Azure – You can apply a policy to ensure the Log Analytics agent is being deployed on your virtual machine (Preview)

As you may know, Azure provides a quite powerful monitoring solution for your Azure environment as well your on-premises one called Azure Log Analytics.

This Log Analytics capability is also used by Azure Security Center to centralize security-related logs.

The use of Azure Log Analytics requires to have a local agent (Log Analytics Agent, also known as MMA [Microsoft Monitoring Agent]) to be deployed on your virtual machines. Depending of your provisioning process – either on-premises or on Azure – this agent may be forgotten in the deployment steps.

While there are multiple options to deploy it (ARM template on Azure, SCCM, manual or scripting), you can now also apply an Azure policy to ensure the Monitoring Agent is being deployed; which applies on both virtual machine and VMSS (Virtual Machine Scale Sets).

To enable and configure the policy connect to your Azure portal ( and select Policy.

Then reach the Definitions configuration and search for deploy log.

Then edit the policy you want to deploy and Assign it to be able to define the Log Analytics workspace to use; you need to have first define the Scope of course.

NOTE you can also use a similar policy to deploy the Dependency Agent also known as Service Map by searching deploy dependency.

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies