Hello! We are a writer team from Definer Inc. In this issue, you are wondering how to create Azure Log Analytics with Terraform. Let's take a look at the actual screens and resources to explain in detail.

In this article, we will utilize the Azure Log Analytics technology for the purpose of log monitoring in Azure. It is a collection of information and practices that can be used as a reference when you are in IT and want to create Azure Log Analytics using Terraform to monitor your cloud infrastructure.

Azure Log Analytics is a managed service for log monitoring that allows you to collect and analyze Azure, AWS, and on-premises server logs. Logs can be collected on either Linux or Windows operating systems by simply installing an agent. The logs collected include Windows event logs and Linux Syslog, as well as custom logs that can be specified. With Azure Log Analytics, you can aggregate and store log data from different sources in a single location, making it easier to search, query, and correlate information across multiple systems. By leveraging Azure Log Analytics, you can perform various tasks such as troubleshooting application issues, monitoring system performance, detecting security threats, and gaining operational insights. Azure Log Analytics is also recently referred to as Azure Monitor Log. This is due to the event that separate monitoring and analysis services such as Azure Application Insights and Azure Log Analytics were merged into a single monitoring solution, Azure Monitor. Since Azure Log Analytics is still widely used in the official Azure documentation and Terraform, we will refer to it as Azure Log Analytics in this article.

We will immediately start building Azure Log Analytics with Terraform.   (1) Preparing the Terraform file We have prepared the Terraform file to create the Azure Log Analytics workspace as shown below.

# Set up the Azure provider configuration
provider "azurerm" {
  features {}                                      # Configure Azure provider with default features
  subscription_id = "${subscription_id}"           # Set the Azure subscription ID
  tenant_id       = "${tenant_id}"                 # Set the Azure tenant (directory) ID
  client_id       = "${client_id}"                 # Set the Azure service principal (client) ID
  client_secret   = "${client_secret}"             # Set the Azure service principal client secret
}

# Create an Azure Resource Group 
resource "azurerm_resource_group" "rg" {
  name     = "resource-group-test"                 # Define the name of the Azure resource group
  location = "${location}"                         # Set the Azure region for the resource group
}

# Create an Azure Log Analytics Workspace in the same location and associated with the previously created resource group.
resource "azurerm_log_analytics_workspace" "analytics_ws" {
  name                = "log-analytics-for-test"   # Define the name of the Log Analytics workspace
  location            = ${location}                # Set the Azure region for the workspace
  resource_group_name = azurerm_resource_group.rg.name  # Reference the name of the resource group
  sku                 = "PerGB2018"                # Set the SKU (pricing tier) for Log Analytics
  retention_in_days   = 30                         # Set the data retention period for logs
}                

First block, we must specify the Azure provider for Terraform and provides the authentication details for accessing the Azure subscription.

The "azurerm_resource_group" block defines an Azure resource group resource. The location parameter specifies the Azure region where the resource group will be created.

Then, creating Azure log analytis by defining the "azurerm_log_analytics_workspace" block. The resource_group_name parameter references the name attribute of the previously defined azurerm_resource_group resource. This establishes a dependency relationship between the Log Analytics workspace and the resource group. The sku parameter specifies the pricing tier for the workspace. The retention_in_days parameter sets the number of days to retain the log data in the workspace before it gets automatically deleted.

 

(2) Executing Terraform
After initializing with the "terraform init" command, confirm the resources to be created with the "terraform plan" command, and create the resources with the "terraform apply" command.

 

(3) Confirm creation / VM connection
After transitioning to Azure Log Analytics, a workspace named "log-analytics-for-test" is created.
From the workspace details, simply click "Virtual Machine" -> "Connect" to start log collection from a VM on Azure!

## Initializing Terraform
terraform init

## Running Terraform
terraform plan

## Checking the execution of Terraform
terraform apply                  

Troubleshooting the Azure Log Analytics Linux Agent ... Creating an Azure Log Analytics workspace using Terraform Tutorial: Troubleshooting using Azure Monitor ...

・PrismScaler is a web service that enables the construction of multi-cloud infrastructures such as AWS, Azure, and GCP in just three steps, without requiring development and operation. ・PrismScaler is a web service that enables multi-cloud infrastructure construction such as AWS, Azure, GCP, etc. in just 3 steps without development and operation. ・The solution is designed for a wide range of usage scenarios such as cloud infrastructure construction/cloud migration, cloud maintenance and operation, and cost optimization, and can easily realize more than several hundred high-quality general-purpose cloud infrastructures by appropriately combining IaaS and PaaS.  

This article provides useful introductory information free of charge. For consultation and inquiries, please contact "Definer Inc".

・Definer Inc. provides one-stop solutions from upstream to downstream of IT. ・We are committed to providing integrated support for advanced IT technologies such as AI and cloud IT infrastructure, from consulting to requirement definition/design development/implementation, and maintenance and operation. ・We are committed to providing integrated support for advanced IT technologies such as AI and cloud IT infrastructure, from consulting to requirement definition, design development, implementation, maintenance, and operation. ・PrismScaler is a high-quality, rapid, "auto-configuration," "auto-monitoring," "problem detection," and "configuration visualization" for multi-cloud/IT infrastructure such as AWS, Azure, and GCP.