- \n
- Monitor services like nginx, MySQL, or any custom service.<\/li>\n
- Automate log collection using bash + cron.<\/li>\n
- Centralize logs in Azure Monitor for querying, alerts, and dashboards.<\/li>\n<\/ul>\n
Architecture Diagram<\/h5>\n
![\"\"](\"https:\/\/cloudzeninnovations.com\/dev\/wp-content\/uploads\/2026\/03\/Linux-Service-Monitoring-Architecture-Diagram.jpg\")
<\/p>\nIllustration diagram \u2014 showing VM, log file, DCR, Log Analytics<\/p>\n
Step 1 \u2013 Generate Service Status Logs on the VM<\/h5>\n
We have written a Bash script that checks the status of required services and appends the results to a .log file.<\/p>\n
![\"\"](\"https:\/\/cloudzeninnovations.com\/dev\/wp-content\/uploads\/2026\/03\/Action-Manager-Logs.jpg\")
<\/p>\nThe script will run on each machine and read the installed services statuses and then generate custom logs with a custom format. We generated the logs to have comma-separated data, with standard log format for ingestion \u2014 server name, service name, status.<\/p>\n
VM01, TaskMonitor,Running<\/strong><\/p>\n
VM01, Cache Manager, Running<\/strong><\/p>\n
Step 2 \u2013 Configure the Crontab Job<\/h5>\n
We added a cron entry to run the script periodically.
\nThe following example shows the cron Job for Azure Cloud Monitoring under That runs every 3 minutes:<\/p>\n*\/03 * * * * \/root\/home\/user\/az_monitoring\/az_monitoring.sh > \/dev\/null 2>&1<\/strong><\/p>\n
PS: It’s recommended that the script is placed in a private directory or secure location.<\/p>\n
Step 3 \u2013 Set Up the Custom Log File Directory<\/h5>\n
Ensure proper log directory\/file permissions.<\/p>\n
-rw-r–r–. 1 user group 167713 Aug 20 12:18 az_service_status_vm01_20250820.log<\/strong><\/p>\n
Step 4 \u2013 Create the Custom Table in Log Analytics<\/h5>\n
Azure automatically creates a table if it doesn\u2019t exist when you configure a DCR, but you can also define a schema in advance.
\nThe custom table should have the columns: RawData + TimeGenerated<\/strong>, where RawData will contain the log lines read from the .log file.
\nTimeGenerated will contain the timestamp at which the log was ingested into the custom table.
\nExample Table Name: LinuxServiceStatus_CL (_CL is an automatic addition that means Custom Logs)<\/p>\nStep 5 \u2013 Create a Data Collection Rule (DCR)<\/h5>\n
Use Azure Portal, ARM template, or CLI to create the Data Collection Rule.
\nExample: CLI to create a DCR<\/p>\naz monitor data-collection rule create \n --resource-group \n --name LinuxServiceLogDCR \n --location \n --data-flows '[{\"streams\":[\"Custom-LinuxServiceStatus_CL\"],\"destinations\":[\"la-workspace\"]}]' \n --data-sources '[{\"streams\":[\"Custom-LinuxServiceStatus_CL\"],\"filePatterns\":[\"\/log\/custom\/az_service_status_*.log\"],\"name\":\"linuxServiceLogs\",\"format\":\"text\"}]' \n --destinations '[{\"type\":\"logAnalytics\",\"workspaceResourceId\":\"\",\"name\":\"la-workspace\"}]'\n<\/code><\/pre>\nStep 6 \u2013 Link the DCR to Your Azure VM<\/h5>\n
Either from portal or CLI:<\/p>\n
az monitor data-collection rule association create\n --name LinkLinuxLogs\n --rule-name LinuxServiceLogDCR\n --resource \n --description \"Link service status log rule to VM\"\n<\/code><\/pre>\nStep 7 \u2013 Validate Logs in Log Analytics<\/h5>\n
After finishing the previous steps, go to your Log Analytics Workspace, open Logs <\/strong>from the left blade and run a simple query:<\/p>\n
LinuxServiceStatus_CL\n | sort by TimeGenerated desc\n<\/code><\/pre>\nYou will get a table of logs raw data and its generated timestamps.<\/p>\n
Query Examples: KQL for Insights<\/h5>\n
Example query of service availability breakdown \/ detect services That Were Down<\/p>\n
\n LinuxServiceStatus_CL\n | parse RawData with ComputerName: string \",\" ServiceName: string \",\" ServiceStatus: string\n | where Status == \"stopped\"\n | where Server == \"VM01\" and ServiceName == \"Task Monitor\"\n | project TimeGenerated, Server, ServiceName, Status\n | order by TimeGenerated desc\n<\/code><\/pre>\nBonus: Visualize with Azure Workbook<\/h5>\n
Create an Azure Workbook to visualize:<\/p>\n
- \n
- Pie chart of services against statuses<\/li>\n
- Timechart of service activity<\/li>\n
- Alerts based on downtime thresholds<\/li>\n<\/ul>\n
Security and Best Practices<\/h5>\n
- \n
- Use managed identities and role-based access control (RBAC).<\/li>\n
- Avoid writing logs with root privileges.<\/li>\n
- Use the Azure Monitor Agent (AMA), not legacy OMS agents.<\/li>\n<\/ul>\n
Conclusion<\/h4>\n
By combining custom logs with DCRs, you can build a robust and adaptable monitoring pipeline for services running on Azure VMs. This approach ensures high availability, supports scaling needs, and offers rich, query-friendly observability.<\/p>\n","protected":false},"excerpt":{"rendered":"
In hybrid and cloud-native environments, monitoring custom services and background jobs on VMs is critical for uptime and actions. In this article, we’ll walk through how to collect service status… Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":2842,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2841","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog"],"_links":{"self":[{"href":"https:\/\/cloudzeninnovations.com\/dev\/wp-json\/wp\/v2\/posts\/2841","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudzeninnovations.com\/dev\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudzeninnovations.com\/dev\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudzeninnovations.com\/dev\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudzeninnovations.com\/dev\/wp-json\/wp\/v2\/comments?post=2841"}],"version-history":[{"count":0,"href":"https:\/\/cloudzeninnovations.com\/dev\/wp-json\/wp\/v2\/posts\/2841\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudzeninnovations.com\/dev\/wp-json\/wp\/v2\/media\/2842"}],"wp:attachment":[{"href":"https:\/\/cloudzeninnovations.com\/dev\/wp-json\/wp\/v2\/media?parent=2841"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudzeninnovations.com\/dev\/wp-json\/wp\/v2\/categories?post=2841"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudzeninnovations.com\/dev\/wp-json\/wp\/v2\/tags?post=2841"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}