- - Select Identities for each Authorization System that you would like members of this group to Request on.

- - Select **Next** and then select Identities for each Authorization System that you would like members of this group to Request on.

- - Select **Next** and then select Identities for each Authorization System that you would like members of this group to Request on.

-> The group writeback functionality is currently in Public Preview as we are collecting customer feedback and telemetry. Please refer to [the limitations](#understand-limitations-of-public-preview) before you enable this functionality.

-[GitOps on Azure Arc-enabled Kubernetes](conceptual-gitops-flux2.md) uses [Flux v2](https://fluxcd.io/docs/), a popular open-source tool set, to help manage cluster configuration and application deployment. GitOps is enabled in the cluster as a `Microsoft.KubernetesConfiguration/extensions/microsoft.flux` cluster extension resource.

-A retry policy is evaluated when a Timer, Kafka, or Event Hubs-triggered function raises an uncaught exception. As a best practice, you should catch all exceptions in your code and rethrow any errors that you want to result in a retry. Event Hubs checkpoints won't be written until the retry policy for the execution has finished. Because of this behavior, progress on the specific partition is paused until the current batch has finished.

-* [Quarkus guide to deploying on Azure](https://quarkus.io/guides/deploying-to-azure-cloud)

-| IIS Server (Azure Virtual Machines, on-premises, and so on) | Either use the [Microsoft.Data.SqlClient](https://www.nuget.org/packages/Microsoft.Data.SqlClient) NuGet package or use the Status Monitor PowerShell Module to [install the instrumentation engine](../../azure-monitor/app/status-monitor-v2-api-reference.md#enable-instrumentationengine) and restart IIS. |

-The configuration file is named `ApplicationInsights.config` or `ApplicationInsights.xml`. The name depends on the type of your application. It's automatically added to your project when you [install most versions of the SDK][start]. By default, when you use the automated experience from the Visual Studio template projects that support **Add** > **Application Insights Telemetry**, the `ApplicationInsights.config` file is created in the project root folder. When it's compiled, it's copied to the bin folder. It's also added to a web app by [Status Monitor on an IIS server][redfield]. The configuration file is ignored if the [extension for Azure websites](azure-web-apps.md) or the [extension for Azure VMs and virtual machine scale sets](azure-vm-vmss-apps.md) is used.

-[Dependency tracking](./asp-net-dependencies.md) collects telemetry about calls your app makes to databases and external services and databases. To allow this module to work in an IIS server, you need to [install Status Monitor][redfield].

-|Status Monitor | Supported, configuration required. | Status Monitor relies on [OS Configuration](/windows-server/security/tls/tls-registry-settings) + [.NET Configuration](/dotnet/framework/network-programming/tls#support-for-tls-12) to support TLS 1.2.

-| [Install Status Monitor on IIS][redfield] |Dependencies<br/>ServerContext<br/>Inferred<br/>Perf counters |

-| Dependencies |Type (SQL, HTTP, ...), connection string, or URI, sync/async, duration, success, SQL statement (with Status Monitor) |

-You need to open some outgoing ports in your server's firewall to allow the Application Insights SDK or Status Monitor to send data to the portal.

-## Status Monitor

-Status Monitor configuration is needed only when you're making changes.

-Ingestion sampling doesn't operate while adaptive or fixed-rate sampling is in operation. Adaptive sampling is enabled by default when the ASP.NET SDK or the ASP.NET Core SDK is being used, or when Application Insights is enabled in [Azure App Service ](azure-web-apps.md) or by using Status Monitor. When telemetry is received by the Application Insights service endpoint, it examines the telemetry and if the sampling rate is reported to be less than 100% (which indicates that telemetry is being sampled) then the ingestion sampling rate that you set is ignored.

-Successfully disabled Application Insights Status Monitor

-Successfully enabled Application Insights Status Monitor

-Successfully disabled Application Insights Status Monitor

-This cmdlet provides troubleshooting information about Status Monitor.

-2. Use the switch `-CollectRedfieldEvents` to collect events emitted by Status Monitor and the Redfield Runtime. These logs are helpful when diagnosing IIS and application startup.

-**Optional.** Use this switch to collect events from Status Monitor and the Redfield runtime.

-### Does Status Monitor v2 support ASP.NET Core applications?

-+ There's no need for a default profile as there's no time that isn't covered by the other profiles.

-az monitor autoscale profile create --autoscale-name VMSS1-Autoscale-607 --count 2 --max-count 10 --min-count 1 --name Thursdays --recurrence week thu --resource-group rg-vmss1 --start 06:00 --end 22:50 --timezone "Pacific Standard Time"

-az monitor autoscale rule create -g rg-vmss1 --autoscale-name VMSS1-Autoscale-607 --scale in 1 --condition "Percentage CPU < 25 avg 5m" --profile-name Thursdays

-az monitor autoscale rule create -g rg-vmss1 --autoscale-name VMSS1-Autoscale-607 --scale out 2 --condition "Percentage CPU > 50 avg 5m" --profile-name Thursdays

-> The JSON for your autoscale default profile is modified by adding a recurring profile.

-> The `name` element of the default profile is changed to an object in the format: `"name": "{\"name\":\"Auto created default scale condition\",\"for\":\"recurring profile\"}"` where *recurring profile* is the profile name of your recurring profile.

-> A new default profile is created for each recurring profile.

-This article shows you how to perform authentication so your code can use the [Azure Monitor REST API reference](/rest/api/monitor/).

-The Azure Monitor API makes it possible to programmatically retrieve the available default metric definitions, dimension values, and metric values. The data can be saved in a separate data store such as Azure SQL Database, Azure Cosmos DB, or Azure Data Lake. From there, more analysis can be performed as needed.

-Besides working with various metric data points, the Azure Monitor API also makes it possible to list alert rules, view activity logs, and do much more. For a full list of available operations, see the [Azure Monitor REST API reference](/rest/api/monitor/).

-All the tasks executed against the Azure Monitor API use the Azure Resource Manager authentication model. So, all requests must be authenticated with Azure Active Directory (Azure AD). One approach to authenticating the client application is to create an Azure AD service principal and retrieve the authentication (JWT) token.

-The following sample script demonstrates creating an Azure AD service principal via PowerShell. For a more detailed walkthrough, see the documentation on [using Azure PowerShell to create a service principal to access resources](/powershell/azure/create-azure-service-principal-azureps). It's also possible to [create a service principal via the Azure portal](../../active-directory/develop/howto-create-service-principal-portal.md).

-```powershell

-$subscriptionId = "{azure-subscription-id}"

-$resourceGroupName = "{resource-group-name}"

-# Authenticate to a specific Azure subscription.

-Connect-AzAccount -SubscriptionId $subscriptionId

-# Password for the service principal

-$pwd = "{service-principal-password}"

-$secureStringPassword = ConvertTo-SecureString -String $pwd -AsPlainText -Force

-# Create a new Azure AD application

-$azureAdApplication = New-AzADApplication `

- -DisplayName "My Azure Monitor" `

- -HomePage "https://localhost/azure-monitor" `

- -IdentifierUris "https://localhost/azure-monitor" `

- -Password $secureStringPassword

-# Create a new service principal associated with the designated application

-New-AzADServicePrincipal -ApplicationId $azureAdApplication.ApplicationId

-# Assign Reader role to the newly created service principal

-New-AzRoleAssignment -RoleDefinitionName Reader `

- -ServicePrincipalName $azureAdApplication.ApplicationId.Guid

-To query the Azure Monitor API, the client application should use the previously created service principal to authenticate. The following example PowerShell script shows one approach that uses the [Microsoft Authentication Library (MSAL)](../../active-directory/develop/msal-overview.md) to obtain the authentication token.

-```powershell

-$ClientID = "{client_id}"

-$loginURL = "https://login.microsoftonline.com"

-$tenantdomain = "{tenant_id}"

-$CertPassWord = "{password_for_cert}"

-$certPath = "C:\temp\Certs\testCert_01.pfx"

-

-[string[]] $Scopes = "https://graph.microsoft.com/.default"

-

-Function Load-MSAL {

- if ($PSVersionTable.PSVersion.Major -gt 5)

- {

- $core = $true

- $foldername = "netcoreapp2.1"

- }

- else

- {

- $core = $false

- $foldername = "net45"

- }

-

- # Download MSAL.Net module to a local folder if it does not exist there

- if ( ! (Get-ChildItem $HOME/MSAL/lib/Microsoft.Identity.Client.* -erroraction ignore) ) {

- install-package -Source nuget.org -ProviderName nuget -SkipDependencies Microsoft.Identity.Client -Destination $HOME/MSAL/lib -force -forcebootstrap | out-null

- }

-

- # Load the MSAL assembly -- needed once per PowerShell session

- [System.Reflection.Assembly]::LoadFrom((Get-ChildItem $HOME/MSAL/lib/Microsoft.Identity.Client.*/lib/$foldername/Microsoft.Identity.Client.dll).fullname) | out-null

- }

-

-Function Get-GraphAccessTokenFromMSAL {

-

- Load-MSAL

-

- $global:app = $null

-

- $x509cert = [System.Security.Cryptography.X509Certificates.X509Certificate2] (GetX509Certificate_FromPfx -CertificatePath $certPath -CertificatePassword $CertPassWord)

- write-host "Cert = {$x509cert}"

-

- $ClientApplicationBuilder = [Microsoft.Identity.Client.ConfidentialClientApplicationBuilder]::Create($ClientID)

- [void]$ClientApplicationBuilder.WithAuthority($("$loginURL/$tenantdomain"))

- [void]$ClientApplicationBuilder.WithCertificate($x509cert)

- $global:app = $ClientApplicationBuilder.Build()

-

- [Microsoft.Identity.Client.AuthenticationResult] $authResult = $null

- $AquireTokenParameters = $global:app.AcquireTokenForClient($Scopes)

- try {

- $authResult = $AquireTokenParameters.ExecuteAsync().GetAwaiter().GetResult()

- }

- catch {

- $ErrorMessage = $_.Exception.Message

- Write-Host $ErrorMessage

- }

-

- return $authResult

-}

-

-function GetX509Certificate_FromPfx($CertificatePath, $CertificatePassword){

- #write-host "Path: '$CertificatePath'"

-

- if(![System.IO.Path]::IsPathRooted($CertificatePath))

- {

- $LocalPath = Get-Location

- $CertificatePath = "$LocalPath\$CertificatePath"

- }

-

- #Write-Host "Looking for '$CertificatePath'"

-

- $certificate = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new($CertificatePath, $CertificatePassword)

-

- Return $certificate

-

-$myvar = Get-GraphAccessTokenFromMSAL

-Write-Host "Access Token: " $myvar.AccessToken

-

-Loading the certificate from a .pfx file in PowerShell can make it easier for an admin to manage certificates without having to install the certificate in the certificate store. However, this step shouldn't be done on a client machine because the user could potentially discover the file and the password for it and the method to authenticate. The client credentials flow is only intended to be run in a back-end service-to-service type of scenario where only admins have access to the machine.

-After authenticating, queries can then be executed against the Azure Monitor REST API. There are two helpful queries:

-> For more information on authenticating with the Azure REST API, see the [Azure REST API reference](/rest/api/azure/).

-**Method**: GET

-**Request URI**: https:\/\/management.azure.com/subscriptions/*{subscriptionId}*/resourceGroups/*{resourceGroupName}*/providers/*{resourceProviderNamespace}*/*{resourceType}*/*{resourceName}*/providers/microsoft.insights/metricDefinitions?api-version=*{apiVersion}*

-To retrieve the metric definitions for an Azure Storage account, the request would appear as the following example:

-```powershell

-$request = "https://management.azure.com/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Storage/storageAccounts/ContosoStorage/providers/microsoft.insights/metricDefinitions?api-version=2018-01-01"

-Invoke-RestMethod -Uri $request `

- -Headers $authHeader `

- -Method Get `

- -OutFile ".\contosostorage-metricdef-results.json" `

- -Verbose

-> [!NOTE]

-> Older versions of the metric definitions API didn't support dimensions. We recommend using API version "2018-01-01" or later.

->

-The resulting JSON response body would be similar to the following example (note that the second metric has dimensions):

- "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Storage/storageAccounts/ContosoStorage/providers/microsoft.insights/metricdefinitions/UsedCapacity",

- "resourceId": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Storage/storageAccounts/ContosoStorage",

- {

- "timeGrain": "PT6H",

- "retention": "P93D"

- },

- "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Storage/storageAccounts/ContosoStorage/providers/microsoft.insights/metricdefinitions/Transactions",

- "resourceId": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Storage/storageAccounts/ContosoStorage",

- {

- "timeGrain": "PT15M",

- "retention": "P93D"

- },

- {

- "timeGrain": "PT6H",

- "retention": "P93D"

- },

- {

- "timeGrain": "PT12H",

- "retention": "P93D"

- },

-After the available metric definitions are known, there might be some metrics that have dimensions. Before you query for the metric, you might want to discover the range of values that a dimension has. Based on these dimension values, you can then choose to filter or segment the metrics based on dimension values while you query for metrics. Use the [Azure Monitor Metrics REST API](/rest/api/monitor/metrics) to find all the possible values for a given metric dimension.

-Use the metric's name `value` (not `localizedValue`) for any filtering requests. If no filters are specified, the default metric is returned. The use of this API only allows one dimension to have a wildcard filter. The key difference between a dimension values request and a metric data request is specifying the `"resultType=metadata"` query parameter.

-**Method**: GET

-**Request URI**: https\://management.azure.com/subscriptions/*{subscription-id}*/resourceGroups/*{resource-group-name}*/providers/*{resource-provider-namespace}*/*{resource-type}*/*{resource-name}*/providers/microsoft.insights/metrics?metricnames=*{metric}*&timespan=*{starttime/endtime}*&$filter=*{filter}*&resultType=metadata&api-version=*{apiVersion}*

-For example, to retrieve the list of dimension values that were emitted for the `API Name` dimension for the `Transactions` metric, where the GeoType dimension = `Primary` during the specified time range, the request would be:

-```powershell

-$filter = "APIName eq '*' and GeoType eq 'Primary'"

-$request = "https://management.azure.com/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Storage/storageAccounts/ContosoStorage/providers/microsoft.insights/metrics?metricnames=Transactions&timespan=2018-03-01T00:00:00Z/2018-03-02T00:00:00Z&resultType=metadata&`$filter=GeoType eq 'Primary' and ApiName eq '*'&api-version=2019-07-01"

-Invoke-RestMethod -Uri $request `

- -Headers $authHeader `

- -Method Get `

- -OutFile ".\contosostorage-dimension-values.json" `

- -Verbose

-The resulting JSON response body would be similar to the following example:

- "timespan": "2018-03-01T00:00:00Z/2018-03-02T00:00:00Z",

- "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Storage/storageAccounts/ContosoStorage/providers/Microsoft.Insights/metrics/Transactions",

-After the available metric definitions and possible dimension values are known, it's then possible to retrieve the related metric values. Use the [Azure Monitor Metrics REST API](/rest/api/monitor/metrics) to retrieve the metric values.

-Use the metric's name `value` (not `localizedValue`) for any filtering requests. If no dimension filters are specified, the rolled up aggregated metric is returned. To fetch multiple time series with specific dimension values, specify a filter query parameter that specifies both dimension values such as `"&$filter=ApiName eq 'ListContainers' or ApiName eq 'GetBlobServiceProperties'"`. To return a time series for every value of a given dimension, use an `*` filter such as `"&$filter=ApiName eq '*'"`. The `Top` and `OrderBy` query parameters can be used to limit and order the number of time series returned.

-**Method**: GET

-**Request URI**: https:\//management.azure.com/subscriptions/*{subscription-id}*/resourceGroups/*{resource-group-name}*/providers/*{resource-provider-namespace}*/*{resource-type}*/*{resource-name}*/providers/microsoft.insights/metrics?metricnames=*{metric}*&timespan=*{starttime/endtime}*&$filter=*{filter}*&interval=*{timeGrain}*&aggregation=*{aggreation}*&api-version=*{apiVersion}*

-For example, to retrieve the top three APIs, in descending value, by the number of `Transactions` during a 5-minute range, where the GeoType was `Primary`, the request would be:

-```powershell

-$filter = "APIName eq '*' and GeoType eq 'Primary'"

-$request = "https://management.azure.com/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Storage/storageAccounts/ContosoStorage/providers/microsoft.insights/metrics?metricnames=Transactions&timespan=2018-03-01T02:00:00Z/2018-03-01T02:05:00Z&`$filter=apiname eq 'GetBlobProperties'&interval=PT1M&aggregation=Total&top=3&orderby=Total desc&api-version=2019-07-01"

-Invoke-RestMethod -Uri $request `

- -Headers $authHeader `

- -Method Get `

- -OutFile ".\contosostorage-metric-values.json" `

- -Verbose

-The resulting JSON response body would be similar to the following example:

- "timespan": "2018-03-01T02:00:00Z/2018-03-01T02:05:00Z",

- "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Storage/storageAccounts/ContosoStorage/providers/Microsoft.Insights/metrics/Transactions",

- "timeStamp": "2017-09-19T02:00:00Z",

- "timeStamp": "2017-09-19T02:01:00Z",

- "timeStamp": "2017-09-19T02:02:00Z",

- "timeStamp": "2017-09-19T02:03:00Z",

- "timeStamp": "2017-09-19T02:04:00Z",

-### Use ARMClient

-Another approach is to use [ARMClient](https://github.com/projectkudu/armclient) on your Windows machine. ARMClient handles the Azure AD authentication (and resulting JWT token) automatically. The following steps outline the use of ARMClient for retrieving metric data:

-1. Install [Chocolatey](https://chocolatey.org/) and [ARMClient](https://github.com/projectkudu/armclient).

-1. In a terminal window, enter **armclient.exe login**. Doing so prompts you to sign in to Azure.

-1. Enter **armclient GET [your_resource_id]/providers/microsoft.insights/metricdefinitions?api-version=2016-03-01**.

-1. Enter **armclient GET [your_resource_id]/providers/microsoft.insights/metrics?api-version=2016-09-01**.

-For example, to retrieve the metric definitions for a specific logic app, issue the following command:

-```console

-armclient GET /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Logic/workflows/ContosoTweets/providers/microsoft.insights/metricDefinitions?api-version=2016-03-01

-```

-## Retrieve the resource ID

-Using the REST API can help you to understand the available metric definitions, granularity, and related values. That information is helpful when you use the [Azure Management Library](/previous-versions/azure/reference/mt417623(v=azure.100)).

-For the preceding code, the resource ID to use is the full path to the desired Azure resource. For example, to query against an Azure Web App, the resource ID would be:

-*/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/Microsoft.Web/sites/{site-name}/*

-The following list contains a few examples of resource ID formats for various Azure resources:

-* **Azure IoT Hub**: /subscriptions/*{subscription-id}*/resourceGroups/*{resource-group-name}*/providers/Microsoft.Devices/IotHubs/*{iot-hub-name}*

-* **Elastic SQL pool**: /subscriptions/*{subscription-id}*/resourceGroups/*{resource-group-name}*/providers/Microsoft.Sql/servers/*{pool-db}*/elasticpools/*{sql-pool-name}*

-* **Azure SQL Database (v12)**: /subscriptions/*{subscription-id}*/resourceGroups/*{resource-group-name}*/providers/Microsoft.Sql/servers/*{server-name}*/databases/*{database-name}*

-* **Azure Service Bus**: /subscriptions/*{subscription-id}*/resourceGroups/*{resource-group-name}*/providers/Microsoft.ServiceBus/*{namespace}*/*{servicebus-name}*

-* **Azure Virtual Machine Scale Sets**: /subscriptions/*{subscription-id}*/resourceGroups/*{resource-group-name}*/providers/Microsoft.Compute/virtualMachineScaleSets/*{vm-name}*

-* **Azure Virtual Machines**: /subscriptions/*{subscription-id}*/resourceGroups/*{resource-group-name}*/providers/Microsoft.Compute/virtualMachines/*{vm-name}*

-* **Azure Event Hubs**: /subscriptions/*{subscription-id}*/resourceGroups/*{resource-group-name}*/providers/Microsoft.EventHub/namespaces/*{eventhub-namespace}*

-There are alternative approaches to retrieving the resource ID. You can use Azure Resource Explorer, view the desired resource in the Azure portal, and use PowerShell or the Azure CLI.

-### Azure Resource Explorer

-To find the resource ID for a desired resource, one helpful approach is to use the [Azure Resource Explorer](https://resources.azure.com) tool. Go to the desired resource and then look at the ID shown, as in the following screenshot:

-

-### Azure portal

-The resource ID can also be obtained from the Azure portal. To do so, go to the desired resource and then select **Properties**. The resource ID appears in the **Properties** section, as seen in the following screenshot:

-

-### Azure PowerShell

-Id : /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Logic/workflows/ContosoTweets

-### Azure CLI

-az storage account show -g azmon-rest-api-walkthrough -n contosotweets2017

- "creationTime": "2017-08-18T19:58:41.840552+00:00",

- "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/azmon-rest-api-walkthrough/providers/Microsoft.Storage/storageAccounts/contosotweets2017",

- "name": "contosotweets2017",

- "blob": "https://contosotweets2017.blob.core.windows.net/",

- "file": "https://contosotweets2017.file.core.windows.net/",

- "queue": "https://contosotweets2017.queue.core.windows.net/",

- "table": "https://contosotweets2017.table.core.windows.net/"

-In addition to metric definitions and related values, it's also possible to use the Azure Monitor REST API to retrieve other interesting insights related to Azure resources. As an example, it's possible to query [activity log](/rest/api/monitor/activitylogs) data. The following sample requests use the Azure Monitor REST API to query an activity log.

-Get activity logs with filter:

-``` HTTP

-GET https://management.azure.com/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/providers/microsoft.insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2018-01-21T20:00:00Z' and eventTimestamp le '2018-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'

-Get activity logs with filter and select:

-```HTTP

-GET https://management.azure.com/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/providers/microsoft.insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'&$select=eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level

-```

-Get activity logs with select:

-```HTTP

-GET https://management.azure.com/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/providers/microsoft.insights/eventtypes/management/values?api-version=2015-04-01&$select=eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level

-```

-Get activity logs without filter or select:

-GET https://management.azure.com/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/providers/microsoft.insights/eventtypes/management/values?api-version=2015-04-01

-If you receive a 429, 503, or 504 error, retry the API in one minute.

-* Review the [Azure Management Library](/previous-versions/azure/reference/mt417623(v=azure.100)).

-Before you can generate a token using your app, client ID, and secret, assign the app to a role using Access control (IAM) for resource that you want to access.

-The role will depend on the resource type and the API that you want to use.

-For more information see [Assign Azure roles using the Azure portal](https://learn.microsoft.com/azure/role-based-access-control/role-assignments-portal)

-Once you have assigned a role you can use your app, client ID, and client secret to generate a bearer token to access the REST API.

-* Cross-resource query is not supported in View Designer. You can Author a query in Log Analytics and pin it to Azure dashboard to [visualize a log query](../visualize/tutorial-logs-dashboards.md) or include in [Workbooks](../visualize/workbooks-overview.md).

-When you shorten an existing retention policy, it takes 30 days for Azure Monitor to remove data, to prevent data loss in error configuration, and let you revert it. You can [purge data](#purge-retained-data) immediately when required.

-Data export is optimized for moving large data volumes to your destinations. The export operation might fail for destinations capacity or availability, and a retry process continues for up to 12-hours. For more information, see [Create or update a data export rule](#create-or-update-a-data-export-rule) for destination limits and recommended alerts. If the destinations are still unavailable after the retry period, data is discarded. In certain retry conditions, retry can cause a fraction of duplicated records.

->When you log on to the vSphere Client, you may notice a VM Storage Policy called **vSAN Default Storage Policy** with **Object Space Reservation** set to **Thick** provisioning. Please note that this is not the default storage policy applied to the cluster. This policy exists for historical purposes and will eventually be modified to **Thin** provisioning.

->All of the software-defined data center (SDDC) management VMs (vCenter Server, NSX-T Manager, NSX-T Data Center Edges, and others) use the **Microsoft vSAN Management Storage Policy**, with **Object Space Reservation** set to **Thick** provisioning.

-When an Azure Cosmos DB SDK on Direct mode is performing an operation, it needs to resolve which backend replica to connect to. The first step is knowing which physical partition should the operation go to, and for that, the SDK obtains the container information that includes the [partition key definition](../partitioning-overview.md#choose-partitionkey) from a Gateway node and considered [metadata](../concepts-limits.md#metadata-request-limits). It also needs the routing information that contains the replicas' TCP addresses. The routing information is available also from Gateway nodes. Once the SDK obtains the routing information, it can proceed to open the TCP connections to the replicas belonging to the target physical partition and execute the operations.

-Azure savings plans help you save money by committing to an hourly spend for one-year or three-years plans for Azure compute resources. Saving plans discounts apply to usage from virtual machines, Dedicated Hosts, Container Instances, App Services and Azure Premium Functions. The hourly commitment is priced in USD for Microsoft Customer Agreement customers and local currency for Enterprise customers.

-Before you enter a commitment to buy a savings plan, review the following sections to prepare for your purchase.

-You can buy a savings plan for an Azure subscription that's of type Enterprise Agreement (EA) offer code MS-AZR-0017P or MS-AZR-0148P, Microsoft Customer Agreement (MCA), or Microsoft Partner Agreement (MPA). If don't know what subscription type you have, see [check your billing type](../manage/view-all-accounts.md#check-the-type-of-your-account).

-## Change agreement type to one supported by savings plan

-If your current agreement type isn't supported by a savings plan, you might be able to transfer or migrate it to one that's supported. For more information, see the following articles.

-## Required permission and how to buy

-You can buy a savings plan using the Azure portal or with the [Savings Plan Order Alias - Create](/rest/api/billingbenefits/savings-plan-order-alias/create) REST API.

-### Purchase in the Azure portal

-Required permission and the steps to buy vary, depending on your agreement type.

-#### Enterprise Agreement customers

-#### Microsoft Customer Agreement (MCA) customers

-#### Microsoft Partner Agreement partners

-Buy savings plans by using RBAC permissions or with permissions on your billing scope. When using the [Savings Plan Order Alias - Create](/rest/api/billingbenefits/savings-plan-order-alias/create) REST API, the format of the `billingScopeId` in the request body is used to control the permissions that are checked.

-To purchase using RBAC permissions:

-To purchase using billing permissions:

-## Scope savings plans

-You can scope a savings plan to a shared scope, management group, subscription, or resource group scopes. Setting the scope for a savings plan selects where the savings plan savings apply. When you scope the savings plan to a resource group, savings plan discounts apply only to the resource groupΓÇönot the entire subscription.

-### Savings plan scoping options

-You have the following options to scope a savings plan, depending on your needs:

- - For Enterprise Agreement customers, the billing scope is the enrollment. The savings plan shared scope would include multiple Active Directory tenants in an enrollment.

- - For Microsoft Customer Agreement customers, the billing scope is the billing profile.

- - For Microsoft Partner Agreement, the billing scope is a customer.

-When savings plan discounts are applied to your usage, Azure processes the savings plan in the following order:

-1. Savings plans with a single resource group scope

-2. Savings plans with a single subscription scope

-3. Savings plans scoped to a management group

-4. Savings plans with a shared scope (multiple subscriptions), described previously

-You can always update the scope after you buy a savings plan. To do so, go to the savings plan, select **Configuration**, and rescope the savings plan. Rescoping a savings plan isn't a commercial transaction. Your savings plan term isn't changed. For more information about updating the scope, see [Update the scope after you purchase a savings plan](manage-savings-plan.md#change-the-savings-plan-scope).

-## Discounted subscription and offer types

-Savings plan discounts apply to the following eligible subscriptions and offer types.

-You should purchase savings plans based on consistent base usage. Committing to a greater spend than your historical usage could result in an underutilized commitment, which should be avoided when possible. Unused commitment doesn't carry over from one hour to next. Usage exceeding the savings plan commitment is charged using more expensive pay-as-you-go rates.

-Savings plan purchase recommendations are calculated by analyzing your hourly usage data over the last 7, 30, and 60 days. Azure calculates what your costs would have been if you had a savings plan and compares it with your actual pay-as-you-go costs incurred over the time duration. The calculation is performed for every quantity that you used during the time frame. The commitment amount that maximizes your savings is recommended.

-For example, you might use 500 VMs most of the time, but sometimes usage spikes to 700 VMs. In this example, Azure calculates your savings for both the 500 and 700 VM quantities. Since the 700 VM usage is sporadic, the recommendation calculation determines that savings are maximized for a savings plan commitment that is sufficient to cover 500 VMs and the recommendation is provided for that commitment.

- - However, an update for the commitment amount recommendation across scopes can take up to 25 days. For example, if you purchase based on shared scope recommendations, the single subscription scope recommendations can take up to 25 days to adjust down.

-Savings plan purchases are calculated by the recommendations engine for the selected term and scope, based on last 30-days of usage. Recommendations are shown in the savings plan purchase experience in the Azure portal.

-## Need help? Contact us.

-If you have Azure savings plan for compute questions, contact your account team, or [create a support request](https://portal.azure.com/#blade/Microsoft_Azure_Support/HelpAndSupportBlade/newsupportrequest). Temporarily, Microsoft will only provide Azure savings plan for compute expert support requests in English.

-## View and manage savings plans

-If you're a billing administrator, use following steps to view, and manage all savings plans and savings plan transactions in the Azure portal.

-1. Sign into the [Azure portal](https://portal.azure.com/) and navigate to **Cost Management + Billing**.

-1. The complete list of savings plans for your EA enrollment or billing profile is shown.

-## Add billing administrators

- - Users with the _Enterprise Administrator (read only)_ role can only view the savings plan from **Cost Management + Billing**.

- - Department admins and account owners can't view savings plans _unless_ they're explicitly added to them using Access control (IAM). For more information, see [Managing Azure Enterprise roles](../manage/understand-ea-roles.md).

-If you purchased the savings plan or you're added to a savings plan, use the following steps to view and manage savings plans in the Azure portal.

-2. Select **All Services** > **Savings plans** to list savings plans that you have access to.

-You can elevate a user's [access to manage all Azure subscriptions and management groups](../../role-based-access-control/elevate-access-global-admin.md). After you have elevated access:

-1. Navigate to **All Services** > **Savings plan** to see all savings plans that are in the tenant.

-2. To make modifications to the savings plan, add yourself as an owner of the savings plan order using Access control (IAM).

-## Grant access to individual savings plans

-Users who have owner access on the savings plans, and billing administrators can delegate access management for an individual savings plan order in the Azure portal. To allow other people to manage savings plans, you have two options:

- For detailed steps, see [Assign Azure roles using the Azure portal](../../role-based-access-control/role-assignments-portal.md).

- - For an Enterprise Agreement, add users with the _Enterprise Administrator_ role to view and manage all savings plan orders that apply to the Enterprise Agreement. Users with the _Enterprise Administrator (read only)_ role can only view the savings plan. Department admins and account owners can't view savings plans _unless_ they're explicitly added to them using Access control (IAM). For more information, see [Managing Azure Enterprise roles](../manage/understand-ea-roles.md).

- - For a Microsoft Customer Agreement, users with the billing profile owner role or the billing profile contributor role can manage all savings plan purchases made using the billing profile. Billing profile readers and invoice managers can view all savings plans that are paid for with the billing profile. However, they can't make changes to savings plans. For more information, see [Billing profile roles and tasks](../manage/understand-mca-roles.md#billing-profile-roles-and-tasks).

-Azure savings plan purchase recommendations are provided through [Azure Advisor](../../advisor/advisor-reference-cost-recommendations.md#reserved-instances), and through the savings plan purchase experience in the Azure portal.

-## Purchase recommendations in the Azure portal

-The savings plan purchase experience shows up to 10 commitment amounts. All recommendations are based on the last 30 days of usage. For each amount, we include the percentage (off your current pay-as-you-go costs) that the amount could save you. The percentage of your total compute usage that would be covered with the commitment amount is also included.

-By default, the recommendations are for the entire billing scope (billing account or billing profile for MCA and enrollment account for EA). You can also view subscription and resource group-level recommendations by restricting benefit application to one of those levels.

-Recommendations are based the selected terms, so you'll see the 1-year or 3-year recommendations at each level by toggling the term options. We don't currently support management group-level recommendations.

-The first recommendation value is the one that is projected to result in the highest percent savings. The other values allow you to see how increasing or decreasing your commitment could affect both your savings and compute coverage. When the commitment amount is increased, your savings could be reduced because you could end up with reduced utilization. In other words, you'd pay for an hourly commitment that isn't fully used. If you lower the commitment, your savings could also be reduced. Although you'll have increased utilization, there will likely be periods when your savings plan won't fully cover your use. Usage beyond your hourly commitment will be charged at the more expensive pay-as-you-go rates.

-## How hourly commitment recommendations are generated

-When Azure recommends an hourly amount for a savings plan, it tries to help you make the most cost-effective commitment. Recommendations are generated by examining your historical on-demand usage. Calculations include any discounts that you might have on your on-demand rates. Usage covered by existing reservations or savings plans is excluded.

-The first step is to determine the total on-demand charge from savings plan-eligible resources for each hour during the last 30 days. Each candidate amount is used to determine your recommended hourly commitments.

-Azure then runs simulations of what your total costs would have been if each candidate were your hourly commitment for both a 1-year and 3-year savings plan. Simulations are performed for usage at the billing account/profile, and at the subscription and resource group levels.

-With each candidate:

- - For example, when savings plan-discounted usage plus saving plan commitment is less than on-demand charges during that hour.

- - For example, when discounted usage plus hourly commitment is greater than or equal to on-demand charges.

-For each candidate, Azure sums all simulated hourly charges. The sum is then compared to your actual on-demand charges to determine the total savings provided by that candidate. Because compute usage varies over time, the simulations are run several times a day, using a rolling 30-day usage window.

-As the savings are calculated for each candidate, Azure determines the percentage of your compute usage that would be covered by the candidate savings plan plus any other previously purchased reservations or savings plan. For example, when a specific value hourly savings plan commitment results in a specific percentage of your compute usage being covered by one or more savings plans or reservations.

-Finally, Azure selects a set of differentiated candidates, currently up to 10 each for 1-year and 3-year commitments, that provide the greatest savings across different compute coverage levels. Azure provides them as recommendations - the amount with the greatest savings for 1-year and 3-year are the highlighted options.

-To account for scenarios where there was significant reductions in your usage, including recently decommissioned services, Azure runs more simulations using only the last three days of usage. The lower of the 3-day and 30-day recommendations are highlighted, even when the 30-day recommendation appears to provide greater savings. Azure tries to ensure that you don't overcommit based on stale data.

-When you trade one or more reservations for a savings plan, you're shifting the balance of your previous commitments to a new savings plan commitment. For example, if you have a one year reservation with a value of $500, and half way through the term you look to trade it for a savings plan, you would still have an outstanding commitment of about $250.

-As part of the trade in, the outstanding commitment is automatically included in your new savings plan. We do it by dividing the outstanding commitment by the number of hours in the term of the new savings plan. For example, 24 \* term length in days. And by making the value the minimum hourly commitment you can make during as part of the trade-in. Using the previous example, the $250 amount would be converted into an hourly commitment of ~ $0.029 for a new one year savings plan.

-1. Download your price list.

-2. For each reservation order you're returning, find the product in the price sheet and determine its unit price under either a 1-year or 3-year savings plan (filter by term and price type).

-3. Multiply the rate by the number of instances that are being returned.

-4. Repeat for each reservation order to be returned.

-5. Sum the values and enter it as the hourly commitment.

-## Recommendations in Azure Advisor

-When appropriate, a savings plan purchase recommendation can also be found in Azure Advisor. Keep in mind the following points:

-Azure savings plans provide flexibility to help meet your evolving needs by providing discounted rates for VMs, dedicated hosts, container instances, Azure premium functions and Azure app services, across all supported regions.

-If you find that your Azure VMs, Dedicated Hosts, or Azure App Services reservations, don't provide the necessary flexibility you require, you can trade these reservations for a savings plan. When you trade-in a reservation and purchase a savings plan, you can select a savings plan term of either one-year to three-year.

-> [!NOTE]

-> Exchanges will be unavailable for Azure reserved instances for compute services purchased on or after **January 1, 2024**. Azure savings plan for compute is designed to help you save broadly on predictable compute usage. The savings plan provides more flexibility needed to accommodate changes such as virtual machine series and regions. With savings plan providing the flexibility automatically, we’re adjusting our reservations exchange policy. You can continue to exchange VM sizes (with instance size flexibility) but we'll no longer support exchanging instance series or regions for Azure Reserved Virtual Machine Instances, Azure Dedicated Host reservations, and Azure App Services reservations. For a limited time you may trade-in your Azure reserved instances for compute for a savings plan. Or, you may continue to use and purchase reservations for those predictable, stable workloads where you know the specific configuration you’ll need and want additional savings. For more information, see [Self-service exchanges and refunds for Azure Reservations](../reservations/exchange-and-refund-azure-reservations.md).

-> - You must have owner access on the Reservation Order to trade in an existing reservation. You can [Add or change users who can manage a savings plan](manage-savings-plan.md#who-can-manage-a-savings-plan).

-> - Microsoft is not currently charging early termination fees for reservation trade ins. We might charge the fees made in the future. We currently don't have a date for enabling the fee.

-1. Enter a friendly name for the savings plan. Select the scope where the savings plan benefit will apply and select the term length. Scopes include shared, subscription, resource group, and management group.

-By default, the hourly commitment is derived from the remaining value of the reservations that are traded in. Although it's the minimum hourly commitment you may make, it might not be a large enough benefit commitment to cover the VMs that were previously covered by the reservations that you're returning.

-To determine the remaining commitment amount needed to cover your VMs:

-1. Download your price sheet. For more information, see [View and download your Azure pricing](../manage/ea-pricing.md).

-1. Search the price sheet for the 1-year or 3-year savings plan rate for VM products associated with the reservations that you're returning.

-1. For each reservation, multiply the savings plan rate with the quantity you want to return.

-1. Enter the total of the above step as the hourly commitment, then **Add** to your cart.

-1. Review and complete the transaction.

-Azure savings plans save you money when you have consistent usage of Azure compute resources. An Azure savings plan helps you save money by allowing you to commit to a fixed hourly spend on compute services for one-year or three-year terms. A savings plan can significantly reduce your resource costs by up to 65% from pay-as-you-go prices. Discount rates per meter vary by commitment term (1-year or 3-year), not commitment amount.

-Each hour with savings plan, your compute usage is discounted until you reach your commitment amount ΓÇô subsequent usage afterward is priced at pay-as-you-go rates. Savings plan commitments are priced in USD for Microsoft Customer Agreement and Microsoft Partner Agreement customers, and in local currency for Enterprise Agreement customers. Usage from compute services such as VMs, dedicated hosts, container instances, Azure premium functions, and Azure app services are eligible for savings plan discounts.

-You can acquire a savings plan by making a new commitment, or you can trade in one or more active reservations for a savings plan. When you acquire a savings plan with a reservation trade in, the reservation is canceled. The prorated residual value of the unused reservation benefit is converted to the equivalent hourly commitment for the savings plan. The commitment may not be sufficient for your needs, and while you may not reduce it, you can increase it to cover your needs.

-Currently, you can only acquire savings plans in the Azure portal. You can pay for a savings plan up front or monthly. The total cost of up-front and monthly savings plan is the same. You don't pay any extra fees when you choose to pay monthly. After you purchase a savings plan, the discount automatically applies to matching resources. Savings plans provide a billing discount and don't affect the runtime state of your resources.

-If you have consistent compute spend, buying a savings plan gives you the option to reduce your costs. For example, when you continuously run instances of a service without a savings plan, you're charged at pay-as-you-go rates. When you buy a savings plan, your compute usage is immediately eligible for the savings plan discount. Your discounted rates add-up to the commitment amount. Usage covered by a savings plan receives discounted rates, not the pay-as-you-go rates. If you need help to decide on which type of commitment to make, see [Decide between a savings plan and a reservation](decide-between-savings-plan-reservation.md).

-Almost immediately after purchase the savings plan benefit begins to apply without other action required by you. Every hour, we apply savings plan benefit to plan-eligible meters that are within the savings plan's scope. The benefits are applied to the meter with the greatest discount percentage first. Savings plan scope selects where the savings plan benefit applies.

-For more information about benefits are applied, see [Savings plan discount application](discount-application.md).

-For more information about how savings plan scope works, see [Scope savings plans](buy-savings-plan.md#scope-savings-plans).

-On-demand usage from compute services such as VMs, dedicated hosts, container instances, Azure premium functions, and Azure app services are eligible for savings plan benefits. It's important to consider your usage when you determine your hourly commitment. Azure provides [commitment recommendations](purchase-recommendations.md) based on usage from your last 30 days. The recommendations are found in:

-You can also analyze your usage data to determine a different hourly commitment.

-For more information, seeΓÇ»[Choose an Azure saving plan commitment amount](choose-commitment-amount.md)

-You can purchase savings plans from the Azure portal. For more information, seeΓÇ»[Buy a savings plan](buy-savings-plan.md).

-The savings plan is charged to the payment method tied to the subscription. The savings plan cost is deducted from your Azure Prepayment (previously called monetary commitment) balance, if available. When your Azure Prepayment balance doesn't cover the cost of the savings plan, you're billed the overage. If you have a subscription from an individual plan with pay-as-you-go rates, the credit card you have on your account is billed immediately for up-front and for monthly purchases. Monthly payments that's you've made appear on your invoice. When you're billed by invoice, you see the charges on your next invoice.

-## Who can manage a savings plan by default

-With sufficient permissions, you can view the savings plan and usage in the Azure portal. You can get the data using APIs, as well.

-For more information about savings plan permissions in the Azure portal, seeΓÇ»[Permissions to view and manage Azure savings plans](permission-view-manage.md)

-After you buy an Azure savings plan, you can update the scope to apply the savings plan to a different subscription and change who can manage the savings plan.

-For more information, seeΓÇ»[Manage Azure savings plans](manage-savings-plan.md).

-Some exclusions apply to the above services.

-For Windows virtual machines and SQL Database, the savings plan discount doesn't apply to the software costs. You can cover the licensing costs with [Azure Hybrid Benefit](https://azure.microsoft.com/pricing/hybrid-benefit/).

-If you have Azure savings plan for compute questions, contact your account team, or [create a support request](https://portal.azure.com/#blade/Microsoft_Azure_Support/HelpAndSupportBlade/newsupportrequest). Temporarily, Microsoft will only provide Azure savings plan for compute expert support requests in English.

-Fields in the Azure cost data that are relevant to savings plan scenarios are listed below.

-In Azure Cost Management, cost details provide savings plan cost in two separate data sets: _Actual Cost_ and _Amortized Cost_. How these two datasets differ:

-**Actual Cost** - Provides data to reconcile with your monthly bill. The data has savings plan purchase costs and savings plan application details. With the data, you can know which subscription or resource group or resource received the savings plan discount in a particular day. The `EffectivePrice` for the usage that receives the savings plan discount is zero.

-**Amortized Cost** - This dataset is similar to the Actual Cost dataset except that - the `EffectivePrice` for the usage that gets savings plan discount is the prorated cost of the savings plan (instead of being zero). It helps you know the monetary value of savings plan consumption by a subscription, resource group or a resource, and it can help you charge back for the savings plan utilization internally. The dataset also has unused hours in the savings plan that have been charged for the hourly commitment amount. The dataset doesn't have savings plan purchase records.

-Here's a comparison of the two data sets:

-| Savings plan purchases | Available in the view.<br><br>To get the data, filter on ChargeType = `Purchase`.<br><br>Refer to `BenefitID` or `BenefitName` to know which savings plan the charge is for. | Not applicable to the view.<br><br>Purchase costs aren't provided in amortized data. |

-| Unused Savings Plan (provides the number of hours the savings plan wasn't used in a day and the monetary value of the waste) | Not applicable in the view. | Available in the view.<br><br>To get the data, filter on ChargeType = `UnusedSavingsPlan`.<br><br>Refer to `BenefitID` or `BenefitName` to know which savings plan was underutilized. Indicates how much of the savings plan was wasted for the day. |

-| UnitPrice (price of the resource from your price sheet) | Available | Available |

-You can get the data using the API or download it from Azure portal. Call the [Cost Details API](/rest/api/cost-management/generate-cost-details-report/create-operation) to get the new data. For details about terminology, seeΓÇ»[Usage terms](../understand/understand-usage.md). To learn more about how to call the Cost Details API, see [Get cost data on demand](../automate/get-small-usage-datasets-on-demand.md).

-Information in the following table about metric and filter can help solve for common savings plan problems.

-| **Type of API data** | **API call action** |

-|||

-| **All Charges (usage and purchases)** | Request for an ActualCost report. |

-| **Usage that got savings plan discount** | Request for an ActualCost report.<br><br> Once you've ingested all of the usage, look for records with ChargeType = 'Usage' and PricingModel = 'SavingsPlan'. |

-| **Usage that didn't get savings plan discount** | Request for an ActualCost report.<br><br> Once you've ingested all of the usage, filter for usage records with PricingModel = 'OnDemand'. |

-| **Amortized charges (usage and purchases)** | Request for an AmortizedCost report. |

-| **Unused savings plan report** | Request for an AmortizedCost report.<br><br> Once you've ingested all of the usage, filter for usage records with ChargeType = 'UnusedSavingsPlan' and PricingModel ='SavingsPlan'. |

-| **Savings plan purchases** | Request for an ActualCost report.<br><br> Once you've ingested all of the usage, filter for usage records with ChargeType = 'Purchase' and PricingModel = 'SavingsPlan'. |

-| **Refunds** | Request for an ActualCost report.<br><br> Once you've ingested all of the usage, filter for usage records with ChargeType = 'Refund'. |

-To download your saving plan cost and usage file, using the information in the following sections.

-### Download for EA customers

-If you're an EA admin, you can download the CSV file that contains new cost data from the Azure portal. This data isn't available from the EA portal (ea.azure.com), you must download the cost file from Azure portal (portal.azure.com) to see the new data.

-1. Select the enrollment.

-1. Select **Usage + charges**.

-1. Select **Download**.

-1. In **Download Usage + Charges**, under **Usage Details Version 2**, select **All Charges (usage and purchases)** and then select download. Repeat for **Amortized charges (usage and purchases)**.

-### Download for MCA customers

-If you're an Owner, Contributor, or Reader on your Billing Account, you can download the CSV file that contains new usage data from the Azure portal. In the Azure portal, navigate to Cost Management + Billing.

- 1. To download the usage for the current month, select **Download pending usage**.

- 2. To download the usage for a previous invoice, select the ellipsis symbol (**...**) and select **Prepare Azure usage file**.

-4. If you want to download the Amortized Cost CSV file, you'll need to use Exports or our Cost Details API.

- 1. To use Exports, see [Export data](../costs/tutorial-export-acm-data.md).

- 2. To use the Cost Details API, see [Get small cost datasets on demand](../automate/get-small-usage-datasets-on-demand.md).

-The following sections are common tasks that most people use to view their savings plan cost and usage data.

-Savings plan purchase costs are available in Actual Cost data. Filter for ChargeType = `Purchase`. Refer to `ProductOrderID` to determine which savings plan order the purchase is for.

-Get amortized cost data and filter for `ChargeType` = `UnusedSavingsPlan` and `PricingModel` = `SavingsPlan`. You get the daily unused savings plan quantity and the cost. You can filter the data for a savings plan or savings plan order using `BenefitId` and `ProductOrderId` fields, respectively. If a savings plan was 100% utilized, the record has a quantity of 0.

-### Amortized savings plan costs

-Get amortized cost data and filter for a savings plan order using `ProductOrderID` to get daily amortized costs for a savings plan.

-You can charge-back savings plan use to other organizations by subscription, resource groups, or tags. Amortized cost data provides the monetary value of a savings plan's utilization at the following data types:

-### Determine savings plan savings

-1. Get estimated pay-as-you-go costs. Multiply the _UnitPrice_ value with _Quantity_ values to get estimated pay-as-you-go costs, if the savings plan discount didn't apply to the usage.

-2. Get the savings plan costs. Sum the _Cost_ values to get the monetary value of what you paid for the savings plan. It includes the used and unused costs of the savings plan.

-Keep in mind that if you have an underutilized savings plan, the _UnusedSavingsPlan_ entry for _ChargeType_ becomes a factor to consider. When you have a fully utilized savings plan, you receive the maximum savings possible. Any _UnusedSavingsPlan_ quantity reduces savings.

-## Purchase and amortization costs in cost analysis

-Savings plan costs are available inΓÇ»[cost analysis](https://aka.ms/costanalysis). By default, cost analysis showsΓÇ»**Actual cost**, which is how costs are shown on your bill. To view savings plan purchases broken down and associated with the resources that used the benefit, switch toΓÇ»**Amortized cost**. Here's an example.

-Group by _Charge Type_ to see a breakdown of usage, purchases, and refunds; or by _Pricing Model_ for a breakdown of savings plan and on-demand costs. You can also group by _Benefit_ and use the _BenefitId_ and _BenefitName_ associated with your Savings Plan to identify the costs related to specific savings plan purchases. The only savings plan costs that you see when looking at actual cost are purchases. Costs aren't allocated to the individual resources that used the benefit when looking at amortized cost. You'll also see a new _**UnusedSavingsPlan**_ plan charge type when looking at amortized cost.

-1. Locate the device links in the **Entities** area, either in the details pane on the right or in the alert details page. Select an entity link to open the related device details page, for both a source and destination device. <!--no links for some alerts?-->

-description: Learn how Apache Kafka application developers can use Azure Event Hubs instead of building and using their own Kafka clusters.

-keywords: "Kafka, Azure, topics, message-broker"

-# Azure Event Hubs for Apache Kafka ecosystems

-Azure Event Hubs provides an Apache Kafka endpoint on an event hub, which enables users to connect to the event hub using the Kafka protocol. You can often use an event hub's Kafka endpoint from your applications without any code changes. You modify only the configuration, that is, update the connection string in configurations to point to the Kafka endpoint exposed by your event hub instead of pointing to a Kafka cluster. Then, you can start streaming events from your applications that use the Kafka protocol into event hubs, which are equivalent to Kafka topics.

-This article provides detailed information on using Azure Event Hubs to stream data from [Apache Kafka](https://kafka.apache.org) applications without setting up a Kafka cluster on your own.

-### Kafka and Event Hubs conceptual mapping

-### Key differences between Apache Kafka and Event Hubs

-### Is Apache Kafka the right solution for your workload?

-## Other Event Hubs features

-## Apache Kafka feature differences

-> For Apache Kafka clients, an **event hub** maps to a **Kafka topic**. For more mappings between Azure Event Hubs and Apache Kafka, see [Kafka and Event Hubs conceptual mapping](azure-event-hubs-kafka-overview.md#kafka-and-event-hubs-conceptual-mapping)

-> - Debezium will auto-create a topic per table and a bunch of metadata topics. Kafka **topic** corresponds to an Event Hubs instance (event hub). For Apache Kafka to Azure Event Hubs mappings, see [Kafka and Event Hubs conceptual mapping](azure-event-hubs-kafka-overview.md#kafka-and-event-hubs-conceptual-mapping).

->

-> Apache Kafka Connect assumes for its dynamic configuration to be held in compacted topics with otherwise unlimited retention. Azure Event Hubs [does not implement compaction as a broker feature](event-hubs-federation-overview.md#log-projections) and always imposes a time-based retention limit on retained events, rooting from the principle that Azure Event Hubs is a real-time event streaming engine and not a long-term data or configuration store.

->

-> While the Apache Kafka project might be comfortable with mixing these roles, Azure believes that such information is best managed in a proper database or configuration store.

->

-> Many Apache Kafka Connect scenarios will be functional, but these conceptual differences between Apache Kafka's and Azure Event Hubs' retention models may cause certain configurations to not work as expected.

-|Can't remove first public IP configuration|Each Azure Firewall public IP address is assigned to an *IP configuration*. The first IP configuration is assigned during the firewall deployment, and typically also contains a reference to the firewall subnet (unless configured explicitly differently via a template deployment). You can't delete this IP configuration because it would de-allocate the firewall. You can still change or remove the public IP address associated with this IP configuration if the firewall has at least one other public IP address available to use.|This is by design.|

-* This repo contains [samples for Azure Health Data Services](https://github.com/microsoft/healthcare-apis-samples), including Fast Healthcare Interoperability Resources (FHIR&#174;), DICOM, MedTech service, and data-related services.

-(FHIR&#174;) is a registered trademark of [HL7](https://hl7.org/fhir/) and is used with the permission of HL7.

-1. Select **Create a dataset** > **From datastore**.

-1. Assign a **Name** to your dataset.

-1. Select the datastore.

-1. (Optional) Provide a description for your dataset.

-1. Select **Next**.

-1. Confirm the details. Select **Back** to modify the settings or **Create** to create the dataset.

-1. Select **Create a dataset** > **From local files**.

-1. Assign a **Name** to your dataset.

-1. (Optional) Provide a description for your dataset.

-1. (Optional) Select or create a datastore. Or keep the default to upload to the default blob store ("workspaceblobstore") of your Machine Learning workspace.

-1. Select **Browse** to select the local files or folder(s) to upload.

-## <a name="incremental-refresh"> </a> Configure incremental refresh

-The progress chart shows how many items have been labeled, skipped, in need of review, or not yet done. Hover over the chart to see the number of items in each section.

-The middle section shows the queue of tasks yet to be assigned. When ML assisted labeling is off, this section shows the number of manual tasks to be assigned. When ML assisted labeling is on, this section will also show:

-Additionally, when ML assisted labeling is enabled, a small progress bar shows when the next training run will occur. The Experiments sections give links for each of the machine learning runs.

-On the right side is a distribution of the labels for those tasks that are complete. Remember that in some project types, an item can have multiple labels, in which case the total number of labels can be greater than the total number items.

-1. Select **Create a dataset** > **From datastore**.

-1. Assign a **Name** to your dataset.

-1. (Optional) Provide a description for your dataset.

-1. Select the datastore.

-1. Select **Next**.

-1. Confirm the details. Select **Back** to modify the settings or **Create** to create the dataset.

-1. Select **Create a dataset** > **From local files**.

-1. Assign a **Name** to your dataset.

-1. Choose the **Dataset type**.

- * Select **Tabular** if you're using a .csv or .tsv file, where each row is a response.

-1. (Optional) Provide a description of your dataset.

-1. Select **Next**

-1. (Optional) Select or create a datastore. Or keep the default to upload to the default blob store ("workspaceblobstore") of your Machine Learning workspace.

-1. Select **Upload** to select the local file(s) or folder(s) to upload.

-1. If uploading .csv or .tsv files:

- * Confirm the settings and preview, select **Next**.

- * Include all columns of text you'd like the labeler to see when classifying that row. If you'll be using ML assisted labeling, adding numeric columns may degrade the ML assist model.

- * Select **Next**.

-1. Confirm the details. Select **Back** to modify the settings or **Create** to create the dataset.

-The progress chart shows how many items have been labeled, skipped, in need of review, or not yet done. Hover over the chart to see the number of items in each section.

-The middle section shows the queue of tasks yet to be assigned. If ML-assisted labeling is on, you'll also see the number of pre-labeled items.

-On the right side is a distribution of the labels for those tasks that are complete. Remember that in some project types, an item can have multiple labels, in which case the total number of labels can be greater than the total number items.

-### Data tab

- Azure Files on-premises AD DS authentication only integrates with the forest of the domain service that the storage account is registered to. To support authentication from another forest, your environment must have a forest trust configured correctly. The way Azure Files register in AD DS almost the same as a regular file server, where it creates an identity (computer or service logon account) in AD DS for authentication. The only difference is that the registered SPN of the storage account ends with "file.core.windows.net" which does not match with the domain suffix. Consult your domain administrator to see if any update to your suffix routing policy is required to enable multiple forest authentication due to the different domain suffix. We provide an example below to configure suffix routing policy.

-You may experience either symptoms described below when trying to configure Windows ACLs with File Explorer on a mounted file share:

-> For more information see [Endorsed Linux distributions on Azure](../linux/endorsed-distros.md)

-Ensure auto update is enabled. First, check to see if it is enabled:

-Find 'AutoUpdate.Enabled'. If you see this output, it is enabled:

-Restart waagengt service for 14.04

-initctl restart walinuxagent

-Restart waagent service for 16.04 / 17.04

-```bash

-systemctl restart walinuxagent.service

-```

-### RHEL/CentOS 6

-First, check to see if it is enabled:

-Find 'AutoUpdate.Enabled'. If you see this output, it is enabled:

-Ensure auto update is enabled. First, check to see if it is enabled:

-Find 'AutoUpdate.Enabled'. If you see this output, it is enabled:

-### SUSE SLES 11 SP4

-First, check to see if it is enabled:

-Find 'AutoUpdate.Enabled'. If you see this output, it is enabled:

-### SUSE SLES 12 SP2

-First, check to see if it is enabled:

-Find 'AutoUpdate.Enabled'. If you see this output, it is enabled:

-### Debian 7 ΓÇ£JesseΓÇ¥/ Debian 7 "Stretch"

-Enable agent auto update

-This version of Debian does not have a version >= 2.0.16, therefore AutoUpdate is not available for it. The output from the above command will show you if the package is up-to-date.

-### Debian 8 ΓÇ£JessieΓÇ¥ / Debian 9 ΓÇ£StretchΓÇ¥

-First, check to see if it is enabled:

-Find 'AutoUpdate.Enabled'. If you see this output, it is enabled:

-If you don't find the add-on repository you can simply add these lines at the end of your .repo file according to your Oracle Linux release:

-Ensure auto update is enabled. First, check to see if it is enabled:

-Find 'AutoUpdate.Enabled'. If you see this output, it is enabled:

-You will see that the Azure Linux Agent version has been updated to the new version.

-Azure dedicated host instances and SQL hybrid benefits are not eligible for Azure Hybrid Benefit if you already use Azure Hybrid Benefit with Linux virtual machines. Azure Hybrid Benefit BYOS to PAYG capability does not support virtual machine scale sets and reserved instances (RIs).

-## <a name="routing-preference"></a>Virtual hub routing preference (Preview)