You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-monitor/includes/waf-logs-reliability.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -42,7 +42,7 @@ This lets you switch from the primary workspace location to the replicated works
42
42
### Design checklist
43
43
44
44
> [!div class="checklist"]
45
-
> - To ensure service and data resilience to region-wide incidents, enable workspace replication. This is a paid feature, so consider whether your want to replicate all of your incoming logs, or only some data streams.
45
+
> - To ensure service and data resilience to region-wide incidents, enable workspace replication.
46
46
> - To ensure in-region protection against datacenter failure, create your workspace in a region that supports data resilience.
47
47
> - For cross-regional backup of data in specific tables, use the continuous export feature to send data to a zone-redundant storage account.
48
48
> - Monitor the health of your Log Analytics workspaces.
@@ -51,10 +51,10 @@ This lets you switch from the primary workspace location to the replicated works
51
51
52
52
| Recommendation | Benefit |
53
53
|:---|:---|
54
-
|Enable workspace replication |**Cross-regional resilience for workspace data and service operations.** <br><br>[Workspace replication (preview)](../logs/workspace-replication.md) ensures high availability by creating a secondary instance of your workspace in another region and ingesting your logs to both workspaces.<br>When needed, switch to your secondary workspace until the issues impacting your primary workspace are resolved. You can continue ingesting logs, querying data, using dashboards, alerts, and Sentinel in your secondary workspace. You also have access to logs ingested before the region switch.<br>This is a paid feature. You can change workspace configuration or schema when running on the secondary workspace. |
55
-
|Create your workspace in a region that has Azure Monitor service-level availability zone protection |**In-region resilience of workspace data and service operations in the event of datacenter issues.** <br><br>Availability zones that support service resilience also support data resilience. This means that even if an entire datacenter becomes unavailable, the redundancy between zones allows Azure Monitor service operations, like ingestion and querying, to continue to work, and your ingested logs to remain available.<br>Availability zones provide in-region protection, but don't protect against issues that impact the entire region. |
56
-
| Create your workspace in a region that supports data resilience |**In-region protection against loss of the logs in your workspace in the event of datacenter issues.** <br><br>Placing your workspace (and dedicated cluster if needed) in a region that leverages availability zones for Azure Monitor data resilience means that even if an entire datacenter becomes unavailable, the redundancy between zones keeps your ingested logs safe. <br>Note that while the data is safe, if the service is unable to run queries, you won’t be able to view the logs until the issue is resolved. |
57
-
| Configure data export from the workspace to a storage account that is replicated across regions (such as RA-GRS). | **Maintain a backup copy of your log data in a different region.**<br><br>The [data export feature of Azure Monitor](../logs/logs-data-export.md) allows you to continuously export data sent to specific tables to Azure storage where it can be retained for extended periods. Use a geo-redundant storage (GRS) or geo-zone-redundant storage (GZRS) account to keep your data safe even if an entire region becomes unavailable. To make your data readable from the other regions, configure your storage account for read access to the secondary region. For more information see [Azure Storage redundancy on a secondary region](/azure/storage/common/storage-redundancy#redundancy-in-a-secondary-region) and [Azure Storage read access to data in the secondary region](/azure/storage/common/storage-redundancy#read-access-to-data-in-the-secondary-region).<br><br>For [tables that don't supported continuous data export](../logs/logs-data-export.md?tabs=portal#limitations), you can use other methods of exporting data, including Logic Apps, to protect your data. This is primarily a solution to meet compliance for data retention since the data can be difficult to analyze and restore to the workspace.<br><br> Data export is susceptible to regional incidents because it relies on the stability of the Azure Monitor ingestion pipeline in your region. It doesn't provide resiliency against incidents impacting the regional ingestion pipeline.|
54
+
|To ensure the greatest degree of resilience, enable workspace replication.|**Cross-regional resilience for workspace data and service operations.** <br><br>[Workspace replication (preview)](../logs/workspace-replication.md) ensures high availability by creating a secondary instance of your workspace in another region and ingesting your logs to both workspaces.<br>When needed, switch to your secondary workspace until the issues impacting your primary workspace are resolved. You can continue ingesting logs, querying data, using dashboards, alerts, and Sentinel in your secondary workspace. You also have access to logs ingested before the region switch.<br>This is a paid feature, so consider whether your want to replicate all of your incoming logs, or only some data streams.|
55
+
|If possible, create your workspace in a region that supports Azure Monitor service-resilience. |**In-region resilience of workspace data and service operations in the event of datacenter issues.** <br><br>Availability zones that support service resilience also support data resilience. This means that even if an entire datacenter becomes unavailable, the redundancy between zones allows Azure Monitor service operations, like ingestion and querying, to continue to work, and your ingested logs to remain available.<br><br>Availability zones provide in-region protection, but don't protect against issues that impact the entire region.<br><br>For information about which regions support data reslience, see [Enhance data and service resilience in Azure Monitor Logs with availability zones](../logs/availability-zones.md). |
56
+
| Create your workspace in a region that supports data resilience.|**In-region protection against loss of the logs in your workspace in the event of datacenter issues.** <br><br>Placing your workspace (and dedicated cluster if needed) in a region that leverages availability zones for Azure Monitor data resilience means that even if an entire datacenter becomes unavailable, the redundancy between zones keeps your ingested logs safe. <br>Note that while the data is safe, if the service is unable to run queries, you won’t be able to view the logs until the issue is resolved.<br><br>For information about which regions support data reslience, see [Enhance data and service resilience in Azure Monitor Logs with availability zones](../logs/availability-zones.md). |
57
+
| Configure data export from specific tables to a storage account that's replicated across regions. | **Maintain a backup copy of your log data in a different region.**<br><br>The [data export feature of Azure Monitor](../logs/logs-data-export.md) allows you to continuously export data sent to specific tables to Azure storage where it can be retained for extended periods. Use a geo-redundant storage (GRS) or geo-zone-redundant storage (GZRS) account to keep your data safe even if an entire region becomes unavailable. To make your data readable from the other regions, configure your storage account for read access to the secondary region. For more information see [Azure Storage redundancy on a secondary region](/azure/storage/common/storage-redundancy#redundancy-in-a-secondary-region) and [Azure Storage read access to data in the secondary region](/azure/storage/common/storage-redundancy#read-access-to-data-in-the-secondary-region).<br><br>For [tables that don't supported continuous data export](../logs/logs-data-export.md?tabs=portal#limitations), you can use other methods of exporting data, including Logic Apps, to protect your data. This is primarily a solution to meet compliance for data retention since the data can be difficult to analyze and restore to the workspace.<br><br> Data export is susceptible to regional incidents because it relies on the stability of the Azure Monitor ingestion pipeline in your region. It doesn't provide resiliency against incidents impacting the regional ingestion pipeline.|
58
58
| Monitor the health of your Log Analytics workspaces. | Use [Log Analytics workspace insights](../logs/workspace-design.md) to track failed queries and create [health status alert](../logs/log-analytics-workspace-health.md#view-log-analytics-workspace-health-and-set-up-health-status-alerts) to proactively notify you if a workspace becomes unavailable because of a datacenter or regional failure. |
59
59
60
60
#### Compare Azure Monitor Logs resilience features
0 commit comments