MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 5 additions & 0 deletions
diff --git a/‎articles/nat-gateway/monitor-nat-gateway-reference.md
Lines changed: 125 additions & 0 deletions b/‎articles/nat-gateway/monitor-nat-gateway-reference.md
Lines changed: 125 additions & 0 deletions
diff --git a/‎articles/nat-gateway/monitor-nat-gateway.md
Lines changed: 171 additions & 0 deletions b/‎articles/nat-gateway/monitor-nat-gateway.md
Lines changed: 171 additions & 0 deletions
@@ -625,6 +625,11 @@
       "redirect_url": "/previous-versions/azure/mysql/single-server/tutorial-provision-mysql-server-using-azure-resource-manager-templates",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/nat-gateway/nat-metrics.md",
+      "redirect_url": "/azure/nat-gateway/monitor-nat-gateway",
+      "redirect_document_id": true
+    },
     {
       "source_path": "articles/firewall-manager/multiple-public-ip-powershell.md",
       "redirect_url": "/previous-versions/azure/firewall-manager/multiple-public-ip-powershell",
 
@@ -0,0 +1,125 @@
+---
+title: Monitoring data reference for Azure NAT Gateway
+description: This article contains important reference material you need when you monitor Azure NAT Gateway by using Azure Monitor.
+ms.date: 08/06/2024
+ms.custom: horz-monitor
+ms.topic: reference
+author: asudbring
+ms.author: allensu
+ms.service: nat-gateway
+---
+# Azure NAT Gateway monitoring data reference
+
+[!INCLUDE [horz-monitor-ref-intro](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-ref-intro.md)]
+
+See [Monitor Azure NAT Gateway](monitor-monitor-nat-gateway.md) for details on the data you can collect for Azure NAT Gateway and how to use it.
+
+[!INCLUDE [horz-monitor-ref-metrics-intro](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-ref-metrics-intro.md)]
+
+### Supported metrics for Microsoft.Network/natgateways
+
+The following table lists the metrics available for the Microsoft.Network/natgateways resource type.
+
+[!INCLUDE [horz-monitor-ref-metrics-tableheader](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-ref-metrics-tableheader.md)]
+
+[!INCLUDE [Microsoft.Network/natgateways](~/reusable-content/ce-skilling/azure/includes/azure-monitor/reference/metrics/microsoft-network-natgateways-metrics-include.md)]
+
+> [!NOTE]
+> Count aggregation is not recommended for any of the NAT gateway metrics. Count aggregation adds up the number of metric values and not the metric values themselves. Use Total aggregation instead to get the best representation of data values for connection count, bytes, and packets metrics.
+>
+> Use Average for best represented health data for the datapath availability metric.
+>
+> For information about aggregation types, see [aggregation types](/azure/azure-monitor/essentials/metrics-aggregation-explained#aggregation-types).
+
+## How to use NAT gateway metrics
+
+The following sections detail how to use each NAT gateway metric to monitor, manage, and troubleshoot your NAT gateway resource.
+
+### Bytes
+
+The **Bytes** metric shows you the amount of data going outbound through NAT gateway and returning inbound in response to an outbound connection. 
+
+Use this metric to:
+
+- View the amount of data being processed through NAT gateway to connect outbound or return inbound.
+
+### Datapath availability
+
+The datapath availability metric measures the health of the NAT gateway resource over time. This metric indicates if NAT gateway is available for directing outbound traffic to the internet. This metric is a reflection of the health of the Azure infrastructure.
+
+You can use this metric to:
+
+- Monitor the availability of NAT gateway.
+- Investigate the platform where your NAT gateway is deployed and determine if it’s healthy.
+- Isolate whether an event is related to your NAT gateway or to the underlying data plane.
+
+Possible reasons for a drop in data path availability include:
+
+- An infrastructure outage.
+- There aren't healthy VMs available in your NAT gateway configured subnet. For more information, see the [NAT gateway connectivity troubleshooting guide](/azure/nat-gateway/troubleshoot-nat-connectivity).
+
+### Packets
+
+The packets metric shows you the number of data packets passing through NAT gateway. 
+
+Use this metric to:
+  
+- Verify that traffic is passing outbound or returning inbound through NAT gateway.
+- View the amount of traffic going outbound through NAT gateway or returning inbound.
+
+### Dropped packets
+
+The dropped packets metric shows you the number of data packets dropped by NAT gateway when traffic goes outbound or returns inbound in response to an outbound connection.
+
+Use this metric to:
+
+- Check if periods of dropped packets coincide with periods of failed SNAT connections with the [SNAT Connection Count](#snat-connection-count) metric.
+- Help determine if you're experiencing a pattern of failed outbound connections or SNAT port exhaustion.
+
+Possible reasons for dropped packets:
+
+- Outbound connectivity failure can cause packets to drop. Connectivity failure can happen for various reasons. See the [NAT gateway connectivity troubleshooting guide](/azure/nat-gateway/troubleshoot-nat-connectivity) to help you further diagnose. 
+
+### SNAT connection count
+
+The SNAT connection count metric shows you the number of new SNAT connections within a specified time frame. This metric can be filtered by **Attempted** and **Failed** connection states. A failed connection volume greater than zero can indicate SNAT port exhaustion.
+
+Use this metric to:
+
+- Evaluate the health of your outbound connections.
+- Help diagnose if your NAT gateway is experiencing SNAT port exhaustion.
+- Determine if you're experiencing a pattern of failed outbound connections.
+
+### Total SNAT connection count
+
+The **Total SNAT connection count** metric shows you the total number of active SNAT connections passing through NAT gateway.
+
+You can use this metric to:
+
+- Evaluate the volume of connections passing through NAT gateway.
+- Determine if you're nearing the connection limit of NAT gateway.
+- Help assess if you're experiencing a pattern of failed outbound connections. 
+
+Possible reasons for failed connections:
+
+- A pattern of failed connections can happen for various reasons. See the [NAT gateway connectivity troubleshooting guide](/azure/nat-gateway/troubleshoot-nat-connectivity) to help you further diagnose.
+
+>[!NOTE]
+> When NAT gateway is attached to a subnet and public IP address, the Azure platform verifies NAT gateway is healthy by conducting health checks. These health checks appear in NAT gateway's SNAT Connection Count metrics. The amount of health check related connections may vary as the health check service is optimized, but is negligible and doesn’t impact NAT gateway’s ability to connect outbound.
+
+[!INCLUDE [horz-monitor-ref-metrics-dimensions-intro](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-ref-metrics-dimensions-intro.md)]
+
+[!INCLUDE [horz-monitor-ref-metrics-dimensions](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-ref-metrics-dimensions.md)]
+
+- ConnectionState: Attempted, Failed
+- Direction: In, Out
+- Protocol: 6 TCP, 17 UDP
+
+[!INCLUDE [horz-monitor-ref-activity-log](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-ref-activity-log.md)]
+
+- [Microsoft.Network resource provider operations](/azure/role-based-access-control/resource-provider-operations#microsoftnetwork)
+
+## Related content
+
+- See [Monitor Azure NAT Gateway](monitor-nat-gateway.md) for a description of monitoring Azure NAT Gateway.
+- See [Monitor Azure resources with Azure Monitor](/azure/azure-monitor/essentials/monitor-azure-resource) for details on monitoring Azure resources.
@@ -0,0 +1,171 @@
+---
+title: Monitor Azure NAT Gateway
+description: Start here to learn how to monitor Azure NAT Gateway by using the available Azure Monitor metrics and alerts.
+ms.date: 08/06/2024
+ms.custom: horz-monitor
+ms.topic: conceptual
+author: asudbring
+ms.author: allensu
+ms.service: nat-gateway
+---
+
+# Monitor [TODO-replace-with-service-name]
+
+[!INCLUDE [horz-monitor-intro](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-intro.md)]
+
+You can use metrics and alerts to monitor, manage, and [troubleshoot](troubleshoot-nat.md) your NAT gateway resource. Azure NAT Gateway provides the following diagnostic capabilities:  
+
+- Multi-dimensional metrics and alerts through Azure Monitor: You can use these metrics to monitor and manage your NAT gateway and to assist you in troubleshooting issues.
+- Network Insights: Azure Monitor Insights provides you with visual tools to view, monitor, and assist you in diagnosing issues with your NAT gateway resource. Insights provide you with a topological map of your Azure setup and metrics dashboards.
+
+This diagram shows Azure NAT Gateway for outbound to the internet.
+
+:::image type="content" source="./media/nat-gateway-resource/nat-gateway-deployment.png" alt-text="Diagram of a NAT gateway resource with virtual machines.":::
+
+[!INCLUDE [horz-monitor-insights](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-insights.md)] -->
+
+## Network Insights
+
+[Azure Monitor Network Insights](../network-watcher/network-insights-overview.md) allows you to visualize your Azure infrastructure setup and to review all metrics for your NAT gateway resource from a preconfigured metrics dashboard. These visual tools help you diagnose and troubleshoot any issues with your NAT gateway resource. 
+
+### View the topology of your Azure architectural setup
+
+To view a topological map of your setup in Azure:
+
+1. From your NAT gateway’s resource page, select **Insights** from the **Monitoring** section.
+
+1. On the landing page for **Insights**, there's a topology map of your NAT gateway setup. This map shows the relationship between the different components of your network (subnets, virtual machines, public IP addresses). 
+
+1. Hover over any component in the topology map to view configuration information.
+
+    :::image type="content" source="./media/nat-metrics/nat-insights.png" alt-text="Screenshot of the Insights section of NAT gateway."::: 
+
+### View all NAT gateway metrics in a dashboard
+
+The metrics dashboard can be used to better understand the performance and health of your NAT gateway resource. The metrics dashboard shows a view of all metrics for NAT gateway on a single page.  
+
+- All NAT gateway metrics can be viewed in a dashboard when selecting **Show Metrics Pane**.
+
+    :::image type="content" source="./media/nat-metrics/nat-metrics-pane.png" alt-text="Screenshot of the show metrics pane."::: 
+
+- A full page view of all NAT gateway metrics can be viewed when selecting **View Detailed Metrics**.
+
+    :::image type="content" source="./media/nat-metrics/detailed-metrics.png" alt-text="Screenshot of the view detailed metrics.":::
+
+For more information on what each metric is showing you and how to analyze these metrics, see [How to use NAT gateway metrics](monitor-nat-gateway-reference#how-to-use-nat-gateway-metrics).
+
+[!INCLUDE [horz-monitor-resource-types](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-resource-types.md)]
+For more information about the resource types for Azure NAT Gateway, see [Azure NAT Gateway monitoring data reference](monitor-nat-gateway-reference.md).
+
+[!INCLUDE [horz-monitor-data-storage](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-data-storage.md)]
+
+[!INCLUDE [horz-monitor-platform-metrics](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-platform-metrics.md)]
+
+For a list of available metrics for Azure NAT Gateway, see [Azure NAT Gateway monitoring data reference](monitor-nat-gateway-reference.md#metrics).
+
+NAT gateway metrics can be found in the following locations in the Azure portal.
+
+- **Metrics** page under **Monitoring** from a NAT gateway's resource page.
+
+- **Insights** page under **Monitoring** from a NAT gateway's resource page.
+
+    :::image type="content" source="./media/nat-metrics/nat-insights-metrics.png" alt-text="Screenshot of the insights and metrics options in NAT gateway overview.":::
+
+- Azure Monitor page under **Metrics**.
+
+    :::image type="content" source="./media/nat-metrics/azure-monitor.png" alt-text="Screenshot of the metrics section of Azure Monitor.":::
+
+<!-- ## OPTIONAL [TODO-replace-with-service-name] metrics
+If your service uses any non-Azure Monitor based metrics, add the following include and more information.
+[!INCLUDE [horz-monitor-custom-metrics](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-non-monitor-metrics.md)] -->
+
+<!-- ## Azure Monitor resource logs -->
+
+[!INCLUDE [horz-monitor-resource-logs](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-resource-logs.md)]
+
+[!INCLUDE [horz-monitor-no-resource-logs](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-no-resource-logs.md)]
+
+[!INCLUDE [horz-monitor-activity-log](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-activity-log.md)]
+
+[!INCLUDE [horz-monitor-analyze-data](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-analyze-data.md)]
+
+[!INCLUDE [horz-monitor-external-tools](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-external-tools.md)]
+
+[!INCLUDE [horz-monitor-kusto-queries](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-kusto-queries.md)]
+
+[!INCLUDE [horz-monitor-alerts](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-alerts.md)]
+
+### Azure NAT Gateway alert rules
+
+You can set alerts for any metric, log entry, or activity log entry listed in the [Azure NAT Gateway monitoring data reference](monitor-nat-gateway-reference.md).
+
+### Alerts for datapath availability degradation
+
+Set up an alert on datapath availability to help you detect issues with the health of NAT gateway.
+
+The recommended guidance is to alert on NAT gateway's datapath availability when it drops below 90% over a 15-minute period. This configuration is indicative of a NAT gateway resource being in a degraded state.
+
+> [!NOTE]
+> Aggregation granularity is the period of time over which the datapath availability is measured to determine if it has dropped below the threshold value. Setting the aggregation granularity to less than 5 minutes may trigger false positive alerts that detect noise in the datapath.
+
+### Alerts for SNAT port exhaustion 
+
+Set up an alert on the **SNAT connection count** metric to notify you of connection failures on your NAT gateway. A failed connection volume greater than zero can indicate that you reached the connection limit on your NAT gateway or that you hit SNAT port exhaustion. Investigate further to determine the root cause of these failures.
+
+> [!NOTE]
+> SNAT port exhaustion on your NAT gateway resource is uncommon. If you see SNAT port exhaustion, check if NAT gateway's idle timeout timer is set higher than the default amount of 4 minutes. A long idle timeout timer setting can cause SNAT ports too be in hold down for longer, which results in exhausting SNAT port inventory sooner. You can also scale your NAT gateway with additional public IPs to increase NAT gateway's overall SNAT port inventory. To troubleshoot these kinds of issues, refer to the [NAT gateway connectivity troubleshooting guide](/azure/nat-gateway/troubleshoot-nat-connectivity#snat-exhaustion-due-to-nat-gateway-configuration).
+
+### Alerts for NAT gateway resource health
+
+[Azure Resource Health](/azure/service-health/overview) provides information on the health state of your NAT gateway resource. The resource health of your NAT gateway is evaluated by measuring the datapath availability of your NAT gateway endpoint. You can set up alerts to notify you when the health state of your NAT gateway resource changes. To learn more about NAT gateway resource health and setting up alerts, see:
+
+- [Azure NAT Gateway Resource Health](/azure/nat-gateway/resource-health)
+- [NAT Gateway Resource Health Alerts](/azure/nat-gateway/resource-health#resource-health-alerts)
+- [How to create Resource Health Alerts in the Azure portal](/azure/service-health/resource-health-alert-monitor-guide)
+
+[!INCLUDE [horz-monitor-advisor-recommendations](~/reusable-content/ce-skilling/azure/includes/azure-monitor/horizontals/horz-monitor-advisor-recommendations.md)]
+
+
+
+
+<!-- content still to be integrated:
+
+
+
+
+## Metrics FAQ
+
+### What type of metrics are available for NAT gateway?
+
+The NAT gateway supports [multi-dimensional metrics](/azure/azure-monitor/essentials/data-platform-metrics#multi-dimensional-metrics). You can filter the multi-dimensional metrics by different dimensions to gain greater insight into the provided data. The [SNAT connection count](#snat-connection-count) metric allows you to filter the connections by Attempted and Failed connections, enabling you to distinguish between different types of connections made by the NAT gateway.
+
+Refer to the dimensions column in the [metrics overview](#metrics-overview) table to see which dimensions are available for each NAT gateway metric. 
+
+### How do I store NAT gateway metrics long-term?
+
+All [platform metrics are stored](/azure/azure-monitor/essentials/data-platform-metrics#retention-of-metrics) for 93 days. If you require long term access to your NAT gateway metrics data, NAT gateway metrics can be retrieved by using the [metrics REST API](/rest/api/monitor/metrics/list). For more information on how to use the API, see the [Azure monitoring REST API walkthrough](/azure/azure-monitor/essentials/rest-api-walkthrough).  
+
+>[!NOTE]
+>Diagnostic Settings [doesn’t support the export of multi-dimensional metrics](/azure/azure-monitor/reference/supported-metrics/metrics-index#exporting-platform-metrics-to-other-locations) to another location, such as Azure Storage and Log Analytics.
+>
+>To retrieve NAT gateway metrics, use the metrics REST API.
+
+### How do I interpret metrics charts?
+
+Refer to [troubleshooting metrics charts](/azure/azure-monitor/essentials/metrics-troubleshoot) if you run into issues with creating, customizing or interpreting charts in Azure metrics explorer. 
+
+## Next steps
+
+* Learn about [Azure NAT Gateway](nat-overview.md)
+* Learn about [NAT gateway resource](nat-gateway-resource.md)
+* Learn about [Azure Monitor](../azure-monitor/overview.md)
+* Learn about [troubleshooting NAT gateway resources](troubleshoot-nat.md).
+* Learn about [troubleshooting NAT gateway connectivity](/azure/nat-gateway/troubleshoot-nat-connectivity)
+
+-->
+
+
+## Related content
+
+- See [Azure NAT Gateway monitoring data reference](monitor-nat-gateway-reference.md) for a reference of the metrics, logs, and other important values created for Azure NAT Gateway.
+- See [Monitoring Azure resources with Azure Monitor](/azure/azure-monitor/essentials/monitor-azure-resource) for general details on monitoring Azure resources.