When configuring the workspace, it is usually a best practice to create a unique workspace using a free subscription to house the Windows Analytics solutions and data. Using an existing workspace is possible but it may muddy the waters between functional teams. What I recommend is only one workspace for Windows Analytics per tenant. You may want to keep all your workspaces in the same resource group depending on what Azure Log Analytics is being used for but for this example, I’ll be deploying to a new resource group with a new workspace.
Creating the Workspace
Creating the workspace is essentially adding the Log Analytics solution through the Azure Marketplace. I’ve added a URL in the instructions below to simplify the process a bit but overall it is fairly straightforward.
Before you begin you should review what regions have Azure Log Analytics available since it isn’t simply available in every region. It might not sound terribly important but making sure that the location that stores the data might be very important depending on what governance and regulations apply to your organization.
Let’s move on and implement Azure Log Analytics.
- First, open a browser and navigate to the following URL.
- Type Log Analytics into the search window and press enter.
- At the bottom of the screen, click Create.
- First, give the workspace a name. Next, select the resource group for the workspace, in this example, a new resource group will be created to contain the Azure Log Analytics workspace. Set the location to what makes sense for the organization then click OK.
- At the bottom of the screen you will see a message that the Validation of the configuration was successful.
- The notification area should indicate that there is a new notification. Open the notification area and check to see that the workspace was deployed successfully.
Add the Solutions to the Workspace
Adding the Upgrade Readiness Solution
This section will do the bare minimum to get Upgrade Readiness up and running but I’ll add Device Health and Update Compliance later on. I usually install as many solutions as the customer is licensed for so that I can showcase the value of using telemetry to get that single pane of glass view into your Windows devices.
Ok, let’s dive back into the Azure portal and add the Upgrade Readiness solution.
- Go to the following URL or open up the list of resource groups for your account.
- Locate and open the resource group for your Azure Log Analytics workspace.
- Open the log analytics workspace you created.
- Select View solutions.
- Select Add.
- Select more then locate the Upgrade Readiness solution and select it.
- At the bottom of the screen, click Create.
- Verify the workspace settings and then click Create.
- You should see a validation successful message at the bottom of the screen.
- Open the notification area and verify that the solution has been deployed.
Adding the Device Health Solution
The process is very similar to the previous one. In order to get data for this solution, you should verify that your Windows licensing meets the minimum requirements. Now let’s deploy Device Health to the workspace.
- Next scroll left and select the Device Health solution and click Create.
- Review the workspace settings then click Create.
- The bottom of the screen should display a validation success message.
- Open the notification area at the top of the screen and verify that the solution was added to the workspace successfully.
Adding the Update Compliance Solution
And for the last solution, I have Update Compliance, this solution is something I feel too many people overlook. On the surface, it isn’t fancy but that is the great part about it, you get patch and antivirus insights into your device fleet. If you have Windows 10 E5 licensing you can get similar information in the Windows Defender ATP console.
Just like the previous two, this deployment process is very similar.
- Scroll left and select Update Compliance then click Create.
- Verify the workspace settings then click Create.
- At the bottom of the screen verify that the validation was successful.
- Next, open the notification center to verify that the solution deployed successfully.
Collecting the Commercial ID
The Commercial ID for your organization is key to making sure that the telemetry data being sent to Microsoft has a workspace to be presented to. Using the steps below we will go into the workspace and find the Commercial ID to configure the client machines with.
- Go to the root of the workspace and select Workspace Summary.
- Select Upgrade Readiness.
- Select Solution Settings.
- In the left menu to the left open Upgrade Readiness Settings.
- Select the copy icon to copy the commercial id field.
- Keep this key as you will need it for the next step.
Part 2 Conclusion
If you were familiar with deploying Windows Analytics with OMS you can see that the new Azure Log Analytics interface is different but there are some familiar elements that made it into the new portal. Now that the backend is configured we need to configure the Windows devices to transmit telemetry for Windows Analytics. Because the most common management mechanism for my customers is Group Policy I’ll start there with my next blog post.
In case you are looking for the other posts here is a current list of posts below.