Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure virtual machine named VM1 that runs Windows Server 2016.
You need to create an alert in Azure when more than two error events are logged to the System event log on VM1 within an hour.
Solution: You create an Azure Log Analytics workspace and configure the data settings. You add the Microsoft Monitoring Agent VM extension to VM1. You create an alert in Azure Monitor and specify the Log Analytics workspace as the source.
Does this meet the goal?
Click on the arrows to vote for the correct answer
A. B.B
Instead: You create an Azure Log Analytics workspace and configure the data settings. You install the Microsoft Monitoring Agent on VM1. You create an alert in
Azure Monitor and specify the Log Analytics workspace as the source.
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/agents-overviewYes, the solution meets the goal.
The solution uses Azure Log Analytics workspace and Azure Monitor to create an alert when more than two error events are logged to the System event log on VM1 within an hour. Here are the steps involved:
Create an Azure Log Analytics workspace: The first step is to create a Log Analytics workspace in Azure. This workspace will collect and store log data from VM1.
Configure data settings: After creating the Log Analytics workspace, you need to configure the data settings to collect the System event log data from VM1. This can be done using the Azure Log Analytics agent.
Add the Microsoft Monitoring Agent VM extension to VM1: You need to install the Microsoft Monitoring Agent VM extension on VM1 to collect the System event log data and send it to the Log Analytics workspace.
Create an alert in Azure Monitor: After collecting the System event log data in the Log Analytics workspace, you can create an alert in Azure Monitor. The alert can be configured to trigger when more than two error events are logged to the System event log on VM1 within an hour.
Specify the Log Analytics workspace as the source: When creating the alert in Azure Monitor, you need to specify the Log Analytics workspace as the source. This ensures that the alert is triggered based on the data collected in the workspace.
In summary, the solution uses Log Analytics workspace to collect and store log data from VM1, Azure Monitor to create an alert based on the collected data, and the Microsoft Monitoring Agent VM extension to collect the System event log data from VM1. The solution meets the goal of creating an alert when more than two error events are logged to the System event log on VM1 within an hour.