you have decided on Azure Compute.  Great choice! Azure is an ideal provider with broad support for various operating systems, programming languages, frameworks, tools, databases and devices. Azure also has the unique ability to facilitate hybrid deployments between the cloud and your Windows data centers.

Table of contents


As you begin developing and deploying in Azure your need for effective logging has no doubt grown. A tool like Logentries can make capturing, searching, analyzing and alerting on this log data very simple. Logentries, like Azure, has broad support for operating systems, programming languages, and other common tools. If you decide to deploy Ubuntu virtual machines be sure to check out the open source Linux Agent. Or perhaps you have deployed docker containers or a Node.js app.

One of the most common stacks deployed in Azure is .Net applications running in Windows Sever virtual machines. In this stack you will want to capture logs from two layers: the Windows Sever OS and the .Net application.

Capturing logs from a Windows Server

The Windows Servers running in Azure Virtual Machines will be producing valuable data in the form of logs. Monitoring both the Windows Event Viewer and the logs created by IIS (Internet Information Services) will allow you to get insight into in the infrastructure of your application.

The Logentries Windows Agent takes only a couple minutes to install and can easily capture all of the pertinent data from your virtual machines. The Windows Agent can be downloaded from here.

After installation, the Windows Agent will automatically follow the Windows Event Viewer. You can follow your IIS logs by issuing an AgentService.exe follow command, like the one below:

AgentService.exe follow C:\inetpub\logs\LogFiles\W3SVC1\u_ex*.lo
g

This command will always follow the newest version of a file starting with u_ex in the folder for IIS site 1.

Add the IIS Server Monitoring Pack (IIS Log File Format) community pack to your free Logentries account to get dashboards, tags and alerts off of your IIS data.

Best Practice: Use NXLog to send JSON data

The Logentries Windows Agent effectively follows your Event Viewer and IIS logs out of the box. However, many DevOps professionals choose to send the data from these two sources as JSON for the added readability and ease of search.

Install and configure NXLog:

  1. Download NXLog from here.
  2. Once installed. Replace C:\Program Files (x86)\nxlog\conf\nxlog.conf with the contents of our pre-made config, here.
  3. Change lines 76 and 87 to reflect a proper place to output your JSON logs.
  4. Start the NXLog service.

Configure the Windows Agent to follow the JSON logs:

Once you have NXLog producing JSON data, execute the following two AgentService.exe follow commands. Be sure to replace the paths below with the ones you entered for line 76 and 87 in your nxlog.conf.

AgentService.exe follow c:\test\eventlog.txt
AgentService.exe follow c:\test\iis1.txt

Unfollow the non-JSON event viewer and IIS logs.

Add the IIS Web Server Monitoring Pack (JSON Log File Format) community pack to your account to leverage the new JSON data.


Logging from a .Net application

Now that you are successfully capturing the data from the Windows Sever OS let’s turn our attention to the .Net application in your stack.

Logentries has pre-built appenders for both NLog and Log4Net making it simple to capture the log data from your application.

This post will review setting up the Logentries Log4Net appender. Review the full documentation here, abbreviated steps below:

  1. Log into your Logentries account or Create a free Account.
  2. Create a new ‘Manual’ log and generate a new log token, by clicking the “+ Add New” button in the top left corner of the Logentries application, and then “Add a Log”. Keep your new token for step 4.
  3. Install the logentries.log4netNuget package plug library to your application.
  4. Add the appropriate <appender> block containing your token to your Log4Net configuration as detailed in the documentation.
  5. View your logs in Logentries.

Best Practice: Alert from Log4Net using Logentries

Configuring alerts to be sent from your .Net applications via Logentries is a great way to stay on top of issues with your application and service.

Logentries can analyze your Log4Net data and notify you of issues through many different integrations. Our Slack integration is very popular and so is good old fashioned email.

You may want to setup a simple Basic alert that notifies you every time your .Net app throws a FATAL error. For example:

From: Do You Still Email Yourself from Your Code? How to Stop the Madness

Conceivably, you may have more complicated requirements. In this case, the Logentries Anomaly Alerts and Inactivity Alerts can prove to be very dependable.

For more information about configuring alerts in Logentries check out the video below:

tags-alerts-cover-image (1)


TL;DR

Logging from Windows Servers running in Azure Virtual Machines is simple with Logentries. Use the Logentries Windows Agent to capture Event Viewer logs out of the box. Optionally, configure NXLog to send the Windows OS and IIS logs in JSON.

Logentries supports NLog and Log4Net.  It is as easy as installing and configuring the Logentries Log4Net appender package on NuGet. After you have Log4Net configured you can easily trigger alerts from Logentries.

You can get started now with a free Logentries account.