Microsoft Azure Virtual Network

❗️

This source has been deprecated

observIQ is in the process of transitioning a subset of BindPlane's monitoring capabilities to the observIQ OpenTelemetry Collector. As a result, this Source is no longer publicly available in BindPlane. If you need access to this Source, please reach out to our support via chat or via [email protected].

Please refer to the Microsoft Azure Sources topic for additional information on how to configure the LPU, and general Azure Data Collection setup details.

Least Privileged User

Steps:

  1. Using the Azure CLI Client, find the Subscription ID and Tenant ID from your account list
  2. Create a custom RBAC role using the JSON provided. Include your Subscription ID and rename the file to azure.json
  3. Create an Active Directory Service Principal and assign the custom RBAC role t it.

Creating custom roles using the Azure CLI:

https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles

Assigning roles using the Azure CLI:

https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal

{
  "Name": "LPU Virtual Network",
  "Description": "LPU for Virtual Network",
  "Actions": [
    "Microsoft.Network/publicIPAddresses/*/read",
    "Microsoft.Insights/metrics/*/read",
    "Microsoft.Authorization/*/read"
  ],
  "AssignableScopes": [
    "/subscriptions/[Subscription ID]"
  ]
}

Connection Parameters

NameRequired?Description
Subscription IDRequiredGUID Subscription ID
Tenant IDRequiredGUID Tenant ID (also known as Directory ID)
Client IDRequiredGUID Client ID (also known as Application ID)
Client SecretRequiredThe Secret (also known as Key) corresponding to the Client ID.
Maximum HTTP Retry Time (seconds)The maximum amount of time in seconds to retry each API request when the API is throttling.
HTTP Request Timeout (seconds)The maximum amount of time in seconds before a single HTTP request will fail.

Metrics

API Usage

NameDescription
Average PagesThe average amount of pages needed for a paged resource type.
Average Request RetriesThe average number of retry requests per unique requests made.
Average Retry AttemptsThe average number of retry requests made per unique request that was retried.
Average Retry Wait (Milliseconds)The average amount of time retried requests spent waiting.
Client IDThe client ID used to make API calls.
Failed RequestsThe total number of requests that returned a failure response.
Maximum PagesThe most amount of pages needed for a paged resource type.
Maximum RetriesThe highest number of retries made for a single request.
Maximum Retry Wait (Milliseconds)The most amount of time a retried request spent waiting.
Minimum PagesThe least amount of pages needed for a paged resource type.
Minimum Retry Wait (Milliseconds)The least amount of time a retried request spent waiting.
Other Status ResponsesThe total number of successful requests that responded with some other accepted status.
Request TimeoutsThe total number of requests that timed out waiting for a response.
Requests RetriedThe number of unique requests that were retried.
Retry Status ResponsesThe total number of successful requests that responded with the status TOO MANY REQUESTS (429).
Retry TimeoutsThe total number of requests that needed to be retried, but the request retry time exceeded the maximum retry time.
Status OK ResponsesThe total number of successful requests that responded with the status OK (200).
Subscription IDThe subscription ID used to make API calls.
Successful RequestsThe total number of requests that returned a successful response.
Tenant IDThe tenant ID used to make API calls.
Total Monitor RequestsThe total number of requests made to get monitor metrics.
Total Paged RequestsThe total amount of resource types that required paging.
Total RequestsThe total number of requests made during collection.
Total RetriesThe total number of retry requests that were made.
Unique Monitor RequestsThe number of unique requests made to get monitor metrics.
Unique RequestsThe number of requests made with unique endpoints.

Public IP Address

NameDescription
DNS Settings Domain Name LabelThe label for the domain name on the public IP resource.
DNS Settings FQDNThe fully qualified domain name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone.
Entity TagA unique read-only string that changes whenever the resource is updated.
IDThe ID for the public IP resource.
Idle Timeout (Minutes)The idle timeout of the public IP address.
Inbound Data (Bytes)The total amount of data received within time period.
Inbound DDoS Data (Bytes per Second)Average DDoS data received by the public IP resource.
Inbound DDoS Data Dropped (Bytes per Second)Average received DDoS data dropped by the public IP resource.
Inbound DDoS Data Forwarded (Bytes per Second)Average received DDoS data forwarded by the public IP resource.
Inbound DDoS Packets (Packets per Second)Average DDoS packets received by the public IP resource.
Inbound DDoS Packets Dropped (Packets per Second)Average received DDoS packets dropped by the public IP resource.
Inbound DDoS Packets Forwarded (Packets per Second)Average received DDoS packets forwarded by the public IP resource.
Inbound Packets (Packets)The total number of Packets received within time period.
Inbound SYN DDoS Packets To Trigger Mitigation (Packets per Second)The average inbound SYN packets required to trigger DDoS mitigation.
Inbound SYN Packets (Packets)The total number of SYN Packets received within the time period.
Inbound TCP DDoS Data (Bytes per Second)Average DDoS TCP data received by the public IP resource.
Inbound TCP DDoS Data Dropped (Bytes per Second)Average received DDoS TCP data dropped by the public IP resource.
Inbound TCP DDoS Data Forwarded DDoS (Bytes per Second)Average received DDoS TCP data forwarded by the public IP resource.
Inbound TCP DDoS Packets (Packets per Second)Average DDoS TCP packets received by the public IP resource.
Inbound TCP DDoS Packets Dropped (Packets per Second)Average received DDoS TCP packets dropped by the public IP resource.
Inbound TCP DDoS Packets Forwarded (Packets per Second)Average received DDoS TCP packets forwarded by the public IP resource.
Inbound TCP DDoS Packets To Trigger Mitigation (Packets per Second)The average inbound TCP packets required to trigger DDoS mitigation.
Inbound UDP DDoS Data (Bytes per Second)Average UDP DDoS data received by the public IP resource.
Inbound UDP Data Dropped DDoS (Bytes per Second)Average received DDoS UDP data dropped by the public IP resource.
Inbound UDP DDoS Data Forwarded DDoS (Bytes per Second)Average received DDoS UDP data forwarded by the public IP resource.
Inbound UDP DDoS Packets (Packets per Second)Average DDoS UDP packets received by the public IP resource.
Inbound UDP DDoS Packets Dropped DDoS (Packets per Second)Average received DDoS UDP packets dropped by the public IP resource.
Inbound UDP DDoS Packets Forwarded (Packets per Second)Average received DDoS UDP packets forwarded by the public IP resource.
Inbound UDP DDoS Packets To Trigger Mitigation (Packets per Second)The average inbound UDP packets required to trigger DDoS mitigation.
IP AddressThe IP address associated with the public IP address resource.
IP Configuration IDThe IP configuration associated with the public IP address.
LocationThe location of the public IP resource.
NameThe name of the public IP resource.
Outbound Data (Bytes)The total amount of data transmitted within time period.
Outbound Packets (Packets)The total number of Packets transmitted within time period.
Outbound SYN Packets (Packets)The total number of SYN Packets transmitted within the time period.
Provisioning StateThe provisioning state of the public IP resource. Possible values are: 'Updating', 'Deleting', and 'Failed'.
Public IP Allocation MethodThe public IP allocation method. Possible values are: 'Static' and 'Dynamic'.
Resource GroupThe Resource Group of the Azure resource.
Resource GUIDThe resource GUID property of the public IP resource.
SKU NameThe SKU name associated with the public IP resource.
SKU TierThe the tier of the SKU associated with the public IP resource.
TagsThe tags attached to the public IP resource.
TypeThe resource type assigned by Microsoft Azure.
Under DDoS AttackWhether or not this public IP resource is under DDoS attack (0=false, 1=true).
VersionThe public IP address version. Possible values are: 'IPv4' and 'IPv6'.