Your company's Azure subscription includes an Azure Log Analytics workspace.
Your company has a hundred on-premises servers that run either Windows Server 2012 R2 or Windows Server 2016, and is linked to the Azure Log Analytics workspace.
The Azure Log Analytics workspace is set up to gather performance counters associated with security from these linked servers.
You must configure alerts based on the information gathered by the Azure Log Analytics workspace.
You have to make sure that alert rules allow for dimensions, and that alert creation time should be kept to a minimum.
Furthermore, a single alert notification must be created when the alert is created and when the alert is resolved.
You need to make use of the necessary signal type when creating the alert rules.
Which of the following is the option you should use?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Metric alerts in Azure Monitor provide a way to get notified when one of your metrics cross a threshold.
Metric alerts work on a range of multi-dimensional platform metrics, custom metrics, Application Insights standard and custom metrics.
Note: Signals are emitted by the target resource and can be of several types.
Metric, Activity log, Application Insights, and Log.
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-metricBased on the requirements, the appropriate signal type to use for creating the alert rules is the Metric signal type (Option C).
The Metric signal type is used to monitor the performance of a resource over time, and it provides the ability to create alerts based on the metric data. In this scenario, the Azure Log Analytics workspace is already set up to gather performance counters associated with security from the linked on-premises servers. These performance counters can be used as metrics to monitor the security of the servers.
Alert rules based on the Metric signal type can include dimensions, which allow for more specific filtering and analysis of the metric data. This meets the requirement for the alert rules to allow for dimensions.
Additionally, creating alerts based on metrics is typically faster than other signal types, such as the Activity log signal type or the Audit Log signal type. This meets the requirement to keep alert creation time to a minimum.
Finally, the Metric signal type allows for a single alert notification to be sent when the alert is created and when it is resolved. This meets the requirement for a single alert notification to be created for each alert.
In conclusion, the appropriate signal type to use for creating the alert rules in this scenario is the Metric signal type (Option C).