Friday 19 May 2023

Logging and Monitoring Advanced Canvas Apps

Overview: Most Canvas apps reach back to 3rd parties or internal storage e.g. SQL, Dataverse, blobs to persist data.  In an ideal world we want to be able to identify error and performance concerns and be able to trace quickly.

Scenario: A canvas app performs a search against a custom connector, that goes to an external API, for example search's for Company Numbers from an Open API.

  • The annotated diagram, in orange records the button pressed to run the search.  This only shows if the "Upcoming feature", "Enable Azure Application Insights correlation tracing" is enabled.
  • A custom connector, in blue, makes  a call to an REST/Open API.
  • The last call is to an external API, highlighted in purple, (in this case it was actually a mocked APIM endpoint, but the icon would change it it was totally external such as call API search to the IRS, HMRC, Inland Revenue.

Tip: Always create App Insight Instances using a workspace and not the classic-mode app insights as it is being deprecated by Microsoft in early 2024.

App Insights Understanding:

App Insights setup using the Workspace-based setup (Log Analytics) can be queried in two ways:

  • Query thru App Insights
  • Query thru the Log Analytics workspace (the Kusto/KQL is slightly different, but it's rather minor)

Tip: If you upgrade from classic to the workspace base app Insights, the log history is still "query-able" as App Insights combines the logs from AppInsights Classic (stored in app insights directly) and the logs stored in Log Analytics.

Tip: Power Automate has a connector to Log Analytics so it's good to use this for flows so you can trace canvas apps using flow journeys.  Most people tend to build a custom connector to a function that uses the AppInsights SDK.  I've used both and they are both valid approaches and shown in the annotated diagram below.

The two options for logging Flows into App Insights.

Note: If you create a new App Insights workspace-based instance remember to update the loggers in all you Azure Services to the new instance (app key).  For example functions, APIM and Service Bus are common components.

Note: You can log to multiple workspace/app insights in a tenant and the correlations will be retrieved so you see the full history, assuming you have permissions to all log sources.

Learning: the instrumentation key for app insights has 3 parts to it: 
1) instrumentation key (basically a unique identified to find and allow logs to be saved into AppInsights, 
2) ingestion endpoint (URL for the log), and 
3) monitoring metric endpoint (URL for metrics/performance counters/live metrics/failed requests/). 

Here is an example and you can see the 3 parts:

Sunday 14 May 2023

Dynatrace Product Play

 Dynatrace is pretty similar to Azure Monitor.

  • Dynatrace (really good if you use multi cloud) Dynatrace - Saas offering is on AWS.  Can be on-prem.  
  • Making workloads observable is using Logs, Traces, Events, and metrics into Dynatrace.  From these ingested events we analyse and can automate behavior. 
  • OneAgent is deployed on the Compute i.e. VM, Kubernetes.  Can import logs from other SIEMs or Azure Monitor, so you can eventually get Azure service logs such as App Service or Service Bus.  
  • Does Full stack and includes code-level and applications and infrastructure monitoring, also can show User monitoring.  
  • Dynatrace offers scalable API's that are sitting on Kubernetes.  
  • "Davis" is the AI engine used to help figure out the problems.  
  • Alerting is solid.  
  • Dynatrace can log against 1) network/Infra 2) SDK 3) DEM (User monitoring,..)  logs, traces, metrics are ingested either using OneAgent or OpenTelemetry.
  • Management Zones - user only see's information they have access to and need.
  • Define a Site Reliability Guardian (SRG) to each program/project, this allows you to identify thru RAG boards the current and recent state of the various pieces.  There are Guardian templates to use as a starting point.
  • W3C Trace Context is used - it allows for end-to-end tracing.  OpenTelemetry or Dynatrace keep the trace and provide in headers (traceparent.
  • Create documentation and tutorials for Dynatrace.  Dynatrace has a playground tenant for playing on.
High-level Architecture hosted on AWS.

High-level architecture for capturing logs et al. and then using the data.

Product Screen Shots:

Azure & Dynatrace
  • Abnormality detection using AI. shall greatly improve observability and security. 
  • End-to-end visibility is what makes it so amazing.
  • Enterprises often use Dynatrace as there central SIEM solution, shipping from Azure in Dynamics takes planning but works well, categorise and ensure the right into is pushed into Dynatrace.  
  • Dynatrace is the leader in Gartner and Forrester in it's space.
  • Grail - lake house, schema-less, allows for easy fast query.  Massive scale.  Bring all data together and query at hyperscale.  Grail is in 15 regions either on AWS, Azure, or GCP for customers to use.  UK looks like AWS only. 
  • Grail: Record level protection, masking data, support access controls (elevate privileges).  
Dynatrace architecture for Grail from Barcelona conference 5 Oct 2023.

Collect all events in Grail, automate the process of identify suspicious activity relating to security.  Faster reaction time.

Azure offers Dynatrace as a SaaS service
Updated 16 Feb 20224