Azure Cloud Support Engineer — Learning Package

SECTION A: Hands-on Labs

• VM troubleshooting (unreachable)
• NSG misconfiguration debugging
• App Service 502/500 troubleshooting
• Storage SAS access issues
• SQL connection troubleshooting
• VPN and VNet peering failures
• AKS pod failures
• Key Vault auth issues
• KQL query practice
• Alert rule testing
• Boot diagnostics & recovery
• Private Endpoint DNS issues
• Cosmos DB throttling (429)
• Redis eviction troubleshooting
• Full incident troubleshooting scenarios

SECTION B: Major Projects

• VM troubleshooting runbook
• AKS troubleshooting guide
• Network diagnostics toolkit
• Identity troubleshooting guide
• Incident response playbook
• Monitoring & alerting system
• Automated diagnostics (Logic Apps)
• Cost anomaly investigation guide
• Azure Policy remediation playbook
• Self-service troubleshooting portal
• KQL query library
• Post-incident report automation
• Environment health scorecard

SECTION C: Gotchas

• NSG propagation delay (~1 min)
• App Service logs not persistent
• DNS propagation delays
• Boot diagnostics require storage
• Log Analytics delays
• Cosmos DB 429 = throttling
• Azure Monitor alert frequency limits
• Private Endpoint must be approved
• SNAT port exhaustion issues
• Azure CLI subscription context issues

SECTION D: Playbook

P1 Incident Response

• Acknowledge
• Assess impact
• Communicate
• Triage
• Fix
• Validate
• Post-incident RCA

Common KQL Queries

// Failed logins
SigninLogs
| where ResultType != 0

// High CPU VMs
Perf
| summarize avg(CounterValue) by Computer

// NSG denied traffic
AzureDiagnostics
| where action_s == "Deny"

// HTTP 5xx errors
AppServiceHTTPLogs
| where ScStatus >= 500

Alert Tuning

• Review last 30 days alerts
• Identify false positives
• Adjust thresholds
• Group alerts
• Review monthly