fixing broken bookmark

paulth1 · paulth1 · commit a6475a07cb12 · 2023-04-18T14:24:24.000-07:00
diff --git a/articles/azure-monitor/best-practices-cost.md b/articles/azure-monitor/best-practices-cost.md
@@ -54,7 +54,7 @@ This article describes [Cost optimization](/azure/architecture/framework/cost/)
 
 | Recommendation | Benefit |
 |:---|:---|
-| Configure VM agents to collect only important events. | Virtual machines can vary significantly in the amount of data they collect, depending on the amount of telemetry generated by the applications and services they have installed. See [Monitor virtual machines with Azure Monitor: Workloads](vm/monitor-virtual-machine-data-collection.md#controlling-costs) for guidance on data to collect and strategies for using [XPath queries](agents/data-collection-rule-azure-monitor-agent.md#filter-events-using-xpath-queries) to limit it.|
+| Configure VM agents to collect only important events. | Virtual machines can vary significantly in the amount of data they collect, depending on the amount of telemetry generated by the applications and services they have installed. See [Monitor virtual machines with Azure Monitor: Workloads](vm/monitor-virtual-machine-data-collection.md#control-costs) for guidance on data to collect and strategies for using [XPath queries](agents/data-collection-rule-azure-monitor-agent.md#filter-events-using-xpath-queries) to limit it.|
 | Ensure that VMs aren't sending duplicate data. | Any configuration that uses multiple agents on a single machine or where you multi-home agents to send data to multiple workspaces may incur charges for the same data multiple times. If you do multi-home agents, make sure you're sending unique data to each workspace. See [Analyze usage in Log Analytics workspace](logs/analyze-usage.md) for guidance on analyzing your collected data to make sure you aren't collecting duplicate data. If you're migrating between agents, continue to use the Log Analytics agent until you [migrate to the Azure Monitor agent](./agents/azure-monitor-agent-migration.md) rather than using both together unless you can ensure that each is collecting unique data. |
 | Use transformations to filter unnecessary data from collected events. | [Transformations](essentials/data-collection-transformations.md) can be used in data collection rules to remove unnecessary data or even entire columns from events collected from the virtual machine which can significantly reduce the cost for their ingestion and retention. |
 
diff --git a/articles/azure-monitor/vm/monitor-virtual-machine-data-collection.md b/articles/azure-monitor/vm/monitor-virtual-machine-data-collection.md
@@ -98,19 +98,19 @@ Use the following guidance as a recommended starting point for event collection.
 
 | Query | Description |
 |:---|:---|
-| `Event` | All Windows events |
-| `Event` | where EventLevelName == "Error"` |All Windows events with severity of error |
-| `Event` | summarize count() by Source` |Count of Windows events by source |
-| `Event` | where EventLevelName == "Error" | summarize count() by Source` |Count of Windows error events by source |
+| Event | All Windows events |
+| Event | where EventLevelName == "Error"` |All Windows events with severity of error |
+| Event | summarize count() by Source` |Count of Windows events by source |
+| Event | where EventLevelName == "Error" | summarize count() by Source` |Count of Windows error events by source |
 
 ### Sample log queries: Syslog events
 
 | Query | Description |
 |:--- |:--- |
-| `Syslog` |All Syslogs |
-| `Syslog` | where SeverityLevel == "error"` |All Syslog records with severity of error |
-| `Syslog` | summarize AggregatedValue = count() by Computer` |Count of Syslog records by computer |
-| `Syslog` | summarize AggregatedValue = count() by Facility` |Count of Syslog records by facility |
+| Syslog |All Syslogs |
+| Syslog | where SeverityLevel == "error"` |All Syslog records with severity of error |
+| Syslog | summarize AggregatedValue = count() by Computer` |Count of Syslog records by computer |
+| Syslog | summarize AggregatedValue = count() by Facility` |Count of Syslog records by facility |
 
 ## Collect performance counters
 Performance data from the client can be sent to either [Azure Monitor Metrics](../essentials/data-platform-metrics.md) or [Azure Monitor Logs](../logs/data-platform-logs.md), and you typically send them to both destinations. If you enabled VM insights, a common set of performance counters is collected in Logs to support its performance charts. You can't modify this set of counters, but you can create other DCRs to collect more counters and send them to different destinations.
@@ -137,17 +137,17 @@ The following samples use the `Perf` table with custom performance data. For inf
 
 | Query | Description |
 |:--- |:---|
-| `Perf` | All Performance data |
-| `Perf` | where Computer == "MyComputer"` |All Performance data from a particular computer |
-| `Perf` | where CounterName == "Current Disk Queue Length"` |All Performance data for a particular counter |
-| `Perf` | where ObjectName == "Processor" and CounterName == "% Processor Time" and InstanceName == "_Total" | summarize AVGCPU = avg(CounterValue) by Computer` |Average CPU Utilization across all computers |
-| `Perf` | where CounterName == "% Processor Time" | summarize AggregatedValue = max(CounterValue) by Computer` |Maximum CPU Utilization across all computers |
-| `Perf` | where ObjectName == "LogicalDisk" and CounterName == "Current Disk Queue Length" and Computer == "MyComputerName" | summarize AggregatedValue = avg(CounterValue) by InstanceName` |Average Current Disk Queue length across all the instances of a given computer |
-| `Perf` | where CounterName == "Disk Transfers/sec" | summarize AggregatedValue = percentile(CounterValue, 95) by Computer` |95th Percentile of Disk Transfers/Sec across all computers |
-| `Perf` | where CounterName == "% Processor Time" and InstanceName == "_Total" | summarize AggregatedValue = avg(CounterValue) by bin(TimeGenerated, 1h), Computer` |Hourly average of CPU usage across all computers |
-| `Perf` | where Computer == "MyComputer" and CounterName startswith_cs "%" and InstanceName == "_Total" | summarize AggregatedValue = percentile(CounterValue, 70) by bin(TimeGenerated, 1h), CounterName` | Hourly 70 percentile of every % percent counter for a particular computer |
-| `Perf` | where CounterName == "% Processor Time" and InstanceName == "_Total" and Computer == "MyComputer" | summarize ["min(CounterValue)"] = min(CounterValue), ["avg(CounterValue)"] = avg(CounterValue), ["percentile75(CounterValue)"] = percentile(CounterValue, 75), ["max(CounterValue)"] = max(CounterValue) by bin(TimeGenerated, 1h), Computer` |Hourly average, minimum, maximum, and 75-percentile CPU usage for a specific computer |
-| `Perf` | where ObjectName == "MSSQL$INST2:Databases" and InstanceName == "master"` | All Performance data from the Database performance object for the master database from the named SQL Server instance INST2. | 
+| Perf | All Performance data |
+| Perf | where Computer == "MyComputer"` |All Performance data from a particular computer |
+| Perf | where CounterName == "Current Disk Queue Length"` |All Performance data for a particular counter |
+| Perf | where ObjectName == "Processor" and CounterName == "% Processor Time" and InstanceName == "_Total" | summarize AVGCPU = avg(CounterValue) by Computer` |Average CPU Utilization across all computers |
+| Perf | where CounterName == "% Processor Time" | summarize AggregatedValue = max(CounterValue) by Computer` |Maximum CPU Utilization across all computers |
+| Perf | where ObjectName == "LogicalDisk" and CounterName == "Current Disk Queue Length" and Computer == "MyComputerName" | summarize AggregatedValue = avg(CounterValue) by InstanceName` |Average Current Disk Queue length across all the instances of a given computer |
+| Perf | where CounterName == "Disk Transfers/sec" | summarize AggregatedValue = percentile(CounterValue, 95) by Computer` |95th Percentile of Disk Transfers/Sec across all computers |
+| Perf | where CounterName == "% Processor Time" and InstanceName == "_Total" | summarize AggregatedValue = avg(CounterValue) by bin(TimeGenerated, 1h), Computer` |Hourly average of CPU usage across all computers |
+| Perf | where Computer == "MyComputer" and CounterName startswith_cs "%" and InstanceName == "_Total" | summarize AggregatedValue = percentile(CounterValue, 70) by bin(TimeGenerated, 1h), CounterName` | Hourly 70 percentile of every % percent counter for a particular computer |
+| Perf | where CounterName == "% Processor Time" and InstanceName == "_Total" and Computer == "MyComputer" | summarize ["min(CounterValue)"] = min(CounterValue), ["avg(CounterValue)"] = avg(CounterValue), ["percentile75(CounterValue)"] = percentile(CounterValue, 75), ["max(CounterValue)"] = max(CounterValue) by bin(TimeGenerated, 1h), Computer` |Hourly average, minimum, maximum, and 75-percentile CPU usage for a specific computer |
+| Perf | where ObjectName == "MSSQL$INST2:Databases" and InstanceName == "master"` | All Performance data from the Database performance object for the master database from the named SQL Server instance INST2. | 
 
 ## Collect text logs
 Some applications write events written to a text log stored on the virtual machine. Create a [custom table and DCR](../agents/data-collection-text-log.md) to collect this data. You define the location of the text log, its detailed configuration, and the schema of the custom table. There's a cost for the ingestion and retention of this data in the workspace.
@@ -157,8 +157,8 @@ The column names used here are examples only. The column names for your log will
 
 | Query | Description |
 |:--- |:--- |
-| `MyApp_CL` | summarize count() by code` | Count the number of events by code. |
-| `MyApp_CL` | where status == "Error" | summarize AggregatedValue = count() by Computer, bin(TimeGenerated, 15m)` | Create an alert rule on any error event. |
+| MyApp_CL | summarize count() by code` | Count the number of events by code. |
+| MyApp_CL | where status == "Error" | summarize AggregatedValue = count() by Computer, bin(TimeGenerated, 15m)` | Create an alert rule on any error event. |
 
 ## Collect IIS logs
 IIS running on Windows machines writes logs to a text file. Configure IIS log collection by using [Collect IIS logs with Azure Monitor Agent](../agents/data-collection-iis.md). There's a cost for the ingestion and retention of this data in the workspace.
@@ -169,8 +169,8 @@ Records from the IIS log are stored in the [W3CIISLog](/azure/azure-monitor/refe
 
 | Query | Description |
 |:--- |:--- |
-| `W3CIISLog` | where csHost=="www.contoso.com" | summarize count() by csUriStem` | Count the IIS log entries by URL for the host www.contoso.com. |
-| `W3CIISLog` | summarize sum(csBytes) by Computer` | Review the total bytes received by each IIS machine. |
+| W3CIISLog | where csHost=="www.contoso.com" | summarize count() by csUriStem` | Count the IIS log entries by URL for the host www.contoso.com. |
+| W3CIISLog | summarize sum(csBytes) by Computer` | Review the total bytes received by each IIS machine. |
 
 ## Monitor a service or daemon
 To monitor the status of a Windows service or Linux daemon, enable the [Change Tracking and Inventory](../../automation/change-tracking/overview.md) solution in [Azure Automation](../../automation/automation-intro.md).
diff --git a/articles/azure-monitor/vm/vminsights-enable-policy.md b/articles/azure-monitor/vm/vminsights-enable-policy.md
@@ -82,14 +82,14 @@ To see how many virtual machines exist in each of the management groups or subsc
     
     | Function | Description |
     |----------|-------------|
-    | Scope | Management group or subscription to which the initiative applies.|
-    | My Role | Your role in the scope. The role can be Reader, Owner, Contributor, or blank if you have access to the subscription but not to the management group to which it belongs. Your role determines which data you can see and whether you can assign policies or initiatives (owner), edit them, or view compliance. |
-    | Total VMs | Total number of VMs in the scope, regardless of their status. For a management group, this number is the sum total of VMs in all related subscriptions or child management groups. |
-    | Assignment Coverage | Percentage of VMs covered by the initiative. When you assign the initiative, the scope you select in the assignment could be the scope listed or a subset of it. For instance, if you create an assignment for a subscription (initiative scope) and not a management group (coverage scope), the value of **Assignment Coverage** indicates the VMs in the initiative scope divided by the VMs in coverage scope. In another case, you might exclude some VMs, resource groups, or a subscription from the policy scope. If the value is blank, it indicates that either the policy or initiative doesn't exist or you don't have permission.|
-    | Assignment Status | **Success**: Azure Monitor Agent or the Log Analytics agent and Dependency agent deployed on all machines in scope.<br>**Warning**: The subscription isn't under a management group.<br>**Not Started**: A new assignment was added.<br>**Lock**: You don't have sufficient privileges to the management group.<br>**Blank**: No VMs exist or a policy isn't assigned. |
-    | Compliant VMs | Number of VMs that have both Azure Monitor Agent or Log Analytics agent and Dependency agent installed. This field is blank if there are no assignments, no VMs in the scope, or if you don't have the relevant permissions. |
-    | Compliance | The overall compliance number is the sum of distinct compliant resources divided by the sum of all distinct resources. |
-    | Compliance State | **Compliant**: All VMs in the scope have Azure Monitor Agent or the Log Analytics agent and Dependency agent deployed to them, or any new VMs in the scope haven't yet been evaluated.<br>**Noncompliant**: There are VMs that aren't enabled and might need remediation.<br>**Not Started**: A new assignment was added.<br>**Lock**: You don't have sufficient privileges to the management group.<br>**Blank**: No policy assigned.  |
+    | **Scope** | Management group or subscription to which the initiative applies.|
+    | **My Role** | Your role in the scope. The role can be Reader, Owner, Contributor, or blank if you have access to the subscription but not to the management group to which it belongs. Your role determines which data you can see and whether you can assign policies or initiatives (owner), edit them, or view compliance. |
+    | **Total VMs** | Total number of VMs in the scope, regardless of their status. For a management group, this number is the sum total of VMs in all related subscriptions or child management groups. |
+    | **Assignment Coverage** | Percentage of VMs covered by the initiative. When you assign the initiative, the scope you select in the assignment could be the scope listed or a subset of it. For instance, if you create an assignment for a subscription (initiative scope) and not a management group (coverage scope), the value of **Assignment Coverage** indicates the VMs in the initiative scope divided by the VMs in coverage scope. In another case, you might exclude some VMs, resource groups, or a subscription from the policy scope. If the value is blank, it indicates that either the policy or initiative doesn't exist or you don't have permission.|
+    | **Assignment Status** | **Success**: Azure Monitor Agent or the Log Analytics agent and Dependency agent deployed on all machines in scope.<br>**Warning**: The subscription isn't under a management group.<br>**Not Started**: A new assignment was added.<br>**Lock**: You don't have sufficient privileges to the management group.<br>**Blank**: No VMs exist or a policy isn't assigned. |
+    | **Compliant VMs** | Number of VMs that have both Azure Monitor Agent or Log Analytics agent and Dependency agent installed. This field is blank if there are no assignments, no VMs in the scope, or if you don't have the relevant permissions. |
+    | **Compliance** | The overall compliance number is the sum of distinct compliant resources divided by the sum of all distinct resources. |
+    | **Compliance State** | **Compliant**: All VMs in the scope have Azure Monitor Agent or the Log Analytics agent and Dependency agent deployed to them, or any new VMs in the scope haven't yet been evaluated.<br>**Noncompliant**: There are VMs that aren't enabled and might need remediation.<br>**Not Started**: A new assignment was added.<br>**Lock**: You don't have sufficient privileges to the management group.<br>**Blank**: No policy assigned.  |
 
 1. Select the ellipsis (**...**) > **View Compliance**.
 
