How to Install Azure Monitor Agent on Windows Computers

Installing the Azure Monitor Agent on Windows Computers is a straightforward process. You'll need to download the agent from the Azure portal.

To get started, you'll need to have an Azure subscription and the necessary permissions to install the agent. The Azure Monitor Agent is available for download from the Azure portal, and you can find the download link in the Azure Monitor Agent section.

The agent installation package is a zip file that you'll need to extract to a directory on your Windows computer. The installation package includes the Azure Monitor Agent and a configuration file.

Before you begin installing the Azure Monitor Agent, make sure you review the prerequisites. You'll need to install the Azure Arc agent if you want to monitor non-Azure and on-premises servers, which won't incur any additional cost.

The Arc agent makes your on-premises servers visible to Azure as a resource it can target. This is a crucial step to ensure seamless monitoring.

Verify that Azure Monitor Agent can address all of your needs. It's General Availability (GA) for data collection and is used by various Azure Monitor features and other Azure services.

Make sure you have the necessary permissions to install the Azure Monitor Agent. You'll need these permissions to install the agent on the machines you want to monitor.

Here are the key permissions you'll need to check:

To create a Log Analytics workspace, you don't need one, but you will need it to collect data from the Azure Monitor agent. There's no cost for the workspace, but you will incur ingestion and retention costs when collecting data.

Many environments use a single workspace for all their virtual machines and other Azure resources they monitor. You can even share a workspace used by Microsoft Defender for Cloud and Microsoft Sentinel, although many customers choose to segregate their availability and performance telemetry from security data.

You can start with a single workspace and consider creating more workspaces as your requirements evolve, or use the default workspace created by VM insights to get started quickly.

Creating a Log Analytics workspace is a crucial step in deploying the Azure Monitor agent. You don't need a workspace to deploy the agent, but you will need one to collect the data it sends.

There's no cost for creating a workspace, but you will incur ingestion and retention costs when collecting data. You can create multiple workspaces as your requirements evolve.

Many environments use a single workspace for all their virtual machines and other Azure resources they monitor. You can share a workspace with Microsoft Defender for Cloud and Microsoft Sentinel, although some customers prefer to segregate their data.

VM insights will create a default workspace that you can use to get started quickly. This can be a good option if you're just starting out with Azure Monitor.

To create a Log Analytics workspace, you'll need to obtain the workspace ID and key. This can be done by selecting the workspace from the Log Analytics workspaces menu in the Azure portal.

The workspace ID and key are essential for the agent to connect to the workspace. You can find them in the Settings section, under Agents.

You can only configure the agent to report to one workspace during initial setup. To add or remove a workspace, you'll need to update the settings from Control Panel or PowerShell.

Regenerating the Log Analytics Workspace shared keys is possible, but it's not recommended for restricting access to agents currently using those keys.

You can install the Azure Monitor agent using various methods, each suitable for different scenarios.

For production deployments at scale, Azure Policy is the way to go. This method ensures the agent is automatically added to existing virtual machines and any new ones that you deploy.

If you have a significant number of virtual machines, using Azure Policy will save you a lot of time and effort.

You can also deploy the agent using a data collection rule in the Azure portal. This method is ideal for testing and simple deployments.

When creating a data collection rule, you have the option of specifying virtual machines to receive it. The Azure Monitor agent will be automatically installed on any machines that don't already have it.

For client machines, you can use the Windows client installer to install the agent on Windows clients such as Windows 11.

Alternatively, you can use VM insights in the Azure portal for testing and simple deployments with preconfigured monitoring.

VM insights provides simplified onboarding of agents, with a single click for a particular machine, it installs the Azure Monitor agent, connects to a workspace, and starts collecting performance data.

Here are the deployment options summarized:

To install the Azure Monitor Agent, start by accessing the Azure Cloud Shell and switching to the PowerShell console.

To create a new file, use the command to create a new file named installMMAAgent.ps1.

Paste the code in the installMMAAgent.ps1 file. This code is essential for the installation process.

Configuring Windows VM involves some straightforward steps. You'll need to access the Azure Cloud Shell and switch to the PowerShell console. From there, create a new file named installMMAAgent.ps1 using the command to create a new file.

The next step is to write the code in the newly created file using the command to write the code. You'll need to paste the specific code in the installMMAAgent.ps1 file as instructed. After saving the file, run the code using the command to run the code.

To verify the installation, navigate to your target Azure VM and check the Extensions + applications. If successful, you should see the “MicrosoftMonitoringAgent” extension on Azure VM.

To configure TLS 1.2, you'll need to make some registry changes. The first step is to locate the registry subkey HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols.

Create a subkey under Protocols for TLS 1.2: HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2. This will create a new folder for the TLS 1.2 protocol.

Next, create a Client subkey under the TLS 1.2 protocol version subkey: HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client. This subkey is used for client-side TLS 1.2 configurations.

To enable secure cryptography, you'll need to create the following DWORD values under the TLS 1.2\Client subkey: EnabledEnabled 1.2 These values will configure the TLS 1.2 protocol for secure data transmission.

You'll also need to create the DWORD value DisabledByDefault with a value of 0 under the TLS 1.2\Client subkey. This will ensure that TLS 1.2 is enabled by default.

Finally, create the DWORD value SchUseStrongCrypto under the registry subkey HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319 with a value of 1. This will enable strong cryptography in the .NET Framework.

Now that you've installed the Azure Monitor Agent, it's time to verify its configuration and plan your next steps.

To ensure data collection is set up correctly, configure data collection for machines with the Azure Monitor agent.

You'll also want to explore the tools available to help with the next steps in your Azure Monitor journey.

To verify agent connectivity to Azure Monitor, you can check the Microsoft Monitoring Agent in the Control Panel.

You should see a message stating The Microsoft Monitoring Agent has successfully connected to the Microsoft Operations Management Suite service.

In the Azure portal, navigate to Monitor and select Logs on the menu.

Enter the following query in the query field: Heartbeat | where Category == "Direct Agent" | where TimeGenerated > ago(30m).

This will return heartbeat records for the computer, indicating it's connected and reporting to the service.

You should see the heartbeat records in the search results.

Now that you've verified your setup, it's time to move forward with the next steps.

To start, you'll need to configure data collection for machines with the Azure Monitor agent. This will ensure that you're collecting the right data to monitor your systems.

You'll also want to explore the Azure Monitor Agent migration helper workbook, which can provide valuable guidance on migrating your agents to the new system.