Public preview: Syslog event collection from Azure Monitor Agent for Linux distros
Published date: June 09, 2021
Azure Monitor has introduced a new concept for configuring data collection and a new, unified agent for Azure Monitor in public preview. This new agent (Azure Monitor Agent, or AMA) and the Data Collection Rules (DCR) improve on a few key areas of data collection from VMs including granular and flexible configuration (e.g. collect from a subset of VMs for a single workspace), collect once and send to both Log Analytics and Azure Monitor Metrics, send to multiple workspaces (multi-homing for Linux), data filtration at source for Windows and Linux, improved extension management, and better performance overall.
There’s been an issue wherein syslog data collection wasn’t working as expected. This has been addressed now and the latest release includes support for syslog collection from Linux machines (using version 1.10 and above), available on all supported distros.
Update to the latest version of Azure Monitor Agent to start collecting syslog events from Linux machines, and enable better monitoring for your resources.