Microsoft Azure Load Balancer

❗️

This source has been deprecated

observIQ is in the process of transitioning a subset of BindPlane's monitoring capabilities to the observIQ OpenTelemetry Collector. As a result, this Source is no longer publicly available in BindPlane. If you need access to this Source, please reach out to our support via chat or via [email protected].

Please refer to the Microsoft Azure Sources topic for additional information on how to configure the LPU, and general Azure Data Collection setup details.

Load Balancer Types: Standard vs Basic

As a feature with Standard Load Balancers, Microsoft makes performance metrics available within the the API. The metrics listed below are only available at the Standard license level.

The Source will configure and collect property metrics with the Basic Load Balancer type.

Least Privileged User

Steps:

  1. Using the Azure CLI Client, find the Subscription ID and Tenant ID from your account list
  2. Create a custom RBAC role using the JSON provided. Include your Subscription ID and rename the file to azure.json
  3. Create an Active Directory Service Principal and assign the custom RBAC role t it.

Creating custom roles using the Azure CLI:

https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles

Assigning roles using the Azure CLI:

https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal

{
  "Name": "LPU Load Balancers",
  "Description": "LPU for Load Balancers",
  "Actions": [
    "Microsoft.Network/loadBalancers/*/read",
    "Microsoft.Network/publicIPAddresses/*/read",
    "Microsoft.Network/networkInterfaces/*/read",
    "Microsoft.Authorization/*/read",
    "Microsoft.Insights/metrics/*/read"
  ],
  "AssignableScopes": [
    "/subscriptions/[Subscription ID]"
  ]
}

Connection Parameters

NameRequired?Description
Subscription IDRequiredGUID Subscription ID
Tenant IDRequiredGUID Tenant ID (also known as Directory ID)
Client IDRequiredGUID Client ID (also known as Application ID)
Client SecretRequiredThe Secret (also known as Key) corresponding to the Client ID.
Maximum HTTP Retry Time (seconds)The maximum amount of time in seconds to retry each API request when the API is throttling.
HTTP Request Timeout (seconds)The maximum amount of time in seconds before a single HTTP request will fail.
Monitor Metric Collection LevelSelects which monitor metrics should be collected.
Filter By Resource Group TypeSelects whether to use a whitelist or blacklist when filtering by Resource Groups.
Filter By Resource Group WhitelistA comma separated list of resource groups to explicitly allow. A '*' character is used to represent 'all', and a blank string is used for 'none'.
Filter By Resource Group BlacklistA comma separated list of resource groups to filter out. A '*' character is used to represent 'all', and a blank string is used for 'none'.
Filter By Tags Group TypeSelects whether to use a whitelist or blacklist when filtering by Resource Groups.
Filter By Tags Group WhitelistA comma separated list of tags to explicitly allow. Tags must follow the format <key:value>. Instead of a specific tag, or tag value, a '*' character is used to represent 'all'. A blank entry is treated as 'none'.
Filter By Tags Group BlacklistA comma separated list of tags to filter out. Tags must follow the format <key:value>. Instead of a specific tag, or tag value, a '*' character is used to represent 'all'. A blank entry is treated as 'none'.

Metrics

🚧

Standard Load Balancer Only for Complete Metrics

A Standard type Load Balancer is required for availability of the below metrics. For more information see: Load Balancer Types: Standard vs Basic

API Usage

NameDescription
Average PagesThe average amount of pages needed for a paged resource type.
Average Request RetriesThe average number of retry requests per unique requests made.
Average Retry AttemptsThe average number of retry requests made per unique request that was retried.
Average Retry Wait (Milliseconds)The average amount of time retried requests spent waiting.
Client IDThe client ID used to make API calls.
Failed RequestsThe total number of requests that returned a failure response.
Maximum PagesThe most amount of pages needed for a paged resource type.
Maximum RetriesThe highest number of retries made for a single request.
Maximum Retry Wait (Milliseconds)The most amount of time a retried request spent waiting.
Minimum PagesThe least amount of pages needed for a paged resource type.
Minimum Retry Wait (Milliseconds)The least amount of time a retried request spent waiting.
Other Status ResponsesThe total number of successful requests that responded with some other accepted status.
Request TimeoutsThe total number of requests that timed out waiting for a response.
Requests RetriedThe number of unique requests that were retried.
Retry Status ResponsesThe total number of successful requests that responded with the status TOO MANY REQUESTS (429).
Retry TimeoutsThe total number of requests that needed to be retried, but the request retry time exceeded the maximum retry time.
Status OK ResponsesThe total number of successful requests that responded with the status OK (200).
Subscription IDThe subscription ID used to make API calls.
Successful RequestsThe total number of requests that returned a successful response.
Tenant IDThe tenant ID used to make API calls.
Total Monitor RequestsThe total number of requests made to get monitor metrics.
Total Paged RequestsThe total amount of resource types that required paging.
Total RequestsThe total number of requests made during collection.
Total RetriesThe total number of retry requests that were made.
Unique Monitor RequestsThe number of unique requests made to get monitor metrics.
Unique RequestsThe number of requests made with unique endpoints.

Backend Address Pool

NameDescription
Backend IP ConfigurationsThe IDs of the backend IP configurations associated with the backend address pool
Entity TagA unique read-only string that changes whenever the resource is updated
IDResource ID of the address pool
Load Balancing RulesThe IDs of the load balancing rules associated with the backend address pool
NameResource name of the address pool
Provisioning StateProvisioning state of the public IP resource

Backend Endpoint

NameDescription
Dynamic IP AddressDynamic IP Address
Dynamic IP AvailabilityAvailability of DIP endpoints, based on probe results
Dynamic IP PortDynamic IP Port
Parent IDParent ID

Backend IP Configuration

NameDescription
Entity tagA unique read-only string that changes whenever the resource is updated
IDResource ID of the IP configuration
Is In Use With ServiceWhether or the the IP configuration is in use with a service
Load Balancer Backend Address PoolsA list of the load balancer backend address pool IDs associated with the IP configuration
NameResource name of the backend IP configuration
PrimaryGets whether this is a primary customer address on the network interface
Private IP AddressPrivate IP address of the IP configuration
Private IP Address VersionRepresents whether the specific IP configuration is IPv4 or IPv6
Private IP Allocation MethodDefines how a private IP address is assigned
Provisioning StateThe provisioning state of the network interface IP configuration
SubnetResource ID of the associated subnet

Frontend Application

NameDescription
Data Throughput In (Bytes)Total incoming throughput transmitted within time period
Data Throughput Out (Bytes)Total outgoing throughput transmitted within time period
Dynamic IP AvailabilityAvailability of DIP endpoints, based on probe results
Packets Routed In (Packets)Total incoming Packets transmitted within time period
Packets Routed Out (Packets)Total outgoing Packets transmitted within time period
Parent IDParent ID
SYN CountTotal number of SYN Packets transmitted within time period
Total Data Throughput (Bytes)Total throughput transmitted within time period
Total Packets Routed (Packets)Total number of Packets transmitted within time period
Virtual IP AddressVirtual IP Address
Virtual IP AvailabilityAvailability of VIP endpoints, based on probe results
Virtual IP PortVirtual IP Port

Frontend IP Configuration

NameDescription
Entity TagA unique read-only string that changes whenever the resource is updated
IDResource ID of the IP configuration
NameResource name of the IP configuration
Private IP Allocation MethodThe Private IP allocation method
Provisioning StateGets the provisioning state of the public IP resource
Public IP AddressThe public IP address of the frontend IP configuration
Public IP Address IDThe public IP address ID of the frontend IP configuration
SubnetThe reference of the subnet resource

Frontend Server

NameDescription
Data Throughput In (Bytes)Total incoming throughput transmitted within time period
Data Throughput Out (Bytes)Total outgoing throughput transmitted within time period
Dynamic IP AvailabilityAvailability of DIP endpoints, based on probe results
Packets Routed In (Packets)Total incoming Packets transmitted within time period
Packets Routed Out (Packets)Total outgoing Packets transmitted within time period
Parent IDParent ID
SNAT Connection CountTotal number of new SNAT connections created within time period
SYN CountTotal number of SYN Packets transmitted within time period
Total Data Throughput (Bytes)Total throughput transmitted within time period
Total Packets Routed (Packets)Total number of Packets transmitted within time period
Virtual IP AddressVirtual IP Address
Virtual IP AvailabilityAvailability of VIP endpoints, based on probe results

Inbound NAT Rule

NameDescription
Backend IP ConfigurationA reference to a private IP address defined on a network interface of a VM. Traffic sent to the frontend port of each of the frontend IP configurations is forwarded to the backend IP
Backend PortThe port used for the internal endpoint
Enable Floating IPConfigures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group
Frontend IP ConfigurationA reference to frontend IP addresses
Frontend PortThe port for the external endpoint
IDResource ID of the NAT rule
Idle Timeout (Minutes)The timeout for the TCP idle connection
NameResource name of the NAT rule
ProtocolThe transport protocol for the endpoint
Provisioning StateThe provisioning state of the public IP resource

Load Balancer

NameDescription
Data Throughput In (Bytes)Total incoming throughput transmitted within time period
Data Throughput Out (Bytes)Total outgoing throughput transmitted within time period
Dynamic IP AvailabilityAvailability of DIP endpoints, based on probe results
Entity TagA unique read-only string that changes whenever the resource is updated
IDThe ID of the load balancer
LocationThe location of the load balancer
NameThe load balancer's name
Packets Routed In (Packets)Total incoming Packets transmitted within time period
Packets Routed Out (Packets)Total outgoing Packets transmitted within time period
Provisioning StateGets the provisioning state of the public IP resource
Resource GroupThe Resource Group of the Azure resource.
Resource GUIDThe GUID of the load balancer
SKU NameThe name of the SKU associated with the load balancer
SKU TierThe tier of the SKU associated with the load balancer
SNAT Connection CountTotal number of new SNAT connections created within time period
SYN CountTotal number of SYN Packets transmitted within time period
TagsMicrosoft Azure resource tags
Total Data Throughput (Bytes)Total throughput transmitted within time period
Total Packets Routed (Packets)Total number of Packets transmitted within time period
TypeMicrosoft Azure resource type
Virtual IP AvailabilityAvailability of VIP endpoints, based on probe results

Load Balancing Rule

NameDescription
Backend Address PoolA reference to a pool of DIPs. Inbound traffic is randomly load balanced across IPs in the backend IPs
Backend PortThe port used for internal connections on the endpoint
Enable Floating IPConfigures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group
Entity TagA unique read-only string that changes whenever the resource is updated
Frontend IP ConfigurationA reference to frontend IP addresses
Frontend PortThe port for the external endpoint
IDResource ID of the rule
Idle Timeout (Minutes)The timeout for the TCP idle connection
Load DistributionThe load distribution policy for this rule
NameResource name of the rule
ProbeThe reference of the load balancer probe used by the load balancing rule
ProtocolThe transport protocol for the endpoint
Provisioning StateThe provisioning state of the PublicIP resource

Network Interface

NameDescription
Dynamic IP AvailabilityAvailability of DIP endpoints, based on probe results
Enable Accelerated NetworkingIf the network interface is accelerated networking enabled
Enable IP ForwardingIndicates whether IP forwarding is enabled on this network interface
Entity TagA unique read-only string that changes whenever the resource is updated
IDResource ID of the network interface
LocationThe location of the network interface
MAC AddressThe MAC address of the network interface
NameResource name of the network interface
Network Security GroupThe reference of the NetworkSecurityGroup resource
PrimaryGets whether this is a primary network interface on a virtual machine
Private IP AddressThe private IP address of the associated IP configuration
Provisioning StateThe provisioning state of the public IP resource
Resource GUIDThe resource GUID property of the network interface resource
SNAT Connection CountTotal number of new SNAT connections created within time period
TagsMicrosoft Azure resource tags
TypeMicrosoft Azure resource type
Virtual MachineThe reference of a virtual machine
Virtual Network Tap Provisioning StateThe provisioning state of the virtual network tap

Probe

NameDescription
Entity TagA unique read-only string that changes whenever the resource is updated
IDResource ID of the probe
Interval (Seconds)The interval for how frequently to probe the endpoint for health status. Typically, the interval is slightly less than half the allocated timeout period which allows two full probes before taking the instance out of rotation
NameResource name of the probe
Number Of ProbesThe number of probes where if no response, will result in stopping further traffic from being delivered to the endpoint. This values allows endpoints to be taken out of rotation faster or slower than the typical times used in Azure
PortThe port for communicating the probe
ProtocolThe protocol of the end point
Provisioning StateThe provisioning state of the public IP resource
Request PathThe URI used for requesting health status from the VM

Public IP Address

NameDescription
Allocation MethodThe public IP allocation method
Entity TagA unique read-only string that changes whenever the resource is updated
IDResource ID of the public IP address
Idle Timeout (Minutes)The idle timeout of the public IP address
IP AddressThe IP address associated with the public IP address resource
IP ConfigurationThe IP configuration associated with the public IP address
LocationResource location of the public IP address
NameResource name of the public IP Address
Provisioning StateThe provisioning state of the PublicIP resource
Resource GUIDThe resource GUID property of the public IP resource
SKU NameName of a public IP address SKU
SKU TierTier of a public IP address SKU
TagsMicrosoft Azure resource tags
TypeMicrosoft Azure resource type
VersionThe public IP address version