Enabling diagnostics and antimalware extensions in VMSS



In a direct follow on from the last post here are the steps to add two further extensions - listing here for my own benefit......(all run from cloud shell)

First up AntiMalware extension (shamelessly borrowed from here http://www.techkb.onl/azure-installing-the-microsoft-antimalware-and-log-analytics-extensions-on-vm-scale-sets/)

In this case loaded using powershell (make sure to have correct subscription set before you run this)


$rgname = 'yourrgname'
$vmssname = 'yourvmssname'
$location = 'yourlocation'

# Retrieve the most recent version number of the extension.
$allVersions= (Get-AzVMExtensionImage -Location $location -PublisherName "Microsoft.Azure.Security" -Type "IaaSAntimalware").Version
$versionString = $allVersions[($allVersions.count)-1].Split(".")[0] + "." + $allVersions[($allVersions.count)-1].Split(".")[1]

$VMSS = Get-AzVmss -ResourceGroupName $rgname -VMScaleSetName $vmssname
echo $VMSS
Add-AzVmssExtension -VirtualMachineScaleSet $VMSS -Name "IaaSAntimalware" -Publisher "Microsoft.Azure.Security" -Type "IaaSAntimalware" -TypeHandlerVersion $versionString
Update-AzVmss -ResourceGroupName $rgname -Name $vmssname -VirtualMachineScaleSet $VMSS

And secondly the diagnostics extension - in this case done via azcli - and in my case for windows platform - change point 2 if you have linux

1) az account set -s yoursubscriptionname
2) az vmss diagnostics get-default-config --is-windows-os> vmssconfig.json 
3) create vmssprotected.json file - some of the output from step 2 will be to the screen and this explains what you need to do - basically you need a storage account and a sas key to get access to that and this has to be stored in the file.
4) az vmss diagnostics set --resource-group yourrgname --vmss-name yourvmssname --settings vmssconfig.json --protected-settings vmssprotected.json

Note that for point 2 you are just extracted some predefined definitions that Microsoft created - i think it is possible to add your own if you require that but then you would need to change the json file manually.

Comments

  1. Venkat20 April 2021 at 07:01

    Nice post...very informative...Thanks for sharing this article.
    Azure Training in Chennai

    ReplyDelete
  2. nayar28 June 2021 at 05:31


    Nice blog! Thanks for sharing this valuable information
    IELTS Coaching in Hyderabad
    IELTS Coaching in Bangalore
    IELTS Coaching in Pune
    IELTS Coaching in Gurgaon
    IELTS Coaching in Delhi
    IELTS Coaching in Ahmedabad
    IELTS Coaching in Kochi
    IELTS Coaching in Kolkata

    ReplyDelete
  3. stablyque-ya25 April 2022 at 15:54

    stablyque-ya Charles Naranjo https://wakelet.com/wake/yenlnHHdMax-pFrsqcakH
    runcpunccuhan

    ReplyDelete
  4. YdalhiOpunc_neDes Moines22 May 2022 at 13:29

    YdalhiOpunc_neDes Moines Amy Cleghorn Here
    rirackliscoi

    ReplyDelete
  5. Anonymous9 February 2024 at 01:44

    https://5landsoverseas.com/sat-coaching-in-hyderabad/

    ReplyDelete
  6. Frank22 August 2025 at 06:01

    Informative article! Keep sharing.
    Also read: IELTS Coaching institute in Bangalore

    ReplyDelete
  7. Anonymous17 September 2025 at 03:25

    This information is magnificent. I understand and respect your clear-cut points. I am impressed with your writing style and how well you express your thoughts. david hoffmeister

    ReplyDelete
  8. Anonymous17 September 2025 at 03:27

    This information is magnificent. I understand and respect your clear-cut points. I am impressed with your writing style and how well you express your thoughts. acim podcast

    ReplyDelete

Post a Comment