Skip to content

Tutorials

Hands-on tutorials turn the platform and operations guidance in this repository into repeatable Azure Monitor exercises. Use these labs to build a Log Analytics workspace, write KQL, configure alerts, instrument applications, and publish operational views.

flowchart TD
    A[Monitoring tutorials] --> B[Foundation]
    A --> C[Detection]
    A --> D[Application telemetry]
    A --> E[Visualization]
    B --> B1[Lab 01\nLog Analytics workspace]
    B --> B2[Lab 02\nCustom KQL queries]
    C --> C1[Lab 03\nAzure Monitor alerts]
    D --> D1[Lab 04\nApplication Insights]
    E --> E1[Lab 05\nWorkbooks and dashboards]

What You Will Practice

  • Provision and configure core Azure Monitor resources with Azure CLI.
  • Route telemetry from Azure resources into a shared Log Analytics workspace.
  • Write KQL queries that can be reused for troubleshooting and alerting.
  • Build metric and log alerts with action groups and alert processing rules.
  • Instrument an application with Application Insights and validate telemetry flow.
  • Present monitoring data in workbooks and Azure dashboards.

Tutorial Sequence

Lab Focus Outcome
Lab 01: Log Analytics Workspace Setup Foundation Create a workspace, retention policy, and diagnostic connections
Lab 02: Custom KQL Queries Investigation Query data, build functions, and use parameters
Lab 03: Azure Monitor Alerts Detection Create metric alerts, log alerts, action groups, and noise controls
Lab 04: Application Insights Setup APM Enable app telemetry, custom events, and availability checks
Lab 05: Workbooks and Dashboards Visualization Build reusable workbooks and shared dashboards

Use a dedicated resource group so that all labs can share the same workspace and be deleted together when you finish.

export LOCATION="koreacentral"
export RG="rg-monitoring-labs"
export WORKSPACE_NAME="lawmonlabs001"
export APP_INSIGHTS_NAME="appimonlabs001"

az group create \
    --name "$RG" \
    --location "$LOCATION" \
    --output json

Expected outcome:

  • A clean sandbox resource group exists.
  • You can reuse the same variables across all five labs.
  • Cleanup is straightforward with a single resource group delete operation.

How to Use These Labs

  1. Start with Lab 01 unless you already have a test workspace.
  2. Reuse the same resource group and naming convention throughout the sequence.
  3. Copy commands exactly as shown; all commands use long flags only.
  4. Perform the validation section at the end of each lab before moving on.
  5. Complete cleanup if you do not need the environment for the next exercise.

Build confidence incrementally

The labs are designed to stack together. Lab 01 creates the shared workspace foundation, Lab 02 produces reusable KQL, Lab 03 turns those signals into alerts, Lab 04 adds application telemetry, and Lab 05 visualizes the final data set.

Lab Design Principles

  • Hands-on first: every guide uses Azure CLI and concrete validation steps.
  • Operational realism: the labs mirror real monitoring tasks used in production.
  • Source-backed: each guide includes Microsoft Learn references for deeper reading.
  • Portable output: examples use placeholders instead of real subscription identifiers.

See Also

Sources