Lifecycle and investigation how-to guides
Use these recipes to identify time-bound operational risk, investigate telemetry, preserve evidence, and maintain an auditable case record.
| Goal | Guide |
|---|---|
| Triage Azure retirements and breaking changes | Retirement Radar |
| Review reservation expiry and utilization | Reservations Monitor |
| Scan capacity and throttling risk | Quota Monitor |
| Query, triage, and reconstruct telemetry | Telemetry Intelligence |
| Capture, compare, share, and retain evidence | Evidence Locker |
| Open, investigate, verify, and close cases | Case Files |
Common operating pattern
- Select the correct connection and the narrowest useful workload, subscription, resource, or component.
- Check generated time, retention window, cache age, collector errors, and partial-result indicators.
- Refresh or scan only when the decision requires newer evidence.
- Validate AI narrative and derived risk against raw rows and authoritative Azure data.
- Preserve minimum necessary evidence before remediation.
- Verify externally applied changes with fresh data, then update the case timeline.
Treat exports, telemetry rows, evidence bundles, case notes, ticket content, and share links as sensitive. Never use real identifiers, secrets, access tokens, or customer payloads in examples.