Create Azure Virtual Machine Alert | Azure Monitor | Exam AZ-104

Create Azure Virtual Machine Alert

Prev Question Next Question

Question

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

You have an Azure virtual machine named VM1 that runs Windows Server 2016.

You need to create an alert in Azure when more than two error events are logged to the System event log on VM1 within an hour.

Solution: You create an event subscription on VM1. You create an alert in Azure Monitor and specify VM1 as the source

Does this meet the goal?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B.

B

Instead: You create an Azure Log Analytics workspace and configure the data settings. You install the Microsoft Monitoring Agent on VM1. You create an alert in

Azure Monitor and specify the Log Analytics workspace as the source.

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/agents-overview

The provided solution does not meet the stated goal.

Explanation:

The solution provided in the scenario is incorrect. The solution talks about creating an event subscription on the virtual machine and creating an alert in Azure Monitor, but it does not mention how to monitor the System event log on the virtual machine.

To meet the stated goal, the following steps should be performed:

  1. Install the Microsoft Monitoring Agent on VM1. This agent is used to collect data from Windows servers and other sources and send it to Azure Monitor.

  2. Configure Azure Monitor to collect data from VM1. This can be done by creating a new Data Collection Rule in Azure Monitor and selecting the System event log as the source. Configure the rule to collect events with a level of "Error".

  3. Create an alert in Azure Monitor. This alert can be based on the number of events collected by the data collection rule. Configure the alert to trigger when more than two error events are logged to the System event log on VM1 within an hour.

Therefore, the correct solution is:

  1. Install the Microsoft Monitoring Agent on VM1.
  2. Configure Azure Monitor to collect data from VM1.
  3. Create a Data Collection Rule in Azure Monitor to collect events from the System event log with a level of "Error".
  4. Create an alert in Azure Monitor that triggers when more than two error events are logged to the System event log on VM1 within an hour.

So, the correct answer is B. No.

Prev Question Next Question