We have multiple different apps, each deployed in multiple environments, each monitored by a separate Application Insight instance. For example 2 web applications, each deployed in dev, test, prod environments, that means 6 different Application Insight instances.
Microsoft wants to migrate Application Insights to workspace based Application Insights, so I need to create Log Analytic workspace(s). What is the best approach and why:
As per the FAQ: use one instance: Should I use single or multiple Application Insights resources? Use a single resource for all the components or roles in a single business system. Use separate resources for development, test, and release versions, and for independent applications.
If you have multiple tenants, such as if you're a managed security service provider (MSSP), we recommend that you create at least one workspace for each Azure AD tenant to support built-in, service to service data connectors that work only within their own Azure AD tenant.
Azure Application Insights is a perfect tool to save the log data generated by these applications and also offers multiple features to apply Log Analytics on the saved data. Azure Application Insights is a feature of Azure Monitor and an application performance management service for web applications.
You need a Log Analytics workspace if you collect data from: Azure resources in your subscription. On-premises computers monitored by System Center Operations Manager. Device collections from Configuration Manager.
[I'm a part of Application Insights team]
Overall the recommendation is to keep the number of workspaces to a minimum unless you need clear separation:
This allows you to manage less number of resources (workspaces).
So, you should make a decision based on #2 - #5 (as mentioned above - auth is not relevant because it will still be controlled by Application Insights).
If you're not using advanced features (different retention), then most likely the main driver is different environment. I.e. in your case it is probably 3 workspaces (dev, test, prod).
As far as I understood from the Application Insights documentation here (and here), I think it would be also a good practice for the Log Workspace to separate them (at least) by environment, but you could use any other split or group criteria such as business meaning, correlated data, RBAC policies, managing team...
IMHO, in your case I would create 3 workspaces (dev, test, prod) and link each Application Insights in its corresponding workspace.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With