Visualizing uberAgent Data in Azure Monitor—Part 4: Conclusion
Welcome back to our four-part blog series about visualizing uberAgent data in Azure Monitor. So far you have learned the basics about Azure Monitor and the search language Kusto. You created your first Kusto search as well. Also, you learned that none of the built-in visualization options nor Grafana can compete with Splunk. This is part four.
The blog-series is split as follows:
- First part: the basics
- Second part: comparing the dashboarding capabilities of Azure Monitor and Splunk
- Third part: using Grafana with Azure Monitor for uberAgent
- Fourth part (this article): conclusion
Azure Monitor’s search language Kusto is fun to work with. It’s intuitive to use, especially if you’ve worked with SQL or Splunk’s SPL before. It’s also very powerful! The only downside we found is that Kusto lacks the ability to use wildcards in comparisons.
There are several options for visualizing data in Azure Monitor:
- Azure Dashboards
- Azure Monitor Views
We have looked at all of them in this blog series. Unfortunately, no variant has all the features we need. What one is lacking, the other has. And vice versa.
A promising option comes from outside: Grafana. But not even Grafana provides all the functionality we would like to see in uberAgent dashboards.
The table below illustrates how well the three technologies we examined in detail meet our requirements:
|Variables and parameters||No||Yes||Yes|
|Packaging as an app||No||Partly||Yes|
The dashboards we ship with uberAgent need to work for all organizations and use cases equally well. Specific requirements from individual customers can certainly be implemented well in Workbooks or Grafana. This is a great opportunity to shine for partners focused on Azure.
uberAgent is an innovative Windows and macOS user experience monitoring (UXM) and endpoint security analytics (ESA) product.
uberAgent UXM highlights include detailed information about boot and logon duration, application unresponsiveness detection, network reliability drill-downs, process startup duration, application usage metering, browser performance, web app metrics, and Citrix insights. All these varied aspects of system performance and reliability are smartly brought together in the Experience Score dashboard.
uberAgent ESA excels with a sophisticated activity monitoring engine, the uAQL query language, detection of risky activity, DNS query monitoring, hash calculation, registry monitoring, and Authenticode signature verification. uberAgent ESA comes with Sysmon and Sigma rule converters, a graphical rule editor, and uses a simple yet powerful query language instead of XML.
About vast limits
vast limits GmbH is the company behind uberAgent, the innovative user experience monitoring and endpoint security analytics product. vast limits’ customer list includes organizations from industries like finance, healthcare, professional services, and education, ranging from medium-sized businesses to global enterprises. vast limits’ network of qualified solution partners ensures best-in-class service and support anywhere in the world.