Automate and Monitor VMs Using Extensions and Azure Monitor

Learn On Demand Pro Series

This IT Pro Challenge hands-on lab helps learners understand how to use the Azure Portal and Azure Resource Manager (ARM) to deploy ARM templates with Azure custom script extensions and use Azure Monitor to automate and monitor virtual machines. This lab also develops skills for working with alerts and guest OS metrics to monitor network activity.

1 hour
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »


In this Automate and Monitor VMs Using Extensions and Azure Monitor IT Pro Challenge, learners will understand how to create and deploy Azure Resource Manager templates, enable guest level monitoring, and create near real-time alerts and guest operating system metrics. Learners will create custom script extensions to use with Azure Monitor to automate and monitor virtual machines. The latter helps learners understand how to monitor network activity to detect malicious threats.

The skills learned in this lab are useful in cloud computing and cyber defense roles.


The scenario for this lab is that you are a cloud operations engineer, and you need to deploy a virtual machine from a pre-configured web application ARM template. To complete your task, you will need to update the template to enable guest-level monitoring and configure guest OS metrics. You will also configure alert rules and set the metric alert period to ensure near real-time alert notifications. To finish, you will configure the web application by creating a custom script extension.

The Azure Resource Manager (ARM) is a management service that allows you to manage Azure resources. One of the things that ARM allows you to do is use templates rather than scripts to manage resources and infrastructure. You can access ARM templates through Github and easily deploy sample templates to Azure.

Near real-time alerts is an improvement over the typical metric alert. With near real-time alerts, you can monitor metric alerts as often as every 1 minute, create a rule that monitors multiple metrics, and use action groups to send texts or emails when an alert is triggered.

Update the ARM template

To begin, you need to sign in to the Azure portal, and then navigate to the virtual machine ARM template in Github. You will then edit the template to enable guest-level monitoring and send guest OS metrics to the Azure Monitor metric store. When you’re finished, you will deploy the updated template to a specified resource group.

Create alert rules

You will use Azure Monitor to create two new alert rules for the virtual machine that hosts the web app. In the existing resource group, you will create a new action group with an email action.

Azure Monitor is a collection of services designed to help you detect and monitor performance issues, create data visualizations, and create alerts.

Add a custom script extension

Finally, you will use a PowerShell configuration script to create a Custom Script Extension for the virtual machine.

The Azure Custom Script Extension executes scripts on virtual machines, which is useful for software installation and configuration management. Custom script extensions are used to ensure that the configurations of virtual machines have identical configurations.

Summary Conclusion

By taking this virtual lab, you will learn how to use the Azure portal and ARM to create a template with guest-level monitoring and near real-time alerts and create two new email alert rules. You will also learn how to use PowerShell in Azure Monitor to create custom script extensions and automate virtual machines.