Azure Monitor Agent requirements
This article provides requirements and prerequisites for using the Azure Monitor Agent. Before you follow guidance to install the agent in Install and manage the Azure Monitor Agent, review the information in this article.
Virtual machine extension details
The Azure Monitor Agent is implemented as an Azure virtual machine (VM) extension. Extension details are listed in the following table. You can install the extension by using any of the methods that you use to install a VM extension in Azure. For version information, see Azure Monitor Agent extension versions.
The following table lists property values to use per operating system for extension installation:
| Property | Windows | Linux |
|---|---|---|
Publisher |
Microsoft.Azure.Monitor |
Microsoft.Azure.Monitor |
Type |
AzureMonitorWindowsAgent |
AzureMonitorLinuxAgent |
TypeHandlerVersion |
See Azure Monitor Agent extension versions. | See Azure Monitor Agent extension versions. |
Permissions
For methods other than installing by using the Azure portal, you must have the following role assignments to install the agent:
| Built-in role | Scopes | Reason |
|---|---|---|
| Virtual Machine Contributor Azure Connected Machine Resource Administrator |
Virtual machines, scale sets Azure Arc-enabled servers |
To deploy the agent |
| Any role that includes the action Microsoft.Resources/deployments/* (for example, Log Analytics Contributor) | Subscription and/or resource group |
To deploy agent extension via Azure Resource Manager templates (also used by Azure Policy) |
Managed identity must be enabled on Azure virtual machines. Both user-assigned and system-assigned managed identities are supported.
User-assigned: This managed identity should be used for large-scale deployments and can be configured by using built-in Azure policies. You can create a user-assigned managed identity once and share it across multiple VMs. It's more scalable than a system-assigned managed identity. If you use a user-assigned managed identity, you must pass the managed identity details to the Azure Monitor Agent via extension settings:
{ "authentication": { "managedIdentity": { "identifier-name": "//mi_res_id OR object_id OR client_id", "identifier-value": "//<resource-id-of-uai> OR <guid-object-or-client-id>" } } }For
identifier-name, usemi_res_id,object_id, orclient_id. For more information onmi_res_id,object_id, andclient_id, see the Managed identity documentation.System-assigned: This managed identity is suited for initial testing and for small deployments. When used at scale, such as for all VMs in a subscription, it results in a substantial number of identities created and deleted in Microsoft Entra ID. To avoid this churn of identities, use user-assigned managed identities instead.
Important
System-assigned managed identity is the only supported authentication for Azure Arc-enabled servers. It's enabled automatically when you install the Azure Arc agent.
Disk space
Note
Azure Monitor Agent installation requires 500 MB in each of the following paths:
- /var
- /etc
- /opt
| Purpose | Environment | Path | Suggested space |
|---|---|---|---|
| Download and install packages | Linux | /var/lib/waagent/Microsoft.Azure.Monitor.AzureMonitorLinuxAgent-{Version}/ | 500 MB |
| Download and install packages | Windows | C:\Packages\Plugins\Microsoft.Azure.Monitor.AzureMonitorWindowsAgent | 500 MB |
| Extension logs | Linux (Azure VM) | /var/log/azure/Microsoft.Azure.Monitor.AzureMonitorLinuxAgent/ | 100 MB |
| Extension logs | Linux (Azure Arc) | /var/lib/GuestConfig/extension_logs/Microsoft.Azure.Monitor.AzureMonitorLinuxAgent-{version}/ | 100 MB |
| Extension logs | Windows (Azure VM) | C:\WindowsAzure\Logs\Plugins\Microsoft.Azure.Monitor.AzureMonitorWindowsAgent | 100 MB |
| Extension logs | Windows (Azure Arc) | C:\ProgramData\GuestConfig\extension_logs\Microsoft.Azure.Monitor.AzureMonitorWindowsAgent | 100 MB |
| Agent cache | Linux | /etc/opt/microsoft/azuremonitoragent, /var/opt/microsoft/azuremonitoragent | 500 MB |
| Agent cache | Windows (Azure VM) | C:\WindowsAzure\Resources\AMADataStore.{DataStoreName} | 10.5 GB |
| Agent cache | Windows (Azure Arc) | C:\Resources\Directory\AMADataStore.{DataStoreName} | 10.5 GB |
| Event cache | Linux | /var/opt/microsoft/azuremonitoragent/events | 10 GB |
| Event cache | Linux | /var/lib/rsyslog | 1 GB |
Cryptography
The Azure Monitor Agent does not work on Linux virtual machines when the systemwide crypto policy set in FUTURE mode. For more information, see the notes in Linux hardening.
Related content
- Create a data collection rule to collect data from the agent and send it to Azure Monitor.