Merge pull request #48798 from v-thpra/azure-triage-fix-1016230

Technical Review 1016230: Design a full-stack monitoring strategy on Azure

Author: Stacyrch140

learn-pr/azure/design-monitoring-strategy-on-azure/1-introduction.yml

@@ -5,7 +5,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Introduction
   description: Introduction
-  ms.date: 11/13/2023
+  ms.date: 01/22/2025
   author: kayodeprinceMS
   ms.author: kaprince
   ms.topic: unit

learn-pr/azure/design-monitoring-strategy-on-azure/2-full-stack-monitoring.yml

@@ -5,7 +5,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Full-stack monitoring in Azure
   description: Introduction to full-stack monitoring in Azure
-  ms.date: 11/13/2023
+  ms.date: 01/22/2025
   author: kayodeprinceMS
   ms.author: kaprince
   ms.topic: unit
@@ -20,10 +20,10 @@ quiz:
     choices:
     - content: During development only 
       isCorrect: false
-      explanation: Monitoring only during development limits problematic code from being deployed, but doesn't provide visibility when the app is live in production.
+      explanation: When you monitor only during development it limits problematic code from being deployed, but doesn't provide visibility when the app is live in production.
     - content: In production only
       isCorrect: false
-      explanation: Monitoring only during production provides visibility into live issues, but doesn't reveal problems and errors during development, QA, and test phases.
+      explanation: When you monitor only during production it provides visibility into live issues, but doesn't reveal problems and errors during development, QA, and test phases.
     - content: During development and while in production
       isCorrect: true
       explanation: Monitoring applications in development prevent errors and exceptions later in production. By monitoring applications in production, you identify problems and risks that affect users.

learn-pr/azure/design-monitoring-strategy-on-azure/3-azure-monitoring-options.yml

@@ -5,7 +5,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Monitoring options in Azure
   description: Explore the monitoring options available in Azure.
-  ms.date: 11/13/2023
+  ms.date: 01/22/2025
   author: kayodeprinceMS
   ms.author: kaprince
   ms.topic: unit

learn-pr/azure/design-monitoring-strategy-on-azure/4-application-insights.yml

@@ -5,7 +5,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Monitor applications by using Application Insights
   description: Learn how to monitor applications by using Azure Monitor Application Insights.
-  ms.date: 11/13/2023
+  ms.date: 01/22/2025
   author: kayodeprinceMS
   ms.author: kaprince
   ms.topic: unit

learn-pr/azure/design-monitoring-strategy-on-azure/5-analyze-resource-utilization.yml

@@ -4,8 +4,8 @@ metadata:
   adobe-target: true
   prefetch-feature-rollout: true
   title: Monitor VMs and containers by using insights
-  description: Analyze VM and container utilization and performance by using Azure Monitor VM insights and container insights.
-  ms.date: 11/13/2023
+  description: Analyze virtual machine (VM) and container utilization and performance by using Azure Monitor VM insights and container insights.
+  ms.date: 01/22/2025
   author: kayodeprinceMS
   ms.author: kaprince
   ms.topic: unit
@@ -26,15 +26,15 @@ quiz:
       explanation: Metrics Explorer lets you chart multiple metrics over time, but doesn't show a topological view of network connections.
     - content: VM insights Map tab
       isCorrect: true
-      explanation: VM insights includes a Map tab with a topology view that shows the processes, dependencies, and network connection details of your VMs and virtual machine scale sets.
-  - content: What open-source monitoring system is specifically designed for containers and microservices?
+      explanation: The VM insights feature includes a Map tab with a topology view that shows the processes, dependencies, and network connection details of your VMs and virtual machine scale sets.
+  - content: What open-source monitoring system is designed specifically for containers and microservices?
     choices:
     - content: Prometheus
       isCorrect: true
       explanation: Prometheus is a popular tool for monitoring Kubernetes, distributed services, and containerized microservices.
     - content: VM insights
       isCorrect: false
-      explanation: VM insights is an Azure Monitor feature that helps get you started monitoring VM clients, not containers.
+      explanation: The VM insights feature in Azure Monitor helps get you started monitoring VM clients, not containers.
     - content: Grafana
       isCorrect: false
       explanation: Grafana is a dashboard platform for analyzing and visualizing data from data sources like Prometheus.

learn-pr/azure/design-monitoring-strategy-on-azure/6-security-center.yml

@@ -5,7 +5,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Manage infrastructure security by using Defender for Cloud
   description: Learn how to monitor, analyze, and manage infrastructure security by using Microsoft Defender for Cloud.
-  ms.date: 11/13/2023
+  ms.date: 01/22/2025
   author: rmcmurray
   ms.author: robmcm
   ms.topic: unit
@@ -16,11 +16,11 @@ content: |
 quiz:
   title: Check your knowledge
   questions:
-  - content: How can you use Defender for Cloud to prevent persistent access to your VMs?
+  - content: How can you use Defender for Cloud to prevent persistent access to your virtual machines?
     choices:
     - content: Use Azure Logic Apps.
       isCorrect: false
-      explanation: You can trigger an automated alert response with Logic Apps, but not manage VM access.
+      explanation: You can trigger an automated alert response with Logic Apps, but not manage virtual machine (VM) access.
     - content: Use just-in-time (JIT) access.
       isCorrect: true
       explanation: With JIT access, your VMs are accessed based only on rules that you configure.
@@ -31,7 +31,7 @@ quiz:
     choices:
     - content: Use just-in-time (JIT) access.
       isCorrect: false
-      explanation: Just-in-time access is used to control VM access, not respond to alerts.
+      explanation: Just-in-time access is used to control VM access, not to respond to alerts.
     - content: Use adaptive application controls.
       isCorrect: false
       explanation: You use adaptive controls to control which applications can run on your VMs, not to respond to alerts.

learn-pr/azure/design-monitoring-strategy-on-azure/7-sentinel.yml

@@ -5,7 +5,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Manage enterprise security by using Microsoft Sentinel
   description: Learn how to monitor, analyze, and manage enterprise security by using Microsoft Sentinel.
-  ms.date: 11/13/2023
+  ms.date: 01/22/2025
   author: rmcmurray
   ms.author: robmcm
   ms.topic: unit
@@ -34,8 +34,8 @@ quiz:
       explanation: You can use predefined exploration queries to investigate incidents more effectively, but they don't show which users an incident affected.
     - content: Use entities.
       isCorrect: true
-      explanation: Use entities to view users that a particular threat or malicious activity might have affected.
+      explanation: Use entities to view users that are affected in a particular threat or malicious activity.
     - content: Use the timeline.
       isCorrect: false
-      explanation: You can use the timeline feature to understand the path that a threat might have taken over time, but the timeline doesn't show affected users.
+      explanation: You can use the timeline feature to understand the path that a threat takes over time, but the timeline doesn't show affected users.
 

learn-pr/azure/design-monitoring-strategy-on-azure/8-summary.yml

@@ -5,7 +5,7 @@ metadata:
   prefetch-feature-rollout: true
   title: Summary
   description: Summary
-  ms.date: 11/13/2023
+  ms.date: 01/22/2025
   author: kayodeprinceMS
   ms.author: kaprince
   ms.topic: unit

learn-pr/azure/design-monitoring-strategy-on-azure/includes/5-analyze-resource-utilization.md

@@ -1,8 +1,8 @@
-Your organization has migrated several applications from on-premises to Azure virtual machines (VMs) and Azure Kubernetes Service (AKS). Several hundred Azure resources are now deployed across several Azure subscriptions.
+Your organization migrated several applications from on-premises to Azure virtual machines (VMs) and Azure Kubernetes Service (AKS). Several hundred Azure resources are now deployed across several Azure subscriptions.
 
 You must track resource usage to ensure that cloud resources are adequately provisioned and their performance meets business requirements. You need a monitoring approach that provides broad visibility and the capability to triage and isolate problems quickly.
 
-This unit explains how to use Azure Monitor insights and other tools for an at-scale monitoring view across all your VM and container resources. You also learn how to drill into specific nodes and containers for troubleshooting.
+This unit explains how to use Azure Monitor insights and other tools for an at-scale monitoring view across all your virtual machine (VM) and container resources. You also learn how to drill into specific nodes and containers for troubleshooting.
 
 ## Azure Monitor insights
 
@@ -13,7 +13,7 @@ You can use Azure Monitor insights to monitor resource utilization and performan
 
 ## Azure Monitor VM insights
 
-VM insights is an Azure Monitor feature that helps get you started monitoring your VM clients by collecting a set of commonly used metrics and sending them to a Log Analytics workspace. You can use Azure Monitor VM insights to:
+The Azure Monitor feature **VM insights** helps you get started monitoring your VM clients by collecting a set of commonly used metrics and sending them to a Log Analytics workspace. You can use Azure Monitor VM insights to:
 
 - View your VMs' health and performance.
 - Monitor your VMs at scale across multiple subscriptions and resource groups.
@@ -37,15 +37,15 @@ You can drill down into Azure Monitor Logs by selecting an event type from the l
 
 :::image type="content" source="../media/5-analyze-resource-utilization-03.png" alt-text="Screenshot of drilling into Azure Monitor Logs from VM insights." lightbox="../media/5-analyze-resource-utilization-03.png":::
 
-The Azure Monitor VM insights **Map** tab shows network connections for an entire resource group, virtual machine scale set, or individual VM. Use the filters at the top of the view to select the resources of interest.
+The Azure Monitor VM insights **Map** tab shows network connections for an entire resource group, virtual machine scale set, or individual VM. To select the resources of interest, use the filters at the top of the view.
 
 You can expand the number of processes for a complete list and to view the network connections per process. Select the arrow representing the connection for network usage and performance details.
 
 :::image type="content" source="../media/5-analyze-resource-utilization-04.png" alt-text="Screenshot of VM insights Map view." lightbox="../media/5-analyze-resource-utilization-04.png":::
 
 ## Azure Monitor container insights
 
-Container insights is a feature of Azure Monitor that monitors the performance and health of container workloads deployed to Azure, including AKS. Container insights collects memory and processor metrics from controllers, nodes, and containers, and gathers container logs. You can use Azure Monitor container insights to:
+**Container insights** is a feature of Azure Monitor that monitors the performance and health of container workloads deployed to Azure, including AKS. The Container insights feature collects memory and processor metrics from controllers, nodes, and containers, and gathers container logs. You can use Azure Monitor container insights to:
 
 - View your Kubernetes workloads' health and performance at scale across multiple subscriptions and resource groups.
 - Get visibility into memory and processor performance metrics from controllers, nodes, and containers.
@@ -69,7 +69,7 @@ The **Monitored clusters** tab shows an at-scale view of the health and status o
 
 ## Azure Monitor managed service for Prometheus
 
-[Prometheus](https://prometheus.io/) is an open-source monitoring system specifically designed for containers and microservices. Prometheus focuses on distributed applications, making it a popular tool for monitoring Kubernetes, distributed services, and containerized microservices.
+[Prometheus](https://prometheus.io/) is an open-source monitoring system designed specifically for containers and microservices. Prometheus focuses on distributed applications, making it a popular tool for monitoring Kubernetes, distributed services, and containerized microservices.
 
 Azure Monitor managed service for Prometheus is a component of Azure Monitor Metrics that supports open-source querying and visualization tools like PromQL and Grafana. Azure Monitor managed service for Prometheus can collect data from AKS or from any Kubernetes cluster that runs self-managed Prometheus using remote-write. To enable Azure Monitor managed service for Prometheus, you create an Azure Monitor workspace to store the Prometheus metrics.
 

learn-pr/azure/design-monitoring-strategy-on-azure/includes/6-security-center.md

@@ -1,4 +1,4 @@
-Because your company is a financial organization, it needs to meet the highest standards for security. Each customer or partner transaction must be completely protected from threats, and you must also respond effectively to potential threats. For example, if a virtual machine (VM) is compromised, you must act rapidly to address the issue.
+Because your company is a financial organization, it needs to meet the highest standards for security. Each customer or partner transaction must be protected completely from threats, and you must also respond effectively to potential threats. For example, if a virtual machine (VM) is compromised, you must act rapidly to address the issue.
 
 This unit describes how to protect resources and respond to threats by using Microsoft Defender for Cloud. Defender for Cloud helps you ensure that the security configuration of your infrastructure is as secure as possible.
 
@@ -46,7 +46,7 @@ To configure adaptive controls, select **Adaptive application control** on the *
 
 :::image type="content" source="../media/6-security-center-update-04.png" alt-text="Screenshot of Adaptive application controls." lightbox="../media/6-security-center-update-04.png":::
 
-Select a resource group and use the **Configure application control rules** screen to target VMs and applications that should have the control rules applied.
+When you select a resource group, it opens **Configure application control rules**. On this screen, use the options to target VMs and applications that should have the control rules applied.
 
 ## Respond to threats
 
@@ -75,7 +75,7 @@ Expand any of the following sections to take action on the alert:
 
 :::image type="content" source="../media/6-security-center-update-10.png" alt-text="Screenshot of the Take action pane." lightbox="../media/6-security-center-update-10.png":::
 
-In the alert details, you should dismiss alerts if no action is required, for example if there are false positives. You should act to address known attacks, for example by blocking known malicious IP addresses, and you should decide which alerts require more investigation.
+In the alert details, you should dismiss alerts if no action is required, for example if there are false positives. You should act to address known attacks, for example by blocking known malicious IP addresses, and you should decide which alerts require further investigation.
 
 :::image type="content" source="../media/6-security-center-update-09.png" alt-text="Screenshot of alert status." lightbox="../media/6-security-center-update-09.png":::