{"id":1341,"date":"2025-04-17T14:24:27","date_gmt":"2025-04-17T14:24:27","guid":{"rendered":"https:\/\/blog.gustavomagella.com\/?p=1341"},"modified":"2025-06-04T11:30:09","modified_gmt":"2025-06-04T11:30:09","slug":"007-beyond-the-cloud-spin-off-cloud-security-c05-09-monitoring-health-in-azure","status":"publish","type":"post","link":"https:\/\/blog.gustavomagella.com\/index.php\/2025\/04\/17\/007-beyond-the-cloud-spin-off-cloud-security-c05-09-monitoring-health-in-azure\/","title":{"rendered":"#007 | Beyond the Cloud \u2013 Spin-Off | Cloud Security | C05-09 \u2013 Monitoring &amp; Health in Azure"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">[en-gb] \u26a0\ufe0f Important Disclaimer!<\/h2>\n\n\n\n<p>1\ufe0f\u20e3 Some time ago, I recorded a course on cloud security in Microsoft environments for a Brazilian university called IGTI. This course was part of a Cloud Computing bootcamp and helped many students who were just starting their careers in the field. (After the institution shut down, the content became unavailable.)<\/p>\n\n\n\n<p>\ud83c\udfaf So, I decided to remaster, sanitize, and re-release this content for free on YouTube, with the goal of continuing to support those who are beginning their journey in Cloud and Cloud Security.<\/p>\n\n\n\n<p>2\ufe0f\u20e3 The original course is in Portuguese (pt-BR), but throughout the series I&#8217;ll also publish articles in English (en-US) so the content can reach more people \u2014 at least until the new courses in English are recorded and ready.<\/p>\n\n\n\n<p>3\ufe0f\u20e3 Important: this series is not certification prep and not a silver bullet. The goal here is to share structured knowledge, with a hands-on, accessible approach focused on:<\/p>\n\n\n\n<p>Cloud beginners, Security enthusiasts, and Anyone looking to better understand how Azure actually handles security.<\/p>\n\n\n\n<p>4\ufe0f\u20e3 Microsoft has rebranded some of its products \u2014 for example, Azure Security Center is now Defender for Cloud, and Azure Active Directory is now Entra ID. Some lessons may still refer to the old names, but don&#8217;t worry \u2014 the core concepts, technical foundations, and functionalities remain the same. Focus on the architecture and principles being taught.<\/p>\n\n\n\n<p>Hope you enjoy it! Big hug!<\/p>\n\n\n\n<p>Gustavo Magella<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h5 class=\"wp-block-heading\">\ud83c\udfac Watch Episode #05 of 09 Now \ud83d\udd17 <a href=\"https:\/\/youtu.be\/ksKgsScsDss\">Click here<\/a> to watch on YouTube (And yes, hit that subscribe button. I&#8217;m watching&#8230; \ud83d\udc40)<\/h5>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">[en-us] Beyond The Cloud \u2013 Spin-Off | Chapter 05: Monitoring &amp; Health in Azure<\/h2>\n\n\n\n<p>Hey, what&#8217;s up folks!?<\/p>\n\n\n\n<p>Welcome to Chapter 05 of the Beyond The Cloud \u2013 Spin-Off series. Today we&#8217;re diving into one of the most underappreciated aspects of cloud security: Monitoring &amp; Health in Azure.<\/p>\n\n\n\n<p>Because let&#8217;s be honest \u2014 if you&#8217;re not watching your environment, who is? (Spoiler: probably hackers)<\/p>\n\n\n\n<p>Let&#8217;s break down three critical services that will keep your cloud from becoming a dumpster fire:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Azure Advisor<\/li>\n\n\n\n<li>Azure Service Health<\/li>\n\n\n\n<li>Azure Monitor<\/li>\n<\/ul>\n\n\n\n<p>No fluff, no certification prep \u2014 just battle-tested monitoring strategies from the trenches.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udd2e Azure Advisor: Your Virtual Cloud Consultant (That You Actually Listen To)<\/h3>\n\n\n\n<p>Think of Azure Advisor as that smart friend who actually knows what they&#8217;re talking about. It analyzes your environment and gives you personalized recommendations based on:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cost optimization (because money doesn&#8217;t grow on Azure credits)<\/li>\n\n\n\n<li>Security practices (because &#8220;it works&#8221; \u2260 &#8220;it&#8217;s secure&#8221;)<\/li>\n\n\n\n<li>Reliability (because downtime costs more than prevention)<\/li>\n\n\n\n<li>Operational excellence (because nobody likes firefighting at 3 AM)<\/li>\n\n\n\n<li>Performance (because slow is the new down)<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"573\" src=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151423-1024x573.png\" loading=\"lazy\" alt=\"\" class=\"wp-image-1345\" srcset=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151423-1024x573.png 1024w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151423-300x168.png 300w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151423-768x429.png 768w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151423.png 1277w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Unlike generic best practices, Advisor reads your actual telemetry data and usage patterns, then suggests specific improvements. It&#8217;s like having a consultant who actually bothered to read your documentation before giving advice.<\/p>\n\n\n\n<p>Some real gems from Advisor include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>&#8220;Hey, these two VMs look suspiciously similar but aren&#8217;t in an Availability Set \u2014 do you hate uptime?&#8221;<\/li>\n\n\n\n<li>&#8220;Your SQL instances have more horsepower than NASA but the query load of a toddler&#8217;s calculator&#8221;<\/li>\n\n\n\n<li>&#8220;That security baseline score is so low it&#8217;s practically subterranean&#8221;<\/li>\n<\/ul>\n\n\n\n<p>And the best part? It even has an Advisor Score that gamifies your cloud health. Nothing motivates IT pros like turning infrastructure into a high score competition.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\ude91 Azure Service Health: The ER Doctor For Your Cloud<\/h3>\n\n\n\n<p>&#8220;But Gustavo, what if Microsoft&#8217;s infrastructure has issues? How will I know if it&#8217;s them, not me?&#8221;<\/p>\n\n\n\n<p>Enter Azure Service Health \u2014 your direct line to what&#8217;s happening in Microsoft&#8217;s data centers. It&#8217;s split into three key components:<\/p>\n\n\n\n<p><strong>1. Azure Status:<\/strong> The global view of all Azure services. When something big breaks, you&#8217;ll see it here first. Remember that DevOps outage in early 2021? Azure Status was your canary in the coal mine.<\/p>\n\n\n\n<p><strong>2. Service Health:<\/strong> Your personalized health dashboard showing only issues affecting YOUR services and regions. Filter the noise, see what matters.<\/p>\n\n\n\n<p><strong>3. Resource Health:<\/strong> Drills down to individual resource health. Is that specific VM having troubles? Is your SQL instance gasping for breath? Resource Health tells you.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"572\" src=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151440-1024x572.png\" loading=\"lazy\" alt=\"\" class=\"wp-image-1346\" srcset=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151440-1024x572.png 1024w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151440-300x168.png 300w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151440-768x429.png 768w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151440.png 1285w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>The real magic? Proactive notifications. I&#8217;ve literally received alerts about impending disk issues, migrated VMs to different hosts, and dodged outages entirely. Talk about dodging bullets in the Matrix.<\/p>\n\n\n\n<p>Oh, and you can set up alerts for any health changes so you don&#8217;t have to stare at dashboards all day like some digital watchman from Game of Thrones.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udcca Azure Monitor: Because &#8220;I Think It&#8217;s Working&#8221; Isn&#8217;t a Monitoring Strategy<\/h3>\n\n\n\n<p>Azure Monitor is the central nervous system of your cloud environment. Without it, you&#8217;re essentially flying blind with earplugs in. And let me tell you \u2014 that&#8217;s not the recommended way to operate mission-critical infrastructure.<\/p>\n\n\n\n<p>What makes Azure Monitor so powerful?<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Centralized visibility:<\/strong> One pane of glass for all monitoring (Azure, on-prem, even other clouds)<\/li>\n\n\n\n<li><strong>Metrics collection:<\/strong> CPU, memory, network, custom metrics \u2014 you name it<\/li>\n\n\n\n<li><strong>Log Analytics:<\/strong> Query-based insights across your entire environment<\/li>\n\n\n\n<li><strong>Alerting engine:<\/strong> Set thresholds and get notified before things explode<\/li>\n\n\n\n<li><strong>Automation hooks:<\/strong> Don&#8217;t just detect issues \u2014 fix them automatically<\/li>\n\n\n\n<li><strong>Application Insights:<\/strong> Deep visibility into your apps&#8217; performance and user experience<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"575\" src=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151455-1024x575.png\" loading=\"lazy\" alt=\"\" class=\"wp-image-1347\" srcset=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151455-1024x575.png 1024w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151455-300x168.png 300w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151455-768x431.png 768w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151455.png 1281w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>The real value comes when you connect Log Analytics workspaces to Azure Monitor. Think of Log Analytics as the brain that stores and processes all that juicy telemetry data.<\/p>\n\n\n\n<p>With everything connected, you can:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Create custom dashboards for different teams (let the network folks see network stuff, DB folks see database metrics)<\/li>\n\n\n\n<li>Set up granular alerts (CPU > 70% for more than 5 minutes? Page the on-call engineer)<\/li>\n\n\n\n<li>Track long-term trends for capacity planning (&#8220;We need more resources in Q4 based on current growth&#8221;)<\/li>\n\n\n\n<li>Justify cloud spend to finance (&#8220;This is why it costs what it costs, Sharon&#8221;)<\/li>\n<\/ul>\n\n\n\n<p>Pro tip: Pin your most important metrics to custom dashboards, use action groups for alerts, and don&#8217;t skimp on retention periods. Future you will thank present you when investigating that weird issue that happens &#8220;sometimes.&#8221;<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83e\ude96 Practical Checklist:<\/h3>\n\n\n\n<p><strong>Azure Advisor:<\/strong> <br>\u2705 Review recommendations weekly (or set a calendar reminder if you&#8217;re forgetful \u2014 which you are);<br>\u2705 Act on high-impact security recommendations immediately (or explain to your boss why you didn&#8217;t);<br>\u2705 Track your Advisor Score over time (gamification works \u2014 don&#8217;t pretend it doesn&#8217;t);<br>\u2705 Create remediation tasks from suggestions (a recommendation without action is just digital noise);<\/p>\n\n\n\n<p><strong>Service Health:<\/strong> <br>\u2705 Configure alerts for ALL critical services (what you don&#8217;t know WILL hurt you);<br>\u2705 Create action plans for different alert types (planned maintenance \u2260 unexpected outage);<br>\u2705 Test your contingency plans BEFORE you need them (hope is not a strategy);<br>\u2705 Keep Service Health bookmarked (first tab you open during incidents);<\/p>\n\n\n\n<p><strong>Azure Monitor:<\/strong> <br>\u2705 Connect ALL resources to Log Analytics (partial visibility = partial understanding);<br>\u2705 Set up basic CPU, memory, and disk alerts (the holy trinity of &#8220;oh crap&#8221; metrics);<br>\u2705 Configure custom dashboards by team\/function (because network folks don&#8217;t care about SQL locks);<br>\u2705 Set up email, SMS, and webhook alerts (redundancy in notifications is good, actually);<br>\u2705 Test alerts before relying on them (an alert that doesn&#8217;t alert is just wishful thinking);<br>\u2705 Implement action groups for escalation (because sleeping engineers can&#8217;t fix problems);<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udcca My Tech Two Cents:<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Azure Advisor is the friend who tells you when your fly is down before the big meeting.<\/li>\n\n\n\n<li>Service Health is your weatherman for the Microsoft cloud. Ignore the forecast at your own peril.<\/li>\n\n\n\n<li>Azure Monitor is like having security cameras, motion sensors, and alarm systems for your cloud. Without it, you&#8217;re just hoping nobody breaks in.<\/li>\n\n\n\n<li>The cost of good monitoring? A few dollars a month. The cost of poor monitoring? Your job.<\/li>\n\n\n\n<li>No monitoring strategy = &#8220;I&#8217;ll just wait for users to complain.&#8221; And by then, it&#8217;s already too late.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>\ud83d\udcc5 Coming Up Next&#8230;<\/p>\n\n\n\n<p>Chapter 06: Cloud Governance in Azure<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Management Groups<\/li>\n\n\n\n<li>Azure Tags<\/li>\n\n\n\n<li>Resource Locks<\/li>\n\n\n\n<li>Azure Policy<\/li>\n\n\n\n<li>Azure Blueprint<\/li>\n<\/ul>\n\n\n\n<p>Because structure and rules aren&#8217;t just for kids \u2013 they&#8217;re for your chaotic cloud too.<\/p>\n\n\n\n<p>Stay vigilant, stay proactive, and see you soon! \ud83c\udf39\ufe0f\u2764\ufe0f<\/p>\n\n\n\n<p>Gustavo Magella<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h1 class=\"wp-block-heading\">[pt-br] \u26a0\ufe0f Um aviso importante!<\/h1>\n\n\n\n<p>1\ufe0f\u20e3 H\u00e1 um tempo, eu gravei um curso de seguran\u00e7a em nuvem focado em ambientes Microsoft para uma universidade brasileira chamada IGTI. Esse curso fazia parte de um bootcamp de Cloud Computing e, na \u00e9poca, ajudou muitos alunos que estavam come\u00e7ando suas jornadas na \u00e1rea. (Com o fechamento da institui\u00e7\u00e3o, o conte\u00fado acabou ficando indispon\u00edvel.)<\/p>\n\n\n\n<p>\ud83c\udfaf Sendo assim, resolvi remasterizar, sanitizar e re-lan\u00e7ar esse conte\u00fado gratuitamente no YouTube, com o objetivo de continuar ajudando quem est\u00e1 come\u00e7ando na \u00e1rea de Cloud e Cloud Security.<\/p>\n\n\n\n<p>2\ufe0f\u20e3 O curso original est\u00e1 em portugu\u00eas (pt-BR), mas ao longo da s\u00e9rie vou publicar tamb\u00e9m artigos em ingl\u00eas (en-US), para que o conte\u00fado possa alcan\u00e7ar mais pessoas at\u00e9 que os novos cursos em ingl\u00eas estejam gravados e dispon\u00edveis.<\/p>\n\n\n\n<p>3\ufe0f\u20e3 Importante: essa s\u00e9rie n\u00e3o \u00e9 preparat\u00f3ria para certifica\u00e7\u00f5es e n\u00e3o \u00e9 uma bala de prata. A proposta aqui \u00e9 compartilhar conhecimento de forma estruturada, com uma pegada pr\u00e1tica e acess\u00edvel, voltada para:<\/p>\n\n\n\n<p>Iniciantes em Cloud, Entusiastas de seguran\u00e7a, e quem busca entender melhor como o Azure trata seguran\u00e7a de verdade.<\/p>\n\n\n\n<p>4\ufe0f\u20e3 A Microsoft renomeou alguns de seus produtos \u2014 por exemplo, o Azure Security Center agora se chama Defender for Cloud, e o Azure Active Directory virou Entra ID. Em algumas aulas, os nomes antigos ainda aparecem, mas foquem nos conceitos e fundamentos t\u00e9cnicos, que continuam v\u00e1lidos e extremamente relevantes.<\/p>\n\n\n\n<p>Espero que voc\u00eas gostem! Um forte Abra\u00e7o!<\/p>\n\n\n\n<p>Gustavo Magella<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h5 class=\"wp-block-heading\">\ud83c\udfac Assista o Cap\u00edtulo 05 \ud83d\udd17<a href=\"https:\/\/youtu.be\/ksKgsScsDss\"> Assista agora no YouTube<\/a> (E se inscreve no canal, sen\u00e3o vou saber que voc\u00ea pulou essa parte&#8230; rs)<\/h5>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">[pt-br] Beyond The Cloud \u2013 Spin-Off | Cap\u00edtulo 05: Monitoramento e Sa\u00fade no Azure<\/h2>\n\n\n\n<p>E a\u00ed seus trem bonitows!?<\/p>\n\n\n\n<p>Chegamos ao Cap\u00edtulo 05 da s\u00e9rie Beyond The Cloud \u2013 Spin-Off. Hoje vamos falar de uma parte da seguran\u00e7a em cloud que muita gente subestima: Monitoramento e Sa\u00fade no Azure.<\/p>\n\n\n\n<p>Porque convenhamos \u2014 se voc\u00ea n\u00e3o est\u00e1 de olho no seu ambiente, quem est\u00e1? (Spoiler: provavelmente hackers)<\/p>\n\n\n\n<p>Vamos destrinchar tr\u00eas servi\u00e7os cr\u00edticos que v\u00e3o impedir sua nuvem de virar uma fogueira descontrolada:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Azure Advisor<\/li>\n\n\n\n<li>Azure Service Health<\/li>\n\n\n\n<li>Azure Monitor<\/li>\n<\/ul>\n\n\n\n<p>Sem enrola\u00e7\u00e3o, sem papo de certifica\u00e7\u00e3o \u2014 apenas estrat\u00e9gias de monitoramento testadas na batalha di\u00e1ria.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udd2e Azure Advisor: Seu Consultor Virtual (Que Voc\u00ea Realmente Escuta)<\/h3>\n\n\n\n<p>Pense no Azure Advisor como aquele amigo inteligente que realmente sabe do que est\u00e1 falando. Ele analisa seu ambiente e te d\u00e1 recomenda\u00e7\u00f5es personalizadas baseadas em:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Otimiza\u00e7\u00e3o de custos (porque dinheiro n\u00e3o cresce em cr\u00e9ditos Azure)<\/li>\n\n\n\n<li>Pr\u00e1ticas de seguran\u00e7a (porque &#8220;funciona&#8221; \u2260 &#8220;\u00e9 seguro&#8221;)<\/li>\n\n\n\n<li>Confiabilidade (porque downtime custa mais que preven\u00e7\u00e3o)<\/li>\n\n\n\n<li>Excel\u00eancia operacional (porque ningu\u00e9m gosta de apagar inc\u00eandio \u00e0s 3 da manh\u00e3)<\/li>\n\n\n\n<li>Performance (porque lento \u00e9 o novo fora do ar)<\/li>\n<\/ul>\n\n\n\n<p>Diferente de pr\u00e1ticas gen\u00e9ricas, o Advisor l\u00ea seus dados reais de telemetria e padr\u00f5es de uso, e ent\u00e3o sugere melhorias espec\u00edficas. \u00c9 como ter um consultor que realmente se deu ao trabalho de ler sua documenta\u00e7\u00e3o antes de dar conselhos.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"573\" src=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151140-1024x573.png\" loading=\"lazy\" alt=\"\" class=\"wp-image-1348\" srcset=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151140-1024x573.png 1024w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151140-300x168.png 300w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151140-768x430.png 768w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151140.png 1276w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Algumas p\u00e9rolas do Advisor incluem:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>&#8220;Ei, essas duas VMs parecem suspeitamente similares mas n\u00e3o est\u00e3o em um Conjunto de Disponibilidade \u2014 voc\u00ea odeia uptime?&#8221;<\/li>\n\n\n\n<li>&#8220;Suas inst\u00e2ncias SQL t\u00eam mais cavalos de pot\u00eancia que a NASA, mas a carga de consulta de uma calculadora de crian\u00e7a&#8221;<\/li>\n\n\n\n<li>&#8220;Esse score de seguran\u00e7a est\u00e1 t\u00e3o baixo que \u00e9 praticamente subterr\u00e2neo&#8221;<\/li>\n<\/ul>\n\n\n\n<p>E a melhor parte? Ele at\u00e9 tem um Advisor Score que gamifica a sa\u00fade da sua nuvem. Nada motiva profissionais de TI como transformar infraestrutura em uma competi\u00e7\u00e3o de pontua\u00e7\u00e3o.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\ude91 Azure Service Health: O M\u00e9dico de Plant\u00e3o Para Sua Nuvem<\/h3>\n\n\n\n<p>&#8220;Mas Gustavo, e se a infraestrutura da Microsoft tiver problemas? Como vou saber se \u00e9 culpa deles, n\u00e3o minha?&#8221;<\/p>\n\n\n\n<p>Entre o Azure Service Health \u2014 sua linha direta para o que est\u00e1 acontecendo nos data centers da Microsoft. Ele \u00e9 dividido em tr\u00eas componentes principais:<\/p>\n\n\n\n<p><strong>1. Azure Status:<\/strong> A vis\u00e3o global de todos os servi\u00e7os Azure. Quando algo grande quebra, voc\u00ea ver\u00e1 aqui primeiro. Lembra daquela queda do DevOps no in\u00edcio de 2021? O Azure Status foi seu can\u00e1rio na mina de carv\u00e3o.<\/p>\n\n\n\n<p><strong>2. Service Health:<\/strong> Seu dashboard de sa\u00fade personalizado mostrando apenas problemas que afetam SEUS servi\u00e7os e regi\u00f5es. Filtre o ru\u00eddo, veja o que importa.<\/p>\n\n\n\n<p><strong>3. Resource Health:<\/strong> Detalha at\u00e9 a sa\u00fade de recursos individuais. Aquela VM espec\u00edfica est\u00e1 com problemas? Sua inst\u00e2ncia SQL est\u00e1 sufocando? O Resource Health te conta.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"574\" src=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151151-1024x574.png\" loading=\"lazy\" alt=\"\" class=\"wp-image-1349\" srcset=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151151-1024x574.png 1024w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151151-300x168.png 300w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151151-768x430.png 768w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151151.png 1281w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>A m\u00e1gica real? Notifica\u00e7\u00f5es proativas. Eu literalmente j\u00e1 recebi alertas sobre problemas iminentes de disco, migrei VMs para hosts diferentes, e desviei completamente de quedas. \u00c9 como esquivar de balas no Matrix.<\/p>\n\n\n\n<p>Ah, e voc\u00ea pode configurar alertas para quaisquer mudan\u00e7as de sa\u00fade, assim n\u00e3o precisa ficar encarando dashboards o dia todo como algum vigia digital de Game of Thrones.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udcca Azure Monitor: Porque &#8220;Acho Que Est\u00e1 Funcionando&#8221; N\u00e3o \u00c9 Uma Estrat\u00e9gia de Monitoramento<\/h3>\n\n\n\n<p>O Azure Monitor \u00e9 o sistema nervoso central do seu ambiente na nuvem. Sem ele, voc\u00ea est\u00e1 essencialmente voando \u00e0s cegas com tamp\u00f5es de ouvido. E deixa eu te contar \u2014 essa n\u00e3o \u00e9 a maneira recomendada de operar infraestrutura cr\u00edtica.<\/p>\n\n\n\n<p>O que torna o Azure Monitor t\u00e3o poderoso?<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Visibilidade centralizada:<\/strong> Um \u00fanico painel para todo monitoramento (Azure, on-prem, at\u00e9 outras nuvens)<\/li>\n\n\n\n<li><strong>Coleta de m\u00e9tricas:<\/strong> CPU, mem\u00f3ria, rede, m\u00e9tricas personalizadas \u2014 voc\u00ea escolhe<\/li>\n\n\n\n<li><strong>Log Analytics:<\/strong> Insights baseados em consultas em todo seu ambiente<\/li>\n\n\n\n<li><strong>Motor de alertas:<\/strong> Defina limites e seja notificado antes que as coisas explodam<\/li>\n\n\n\n<li><strong>Ganchos de automa\u00e7\u00e3o:<\/strong> N\u00e3o apenas detecte problemas \u2014 corrija-os automaticamente<\/li>\n\n\n\n<li><strong>Application Insights:<\/strong> Visibilidade profunda no desempenho de suas aplica\u00e7\u00f5es e experi\u00eancia do usu\u00e1rio<\/li>\n<\/ul>\n\n\n\n<p>O valor real vem quando voc\u00ea conecta workspaces do Log Analytics ao Azure Monitor. Pense no Log Analytics como o c\u00e9rebro que armazena e processa todos esses suculentos dados de telemetria.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"574\" src=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151205-1024x574.png\" loading=\"lazy\" alt=\"\" class=\"wp-image-1350\" srcset=\"https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151205-1024x574.png 1024w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151205-300x168.png 300w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151205-768x430.png 768w, https:\/\/blog.gustavomagella.com\/wp-content\/uploads\/2025\/04\/Screenshot-2025-04-17-151205.png 1278w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Com tudo conectado, voc\u00ea pode:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Criar dashboards personalizados para diferentes times (deixe o pessoal de rede ver coisas de rede, o pessoal de banco ver m\u00e9tricas de banco)<\/li>\n\n\n\n<li>Configurar alertas granulares (CPU > 70% por mais de 5 minutos? Chame o engenheiro de plant\u00e3o)<\/li>\n\n\n\n<li>Acompanhar tend\u00eancias de longo prazo para planejamento de capacidade (&#8220;Precisamos de mais recursos no Q4 baseado no crescimento atual&#8221;)<\/li>\n\n\n\n<li>Justificar gastos na nuvem para o financeiro (&#8220;\u00c9 por isso que custa o que custa, Sharon&#8221;)<\/li>\n<\/ul>\n\n\n\n<p>Dica profissional: Fixe suas m\u00e9tricas mais importantes em dashboards personalizados, use grupos de a\u00e7\u00e3o para alertas, e n\u00e3o economize em per\u00edodos de reten\u00e7\u00e3o. O voc\u00ea do futuro agradecer\u00e1 ao voc\u00ea do presente quando investigar aquele problema estranho que acontece &#8220;\u00e0s vezes.&#8221;<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83e\ude96 Checklist R\u00e1pido<\/h3>\n\n\n\n<p><strong>Azure Advisor:<\/strong><br>\u2705 Revise as recomenda\u00e7\u00f5es semanalmente (ou configure um lembrete no calend\u00e1rio se voc\u00ea for esquecido \u2014 e voc\u00ea \u00e9);<br>\u2705 Implemente recomenda\u00e7\u00f5es de seguran\u00e7a de alto impacto imediatamente (ou explique pro seu chefe por que n\u00e3o o fez);<br>\u2705 Acompanhe seu Advisor Score ao longo do tempo (gamifica\u00e7\u00e3o funciona \u2014 n\u00e3o finja que n\u00e3o);<br>\u2705 Crie tarefas de remedia\u00e7\u00e3o a partir das sugest\u00f5es (uma recomenda\u00e7\u00e3o sem a\u00e7\u00e3o \u00e9 apenas ru\u00eddo digital);<\/p>\n\n\n\n<p><strong>Service Health:<\/strong><br>\u2705 Configure alertas para TODOS os servi\u00e7os cr\u00edticos (o que voc\u00ea n\u00e3o sabe VAI te machucar);<br>\u2705 Crie planos de a\u00e7\u00e3o para diferentes tipos de alerta (manuten\u00e7\u00e3o planejada \u2260 queda inesperada);<br>\u2705 Teste seus planos de conting\u00eancia ANTES de precisar deles (esperan\u00e7a n\u00e3o \u00e9 estrat\u00e9gia);<br>\u2705 Mantenha o Service Health nos favoritos (primeira aba que voc\u00ea abre durante incidentes);<\/p>\n\n\n\n<p><strong>Azure Monitor:<\/strong><br>\u2705 Conecte TODOS os recursos ao Log Analytics (visibilidade parcial = compreens\u00e3o parcial);<br>\u2705 Configure alertas b\u00e1sicos de CPU, mem\u00f3ria e disco (a sant\u00edssima trindade das m\u00e9tricas de &#8220;ferrou&#8221;);<br>\u2705 Configure dashboards personalizados por time\/fun\u00e7\u00e3o (porque o pessoal de rede n\u00e3o se importa com locks de SQL);<br>\u2705 Configure alertas por email, SMS e webhook (redund\u00e2ncia em notifica\u00e7\u00f5es \u00e9 bom, acredite);<br>\u2705 Teste alertas antes de confiar neles (um alerta que n\u00e3o alerta \u00e9 apenas pensamento positivo);<br>\u2705 Implemente grupos de a\u00e7\u00e3o para escala\u00e7\u00e3o (porque engenheiros dormindo n\u00e3o consertam problemas);<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udcca My Tech Two Cents<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Azure Advisor \u00e9 o amigo que te avisa quando sua braguilha est\u00e1 aberta antes da grande reuni\u00e3o.<\/li>\n\n\n\n<li>Service Health \u00e9 seu meteorologista para a nuvem Microsoft. Ignore a previs\u00e3o por sua pr\u00f3pria conta e risco.<\/li>\n\n\n\n<li>Azure Monitor \u00e9 como ter c\u00e2meras de seguran\u00e7a, sensores de movimento e sistemas de alarme para sua nuvem. Sem ele, voc\u00ea est\u00e1 apenas esperando que ningu\u00e9m invada.<\/li>\n\n\n\n<li>O custo de um bom monitoramento? Alguns d\u00f3lares por m\u00eas. O custo de um monitoramento ruim? Seu emprego.<\/li>\n\n\n\n<li>Nenhuma estrat\u00e9gia de monitoramento = &#8220;Vou apenas esperar os usu\u00e1rios reclamarem.&#8221; E a\u00ed, j\u00e1 \u00e9 tarde demais.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>\ud83d\udcc5 Pr\u00f3ximos Cap\u00edtulos&#8230;<\/p>\n\n\n\n<p>Cap\u00edtulo 06: Governan\u00e7a de Nuvem no Azure<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Management Groups<\/li>\n\n\n\n<li>Azure Tags<\/li>\n\n\n\n<li>Resource Locks<\/li>\n\n\n\n<li>Azure Policy<\/li>\n\n\n\n<li>Azure Blueprint<\/li>\n<\/ul>\n\n\n\n<p>Porque estrutura e regras n\u00e3o s\u00e3o s\u00f3 para crian\u00e7as \u2013 s\u00e3o para sua nuvem ca\u00f3tica tamb\u00e9m.<\/p>\n\n\n\n<p>Mantenha-se vigilante, seja proativo e at\u00e9 breve! \ud83c\udf39\ufe0f\u2764\ufe0f<\/p>\n\n\n\n<p>Gustavo Magella<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[en-gb] \u26a0\ufe0f Important Disclaimer! 1\ufe0f\u20e3 Some time ago, I recorded a course on cloud security in Microsoft environments for a Brazilian university called IGTI. This&#8230;<\/p>\n","protected":false},"author":2,"featured_media":1352,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19],"tags":[24,23],"class_list":["post-1341","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-01-my-tech-two-cents","tag-en-gb","tag-pt-br"],"menu_order":0,"_links":{"self":[{"href":"https:\/\/blog.gustavomagella.com\/index.php\/wp-json\/wp\/v2\/posts\/1341","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.gustavomagella.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.gustavomagella.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.gustavomagella.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.gustavomagella.com\/index.php\/wp-json\/wp\/v2\/comments?post=1341"}],"version-history":[{"count":5,"href":"https:\/\/blog.gustavomagella.com\/index.php\/wp-json\/wp\/v2\/posts\/1341\/revisions"}],"predecessor-version":[{"id":1378,"href":"https:\/\/blog.gustavomagella.com\/index.php\/wp-json\/wp\/v2\/posts\/1341\/revisions\/1378"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.gustavomagella.com\/index.php\/wp-json\/wp\/v2\/media\/1352"}],"wp:attachment":[{"href":"https:\/\/blog.gustavomagella.com\/index.php\/wp-json\/wp\/v2\/media?parent=1341"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.gustavomagella.com\/index.php\/wp-json\/wp\/v2\/categories?post=1341"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.gustavomagella.com\/index.php\/wp-json\/wp\/v2\/tags?post=1341"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}