Azure Storage Analytics is a tool for logging and providing metrics data for a storage account in Azure. You can collect metrics about all your storage services as well as logs for blobs, queues, and tables.
Those functionalities enable you to trace requests, analyze usage trends and investigate issues associated with your storage accounts.
How Azure Storage Analytics Works
You need to enable Azure Storage Analytics individually in the Azure portal for any service you plan to monitor.
Alternatively, you can programmatically enable Storage Analytics by using the REST API or the client library. In order to enable it for a service, you should use the Set Blob Service Properties, Set Queue Service Properties, Set Table Service Properties and Set File Service Properties functions.
The tool aggregates and stores data is stored in a well-known blob (for logging data) and in well-known tables (for metrics data). Then, you can access the aggregated data in the Blob service and Table service APIs.
You can have a unified view of all your storage services performance by setting the type of metrics to track for each service and by defining the data retention policy in Storage Analytics (See below chart).
Setting Storage Service Metrics and Data Retention Policy
Source: Microsoft
You can disable the monitoring service at any time and select the data to be retained for a period ranging between 1 and 365 days. You can also set the data retention value to zero, which means there is no active policy in place and then you can delete the monitoring data at your discretion.
Visualizing Metrics Data in Storage Analytics
The analytics tool displays a set of metrics data by the default but you can select which specific charts to show on your dashboard. Available metrics depend on the service you have selected and the measuring unit type of the chart you are currently editing.
Below is a sample chart showing specific metrics for a storage service:
Source: Microsoft
The charting functionality enables you to select a specific period to show and edit the chart by clicking anywhere in the metrics data chart.
Logging in Azure Storage Analytics
Logging is disabled by default in Storage Analytics and you need to enable logging in the Azure portal or by using the REST API or the client library.
The tool creates log entries only if there are requests made against the service endpoint. For instance, the system will create logs only for the Blob service if your storage account has activity in its Blob endpoint but no activity in its Table or Queue endpoints.
In any case, Storage Analytics logs detailed information concerning both successful and failed requests to a storage service on a best-effort basis.
What Requests Storage Analytics Is Logging
Azure Storage Analytics logs the following types of authenticated and anonymous requests to a service.
Authenticated requests:
- Successful requests
- Failed requests, which include timeout, throttling, network, authorization, and other errors
- Requests using a Shared Access Signature (SAS) or OAuth, for both failed and successful requests
- Requests to analytics data
Anonymous requests
- Successful requests
- Server errors
- Timeout errors on the client and the server side alike
- Failed GET requests with error code 304 (Not Modified)
You should download to a local machine the blobs containing the log data you want to analyze.
How Much Azure Storage Analytics Costs
You are to be billed for each write operation by Storage Analytics as well as for the data storage space in use by metrics data.
The service bills you for the following Storage Analytics actions:
- Requests to create blobs for logging.
- Requests to create table entities for metrics.
Delete operations for old logging and metrics data performed by a client are also billable.
Conclusion
Azure Storage Analytics provides you with a unified view of how your storage services are performing. It also enables you to set up alerts to get automated notifications about changes in the behavior of your storage services.
A Storage Explorer tool enables you to download the aggregated data and analyze it further in Microsoft Excel or another application to which you can export metrics data in a delimited format.
Interested in Microsoft Azure Sentinel?
Datashield has helped countless clients implement Microsoft Azure Sentinel.