This article covers an overview about Azure and Azure monitoring tool and the steps to integrate both these tools with the Resolution Intelligence Cloud to sync entities and monitor those entities for alerts or signals.
Azure Monitor tool collects the telemetry data from both on-premises and Azure cloud services. The telemetry data is helpful in monitoring performance your assets and identifying the issues that affects the performance. Azure monitor helps you to maximize the potential and availability of applications and services across your organization.
Azure integration with the Resolution Intelligence Cloud allows you to collect events, logs, metrics data in real-time to monitor, analyze, identify ActOns, and automate alerting for multiple Azure services.
This integration helps to
- Collect metrics from 250+ Azure services without logging into the Azure platform.
- Monitor virtual machines, containers, and apps using VM insights, container insights, and app insights.
- Correlate data from Azure application across events, logs, metrics, and user activity in a single-pane and respond to ActOns right within the platform.
- Enable automated actions to support smooth operations of your organization.
- Visualize the signals in dashboards and reports.
- Investigate change data for routine monitoring or for triaging signals by using Change Analysis.
| Service | Description | |
|---|---|---|
|
Analysis Services |
Provides data models in the cloud. |
|
|
Apache Spark Pools |
Enables parallel and in-memory processing to boost the performance of big data analytic applications. |
|
|
API Management |
Create, update, and publish APIs to developers, organizations, and employees at scale. |
|
|
App Configuration |
Stores configuration of applications. |
|
|
App Services |
Create, deploy, and maintain cloud applications on desktop, and mobile. |
|
|
App Service (Slots) |
Enables separate deployment slots to deploy web app or API app. |
|
|
App Service Environments |
A fully isolated and dedicated environment for securely running App service apps at a high scale. |
|
|
App Service Plans |
Set of compute resources for web app to run. |
|
|
Application Gateway |
Manage traffic to your web applications. |
|
|
Application Insights |
Monitors live applications and provide insights. |
|
|
Automation |
Provides automation and configuration management across your environments. |
|
|
Autoscale settings |
Ensure that you have the right number of resources to handle the fluctuating load of an application. |
|
|
AVS private clouds |
Provides VMware based clouds |
|
|
API for FHIR |
Enables rapid exchange of data through Fast Healthcare Interoperability Resources. |
|
|
Blockchain Services |
Gives the ability to scale and operate blockchain networks. |
|
|
Bastions |
Provides more secure and seamless Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) access to VMs. |
|
|
Batch Accounts |
Runs large-scale applications in the cloud. |
|
|
Bing Resources |
Search web pages, images, news, and locations. |
|
|
Bot Services |
Built for bot development. |
|
|
Cache for Redis |
Managed data cache |
|
|
Cosmos DB |
No-SQL database for modern app development. |
|
|
Capacity Pools |
Assigns the capacity and throughput for volume independently. |
|
|
Cloud services (Extended support) |
Build, Run, and manage applications across multiple clouds. |
|
|
Cloud simple VMs |
Managed VMware virtual machines. |
|
|
CloudTest Pools |
A multi-tenant, scalable, performant, and extensible 1ES verification. |
|
|
Cognitive Services |
APIs, SDKs, and services help to build applications without AI or data science knowledge. |
|
|
Communication Services |
A set of rich communication APIs, video APIs, and SMS APIs help to deploy applications on any platform. |
|
|
Container instances |
Deploy containers without the need to provision or manage the underlying infrastructure. |
|
|
Container registries |
Enable fast, scalable retrieval of container workloads. |
|
|
Data box edge devices |
A physical device that helps to send in and out the data. |
|
|
Data Factories |
Fully managed, serverless data integration service. |
|
|
Data Lake Analytics |
Simplifies big data. |
|
|
Data Lake Storage Gen1 |
A no limits data lake that powers big data analytics. |
|
|
Data Shares |
Enable full visibility into data sharing relationships. |
|
|
Data Explorer Clusters |
Fast and highly scalable data exploration service for log and telemetry data. |
|
|
Database for MySQL servers |
Provides control, custom analysis, and suggestions for database optimization. |
|
|
Database for MySQL flexible servers |
Handle mission critical workloads with predictable performance and dynamic scalability. |
|
|
Dedicated SQL pools |
Offers T-SQL based compute and storage capabilities. |
|
|
Device Provisioning Services |
A helper service for IoT Hub. |
|
|
Disks |
Block level storage volume. |
|
|
Digital Twins |
Create digital representation of real-world things, places, and people. |
|
|
DNS Zones |
Host the DNS records for a particular domain. |
|
|
Event Grid Domains |
Publish events to thousands of topics. |
|
|
Event Grid Partner Namespaces |
A regional end point to publish events. |
|
|
Event Grid Partner Topics |
Provides an end point where the source sends events. |
|
|
Event Grid System Topics |
Represents one or more events published by Azure. |
|
|
Event Hubs Clusters |
Offers single tenant deployments for streaming. |
|
|
Event Hubs Namespaces |
Create one or more event hubs. |
|
|
ExpressRoute circuits |
Create private connections between Microsoft data centers and your local infrastructure. |
|
|
ExpressRoute Direct |
Provides direct connection to Microsoft's Global network at peering locations. |
|
|
Firewalls |
Enable protection from threats for cloud workloads. |
|
|
Front Doors |
Traffic-routing methods and backend health monitoring for applications. |
|
|
HDInsight clusters |
Create optimized clusters for Hadoop, Spark, Kafka and HBase. |
|
|
HPC caches |
Low-latency file access to support high performance computing (HPC) workloads. |
|
|
Integration Service Environments |
A fully isolated and dedicated environment for all enterprise-scale integration needs. |
|
|
IoT Central Applications |
Reduces the burden and cost of developing, managing, and maintaining enterprise-grade IoT solutions. |
|
|
IoT Connectors |
Ingest data from IoT devices. |
|
|
IoT Hub |
Provides communication between IoT application and attached devices. |
|
|
Key Vault |
Stores and access secrets like API keys. |
|
|
Kubernetes - Azure Arc |
Control and manage resources. |
|
|
Kubernetes services |
Deploy and manage containerized applications at scale. |
|
|
Live events |
Ingest and process live video streaming. |
|
|
Load balancers |
Evenly distributes the incoming network traffic across a group of servers. |
|
|
Log Analytics workspaces |
Monitor log data. |
|
|
Logic apps |
Creating and running automated workflows that integrate your apps, data, services, and systems. |
|
|
Machine learning |
Enterprise-grade machine learning service to build and deploy models faster. |
|
|
Maria DB servers |
Handle mission critical workloads with predictable performance and dynamic scalability. |
|
|
Maps Accounts |
Collection of geospatial services. |
|
|
Media Services |
Delivers any media, on virtually any device. |
|
|
NAT gateways |
Simplifies outbound Internet connectivity for virtual networks. |
|
|
Network Function Manager |
Offers Azure Market place for deploying network functions. |
|
|
Network Interfaces |
Enables VM communication with internet, Azure, and on-premises resources. |
|
|
Notification Hubs |
Send notifications to any platform from any backend. |
|
|
Peering Services |
Enhance customer connectivity to Microsoft cloud services. |
|
|
Power BI Embedded |
Gives ISVs and app developers to surface Power BI data experiences within their applications. |
|
|
Postgre SQL Flexible servers |
Enable more control and flexibility over databases. |
|
|
Postgre SQL servers |
Managed, guarantee performance, exposes access and features at server level. |
|
|
Private DNS zones |
Manage and resolve domain names in a virtual network. |
|
|
Private endpoints |
A special network interface for an Azure service in your Virtual Network |
|
|
Private link services |
Allows virtual network resources to privately connect to other resources. |
|
|
Public IP addresses |
Enable inbound communication and outbound connectivity from the Internet. |
|
|
Purview accounts |
Manage and govern your on-premises, multi-cloud, and software-as-a-service (SaaS) data. |
|
|
Redis Enterprise |
An in-memory data store for faster retrieval of data. |
|
|
Relays |
Expose securely services that run in the corporate network to the public cloud |
|
|
Remote Rendering Accounts |
Outsources the local computing process to Cloud's high-end processors. |
|
|
Search services
|
Search service over private, heterogeneous content in web, mobile, and enterprise applications. |
|
|
Service Bus Namespaces |
An enterprise message broker with message queues and publish-subscribe topics. |
|
|
SignalR |
Allows developers to focus on building real-time web experiences. |
|
|
Spatial Anchors Accounts |
Create mixed reality experiences using objects that persist their location across devices over time. |
|
|
Spring Cloud |
Deploys Spring Boot microservice applications. |
|
|
SQL databases |
Highly scalable relational database in the cloud. |
|
|
SQL elastic pools |
Manage the performance of multiple databases. |
|
|
SQL managed instances |
Combines the broadest SQL Server database engine. |
|
|
SQL servers |
Create and manage your SQL databases from a single platform. |
|
|
Static Web Apps
|
Builds and deploys full stack web apps to Azure from a code repository. |
|
|
Storage |
Storage for blobs, files, queues, and tables. |
|
|
Storage Sync Services |
Cache files |
|
|
Stream Analytics jobs |
An event-processing engine to examine high volumes of data streaming from devices. |
|
|
Streaming Endpoints |
Deliver on-demand and live content. |
|
|
Synapse Analytics |
Brings together enterprise data ware housing, data integration, and big data analytics. |
|
|
Time Series Insights environments |
Stores massive time-series data. |
|
|
Time Series Insights event sources |
A link between hub and Azure time series data. |
|
|
Traffic Manager profiles |
Distribute traffic to your applications. |
|
|
Virtual machine scale sets |
Deploy, manage, and auto-scale a set of identical VMs |
|
|
Virtual machines |
Virtual machine management service |
|
|
Virtual network gateways |
Transfer encrypted traffic between an Azure virtual network and an on-premises location. |
|
|
Virtual networks |
Allows Azure resources to securely communicate with each other, the internet, and on-premises network. |
|
|
Volumes |
Store, retrieve, and persist data across pods. |
|
|
Web application firewall policies (WAF) |
Contain WAF settings and configurations. |
|
|
Web PubSub Service |
Build web applications with real-time features and publish-subscribe pattern. |
|
Prerequisites
- You must have the following registration/service principal details.
- Tenant Id
- Subscription Id
- Client/application Id
- Client secret
- Custom role with following permissions.
| Operation | Description |
|---|---|
|
Microsoft.Insights/ActionGroups/[Write, Delete] |
Write/delete action groups. |
|
Microsoft.Insights/ActivityLogAlerts/[Write, Delete] |
Write/delete activity log alerts. |
|
Microsoft.Insights/AlertRules/[ Write, Delete] |
Write/delete alert rules (from alerts classic). |
|
Microsoft.Insights/AutoscaleSettings/[Write, Delete] |
Write/delete autoscale settings. |
|
Microsoft.Insights/DiagnosticSettings/[Write, Delete] |
Write/delete diagnostic settings. |
|
Microsoft.Insights/ExtendedDiagnosticSettings/[Write, Delete] |
Read/write/delete diagnostic settings for network flow logs. |
|
Microsoft.Insights/LogProfiles/[Write, Delete] |
Read/write/delete log profiles (streaming Activity Log to event hub or storage account). |
|
Microsoft.Insights/MetricAlerts/[Write, Delete] |
Read/write/delete near real-time metric alerts |
|
Microsoft.Insights/Register/Action |
Register the Azure Monitor resource provider. |
|
Microsoft.Insights/ScheduledQueryRules/[Write, Delete] |
Read/write/delete log alerts in Azure Monitor. |
|
Microsoft.Resources/subscriptions/resourcegroups/write |
Create resource group |
|
*/read |
Read all the resources under the subscriptions |
3. Use the following APIs to fetch resources.
- https://login.microsoftonline.com/tenantId/oauth2/token
- https://docs.microsoft.com/en-us/rest/api/resources/resources/list
- https://management.azure.com/subscriptions/{subscription-id}/providers/{provider-name}?&api-version={api-version}
- https://docs.microsoft.com/en-us/rest/api/resources/resources/get-by-id
- https://management.azure.com/subscriptions/{subscriptionId}/resources?api-version=2020-10-01
- https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Advisor/configurations?api-version=2017-04-19
- https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/microsoft.insights/actionGroups/{action-group-name}?api-version=2019-06-01
Note: Require permissions to grant token for resource “https://management.azure.com”.
How Azure integration works
Resolution Intelligence uses an Azure instance to create an action group in the Azure environment. After enabling the Azure Monitor app (In Azure Monitor), a token will be generated internally and a webhook URL will be appended to the action group in the Azure environment. The webhook URL will help the triggered signal to flow into our Resolution Intelligence platform.
Enabling Azure Integration
In Resolution Intelligence Cloud
Roles Required:
- Owner
- Global Admin
- A user with manager role
- Configuration Manager
To set up integration,
-
Click
the gear icon at the top (or) hover over
icon at the top left corner.
-
In the bottom of the left menu, click Configurations.
-
In the left menu, under Data Ingestion, click Integrations.
You will be navigated to the available integrations page. - Locate and click the Azure tile.
Available Integrations
The integration will be enabled.
4. On the Azure integration page, click Add Instance.
A window appears on your screen.
5. Under the Instance details, fill in these details: Name, Tenant ID, Application ID, Subscription ID, and Password of Azure platform.
6. Under Specify Ingestion Criteria, construct the condition expression. Select a field and operator from the drop-down lists. For the value, select a value from the drop-down list or enter it manually, depending on the field type. The condition is used to determine the records to which the rule will apply.
A condition expression can consist of several phrases, joined by an And or Or. For each phrase, select a field, operator, and value. Click the 
button to add an additional row. Use the parentheses and And/Or options to join the phrases together to form a condition expression.
The conditions include the following attributes:
-
- Alias Name
- Created time
- Updated time
- Name
7. Under Schedule, choose the following to sync the incoming data from Azure.
-
- Timezone: Select the appropriate timezone (for example, (UTC+05:30) Asia/Kolkata).
- Time: Select the appropriate date and time.
-
Repeat: From the dropdown, select the following.
- Monthly: Specify the number of months and the day (for example, for every 6 months on the 30th day according to the timezone you selected).
- Weekly: Specify the day (for example, Every Thursday at 10:AM according to the timezone you selected).
- Daily: On every day at a specific time based on the time you have specified.
8. Click Validate and Save.
Once the Azure instance is set up, entities from Azure begin syncing to the platform, and you can view them on the Entities Overview page. However, syncing follows the scheduled time. To sync manually, use the Sync Now option.
Syncing Azure Entities
Use this procedure to sync the Azure entities to the Resolution Intelligence Cloud instantly.
To sync the Azure entities:
- Select Integrations, under the Data Ingestion section to see all the data sources and monitoring tools that you want to integrate. This opens the Integrations page where you can see all the enabled and available integrations.
- Click the Azure card in the Enabled Integrations section. This opens the page where you can see the existing instances.
- Click the ellipses icon corresponding to the Azure instance you want to sync and select Sync now to manually sync any new entities to the Resolution Intelligence Cloud.
Viewing the job history
Use this procedure to track the job history. This gives you details, such as when the job was performed and what is the outcome of the job.
To view the history of job runs:
- Select Integrations, under the Data Ingestion section. This opens the Integrations page where you can see all the enabled and available integrations.
- Click the Azure card in the Enabled Integrations section. This displays the existing instances.
- Click the ellipses icon corresponding to the Azure instance whose job history you want to view and select Job History. This displays the Job History tab.
- Review the following job details:
| Field name | Field description |
|---|---|
| Job ID | A unique ID generated for every run. Click on the ID to view the job logs. |
| Start time | The time when the job was started. |
| End time | The time when the job ended. |
| Execution time | The time taken to run a job. |
| Status |
The status of the job run. Possible values:
|
Note: If the job is failed, you can use the Retry button to re-run the job
Viewing the job logs for a specific job run
Use this procedure to view the job logs of a specific job run. You can use the search box to quickly find the log you need.
To view the history of job runs:
- Go to Integrations under the Data Ingestion section. This opens the Integrations page, where you can see all enabled and available integrations.
- Click the Azure card in the Enabled Integrations section to view existing instances.
- Click the ellipsis icon next to the Azure instance whose job history you want to view, then select Job History. This opens the Job History tab.
- Click the Job ID hyperlink of the job whose logs you want to view.
- Status – Indicates whether the entity was successfully synced to the platform. Possible values: Success or Failed.
- Message – Provides details on the success or failure of the job.
- Event Time – The timestamp when the log was generated.
To view real-time logs, click the Refresh button.
To download logs to a CSV file, click Download.
Deleting an Instance
Use this procedure to delete an Azure Instance.
- Select Integrations, under the Data Ingestion section. This opens the Integrations page where you can see all the enabled and available integrations.
- Click the Azure card in the Enabled Integrations section. This displays the existing instances.
- Click the ellipses icon corresponding to the ManageEngine instance you want to delete and select Delete Instance. A pop-up window appears.
- Click Yes to delete.
Deleting a schedule
Use this procedure to delete a schedule associated with the Azure instance. You cannot view the Delete schedule option when no schedules are set for this instance.
- Select Integrations, under the Data Ingestion section. This opens the Integrations page where you can see all the enabled and available integrations.
- Click the Azure card in the Enabled Integrations section. This displays the existing instances.
- Click the ellipses icon corresponding to the Azure instance and select Delete Schedule to delete the scheduled job for this instance.
You can now view the scheduler being removed from this instance.
Modifying the Instance details
Use this procedure to modify the instance details.
- Select Integrations, under the Data Ingestion section. This opens the Integrations page where you can see all the enabled and available integrations.
- Click the Azure card in the Enabled Integrations section. This displays the existing instances.
- Click the ellipses icon corresponding to the Azure instance you want to modify and select Edit Instance. This takes you to the Edit Instance page.
- Change the Instance details and Click Validate and Save to validate and save the updated changes.
Deactivating Azure integration
Use this procedure to deactivate the Azure integration. Once deactivated, you cannot receive the entities from Azure to the platform. You can also reactivate the integration anytime you want and retrieve the old and latest asset information.
To deactivate the integration:
-
Click
-
In the bottom of the left menu, click Configurations.
-
In the left menu, under Data Ingestion, click Integrations.
You will be navigated to the available integrations page. - Locate and click the Azure tile.
Enabling Azure Monitor Integration
In Resolution Intelligence Cloud
Use this procedure to integrate Azure Mnitor to receive signals if there is an abnormality detected in the assets on Azure platform.
To integrate Azure Monitor,
-
Click
-
In the bottom of the left menu, click Configurations.
-
In the left menu, under Data Ingestion, click Integrations.
You will be navigated to the available integrations page. - Locate and click the Azure Monitor tile.
- Click Add --> Add Integration.
- On the Azure Monitor page, under the Inbound section, select the authentication type as JSON Web Token (JWT) in the authentication window.
- Click Save.
A token and a webhook URL will be generated to help your signal flow into the Resolution Intelligence.
Enabling Azure Monitor
5. To confirm that your signals are monitored by Azure Monitor, go to Resolutions --> Signals where you can see the signals that are created.
Verifying Signals
Conclusion
In this Integration guide, we have walked you through integrating Azure with Resolution Intelligence Cloud so you can visualize and signal on your key metrics. You can also monitor which VMs are overutilized or underutilized based on your prescribed limits and should be resized to improve performance or save costs. This integration gives you critical visibility into the deeper details of your VMs and your applications. You can easily create automated signals on any metrics across any group of VMs based on your usage patterns.
Comments
0 comments
Please sign in to leave a comment.