Tracking changes in VMs – Azure

When managing VMs, it is important to know what was changed, and when. If you are leveraging an immutable infrastructure and never perform changes manually (instead, you are using Automation scripts and custom VM images), you may already have a solution for tracking changes that suits your needs. However, there are still cases where the process you are working in does not guarantee the right management of changes, and it is hard to audit them.

In this section, we will discuss the Change tracking feature and see how it works for our purpose. To get started, you will need a VM with which you can work. If you do not have one, take a look at the previous sections from this chapter, where the process is discussed in detail.

Continuing our discussion forward, let’s track changes in a VM with the help of the following instructions:

  1. To enable the Change tracking feature, go to your VM and find the Change tracking blade:

Fig. 10.51 – Change tracking blade
  1. The screen that you see here allows you to configure the Log Analytics workspace and Automation account that steer the feature:

Fig. 10.52 – Enabling the feature
In the preceding example, my machine had already been linked to Log Analytics. In your case, you will be able to either select a workspace or create a new one.
  1. The deployment of the feature may take a while, so be patient. Once the feature has been deployed, you will see no changes noticed by it:

Fig. 10.53 – Update tracking view

Note that it watches the following things on your machine:

    • Events related to it
    • File modifications
    • Registry changes
    • Software installations
    • Windows services operations
  1. If you click on the Edit Settings button, you will be able to configure each of the filters in detail:

Fig. 10.54 – Configuring the feature
By default, the Change tracking feature does not monitor all the recommended things. To make it work, ensure that it is configured by you and that it covers all the factors you want to monitor.

Using the Change tracking feature is similar to the usage of update management, described in the previous section. It also uses the Log Analytics workspace so that everything is automated and integrated with each other in a seamless way.

In this exercise, we have discovered possibilities for changes and modifications that may be tracked (such as new values of registry entries). The important thing here is remembering that everything is disabled by default—you have to mark things that you want to monitor. Change tracking can be very easily configured by adding the registry keys or files you want to monitor:

Fig. 10.55 – Adding a file for tracking

Make sure you have configured it properly (by adding all the files to monitor or enabling monitoring of particular registry entries). In the Further reading section, you will find extra information on this topic—including limitations of the feature and known issues—that may help you troubleshoot this functionality.

Related Articles

How to add swap space on Ubuntu 21.04 Operating System

How to add swap space on Ubuntu 21.04 Operating System

The swap space is a unique space on the disk that is used by the system when Physical RAM is full. When a Linux machine runout the RAM it use swap space to move inactive pages from RAM. Swap space can be created into Linux system in two ways, one we can create a...

read more

Lorem ipsum dolor sit amet consectetur


Submit a Comment

Your email address will not be published. Required fields are marked *

5 × one =