[SOLVED] Alert on failed links for inbound port for a specific process on a VM

Issue

This Content is from Stack Overflow. Question asked by shadowz1337

Let’s say I have an Azure VM and there’s a process called ABC.exe and it listens on port 34952. I want to monitor this port and perform some sort of health probe check for it. If it goes down, I want to be alerted.

I looked into using Log Analytics Workspace, as you can create an Alert rule for it. Something like this:

VMConnection
| where Direction == "inbound"
| where ProcessName == "ABC.exe"
| where DestinationPort in (34952)
| where LinksFailed > 0

The problem is, the “LinksFailed” metric is only available for Outbound connections, not Inbound. This is documented here – https://learn.microsoft.com/en-us/azure/azure-monitor/reference/tables/vmconnection

Otherwise, the above works well for identifying any failed links for specific ports and their processes.

Is there another option I can use? I’m trying not to implement any solutions at the VM guest level. Ideally, if this can be done at the PaaS level, that would be great.



Solution

• You do not have the option of probing the inbound port for a specific process in a VM with regards to ‘LinksFailed’ physical connection property in the ‘Connection Monitor’ workspace because it doesn’t support that feature. Therefore, to create a health probe check for the said port, i.e., 34952, you can use the ‘Network watcher’ extension in this regard.

For this purpose, you will need to enable the ‘Network Watcher’ extension for the Virtual Machine that you want to monitor the inbound port for. Then, go to the ‘Network Watcher’ utility in Azure portal and select the ‘Connection Monitor’ as shown below: –

Network Watcher

• Then click on ‘Create’ tab to create a connection monitor workspace by giving an appropriate name and selecting the same region as your VM. Then, in ‘Add sources’ section, select the appropriate Azure or Non-azure endpoint in your resource group or subscription and select the appropriate subnet to select a specific endpoint from where the resource tries to connect to the process ABC.exe on port 39452 in it as below: –

Once done, then in the ‘Add Test Configuration’ section, create a new configuration for testing the traffic on port 39452 by selecting it as ‘Destination port’. In this, select the protocol as ‘TCP’ and check the box for ‘Listen on port’. This will ensure that the network watcher will probe the incoming network traffic on port 39452 and generate an alert if the link check fails according to the threshold configured under ‘Success Threshold (Checks failed %)’, thus ensuring that you are alerted when the link for the process ‘ABC.exe’ is down or failed.

Please find the below snapshot for your reference: –

Add Sources in connection monitor
Add test configuration

Finally, select the destination endpoint as your VM for which you want to monitor the traffic on inbound port 39452 for ABC.exe process running on it. This will ensure that the link created for probing the connection link failure on this port is operational and you will receive alerts regarding its failure as expected.

Connection monitor test group


This Question was asked in StackOverflow by shadowz1337 and Answered by Kartik Bhiwapurkar It is licensed under the terms of CC BY-SA 2.5. - CC BY-SA 3.0. - CC BY-SA 4.0.

people found this article helpful. What about you?