Microsoft Azure Virtual Network
This source has been deprecated
observIQ is in the process of transitioning a subset of BindPlane's monitoring capabilities to the observIQ OpenTelemetry Collector. As a result, this Source is no longer publicly available in BindPlane. If you need access to this Source, please reach out to our support via chat or via [email protected].
Please refer to the Microsoft Azure Sources topic for additional information on how to configure the LPU, and general Azure Data Collection setup details.
Least Privileged User
Steps:
- Using the Azure CLI Client, find the Subscription ID and Tenant ID from your account list
- Create a custom RBAC role using the JSON provided. Include your Subscription ID and rename the file to azure.json
- Create an Active Directory Service Principal and assign the custom RBAC role t it.
Creating custom roles using the Azure CLI:
https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles
Assigning roles using the Azure CLI:
https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal
{
"Name": "LPU Virtual Network",
"Description": "LPU for Virtual Network",
"Actions": [
"Microsoft.Network/publicIPAddresses/*/read",
"Microsoft.Insights/metrics/*/read",
"Microsoft.Authorization/*/read"
],
"AssignableScopes": [
"/subscriptions/[Subscription ID]"
]
}
Connection Parameters
Name | Required? | Description |
---|---|---|
Subscription ID | Required | GUID Subscription ID |
Tenant ID | Required | GUID Tenant ID (also known as Directory ID) |
Client ID | Required | GUID Client ID (also known as Application ID) |
Client Secret | Required | The Secret (also known as Key) corresponding to the Client ID. |
Maximum HTTP Retry Time (seconds) | The maximum amount of time in seconds to retry each API request when the API is throttling. | |
HTTP Request Timeout (seconds) | The maximum amount of time in seconds before a single HTTP request will fail. |
Metrics
API Usage
Name | Description |
---|---|
Average Pages | The average amount of pages needed for a paged resource type. |
Average Request Retries | The average number of retry requests per unique requests made. |
Average Retry Attempts | The average number of retry requests made per unique request that was retried. |
Average Retry Wait (Milliseconds) | The average amount of time retried requests spent waiting. |
Client ID | The client ID used to make API calls. |
Failed Requests | The total number of requests that returned a failure response. |
Maximum Pages | The most amount of pages needed for a paged resource type. |
Maximum Retries | The highest number of retries made for a single request. |
Maximum Retry Wait (Milliseconds) | The most amount of time a retried request spent waiting. |
Minimum Pages | The least amount of pages needed for a paged resource type. |
Minimum Retry Wait (Milliseconds) | The least amount of time a retried request spent waiting. |
Other Status Responses | The total number of successful requests that responded with some other accepted status. |
Request Timeouts | The total number of requests that timed out waiting for a response. |
Requests Retried | The number of unique requests that were retried. |
Retry Status Responses | The total number of successful requests that responded with the status TOO MANY REQUESTS (429). |
Retry Timeouts | The total number of requests that needed to be retried, but the request retry time exceeded the maximum retry time. |
Status OK Responses | The total number of successful requests that responded with the status OK (200). |
Subscription ID | The subscription ID used to make API calls. |
Successful Requests | The total number of requests that returned a successful response. |
Tenant ID | The tenant ID used to make API calls. |
Total Monitor Requests | The total number of requests made to get monitor metrics. |
Total Paged Requests | The total amount of resource types that required paging. |
Total Requests | The total number of requests made during collection. |
Total Retries | The total number of retry requests that were made. |
Unique Monitor Requests | The number of unique requests made to get monitor metrics. |
Unique Requests | The number of requests made with unique endpoints. |
Public IP Address
Name | Description |
---|---|
DNS Settings Domain Name Label | The label for the domain name on the public IP resource. |
DNS Settings FQDN | The fully qualified domain name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone. |
Entity Tag | A unique read-only string that changes whenever the resource is updated. |
ID | The ID for the public IP resource. |
Idle Timeout (Minutes) | The idle timeout of the public IP address. |
Inbound Data (Bytes) | The total amount of data received within time period. |
Inbound DDoS Data (Bytes per Second) | Average DDoS data received by the public IP resource. |
Inbound DDoS Data Dropped (Bytes per Second) | Average received DDoS data dropped by the public IP resource. |
Inbound DDoS Data Forwarded (Bytes per Second) | Average received DDoS data forwarded by the public IP resource. |
Inbound DDoS Packets (Packets per Second) | Average DDoS packets received by the public IP resource. |
Inbound DDoS Packets Dropped (Packets per Second) | Average received DDoS packets dropped by the public IP resource. |
Inbound DDoS Packets Forwarded (Packets per Second) | Average received DDoS packets forwarded by the public IP resource. |
Inbound Packets (Packets) | The total number of Packets received within time period. |
Inbound SYN DDoS Packets To Trigger Mitigation (Packets per Second) | The average inbound SYN packets required to trigger DDoS mitigation. |
Inbound SYN Packets (Packets) | The total number of SYN Packets received within the time period. |
Inbound TCP DDoS Data (Bytes per Second) | Average DDoS TCP data received by the public IP resource. |
Inbound TCP DDoS Data Dropped (Bytes per Second) | Average received DDoS TCP data dropped by the public IP resource. |
Inbound TCP DDoS Data Forwarded DDoS (Bytes per Second) | Average received DDoS TCP data forwarded by the public IP resource. |
Inbound TCP DDoS Packets (Packets per Second) | Average DDoS TCP packets received by the public IP resource. |
Inbound TCP DDoS Packets Dropped (Packets per Second) | Average received DDoS TCP packets dropped by the public IP resource. |
Inbound TCP DDoS Packets Forwarded (Packets per Second) | Average received DDoS TCP packets forwarded by the public IP resource. |
Inbound TCP DDoS Packets To Trigger Mitigation (Packets per Second) | The average inbound TCP packets required to trigger DDoS mitigation. |
Inbound UDP DDoS Data (Bytes per Second) | Average UDP DDoS data received by the public IP resource. |
Inbound UDP Data Dropped DDoS (Bytes per Second) | Average received DDoS UDP data dropped by the public IP resource. |
Inbound UDP DDoS Data Forwarded DDoS (Bytes per Second) | Average received DDoS UDP data forwarded by the public IP resource. |
Inbound UDP DDoS Packets (Packets per Second) | Average DDoS UDP packets received by the public IP resource. |
Inbound UDP DDoS Packets Dropped DDoS (Packets per Second) | Average received DDoS UDP packets dropped by the public IP resource. |
Inbound UDP DDoS Packets Forwarded (Packets per Second) | Average received DDoS UDP packets forwarded by the public IP resource. |
Inbound UDP DDoS Packets To Trigger Mitigation (Packets per Second) | The average inbound UDP packets required to trigger DDoS mitigation. |
IP Address | The IP address associated with the public IP address resource. |
IP Configuration ID | The IP configuration associated with the public IP address. |
Location | The location of the public IP resource. |
Name | The name of the public IP resource. |
Outbound Data (Bytes) | The total amount of data transmitted within time period. |
Outbound Packets (Packets) | The total number of Packets transmitted within time period. |
Outbound SYN Packets (Packets) | The total number of SYN Packets transmitted within the time period. |
Provisioning State | The provisioning state of the public IP resource. Possible values are: 'Updating', 'Deleting', and 'Failed'. |
Public IP Allocation Method | The public IP allocation method. Possible values are: 'Static' and 'Dynamic'. |
Resource Group | The Resource Group of the Azure resource. |
Resource GUID | The resource GUID property of the public IP resource. |
SKU Name | The SKU name associated with the public IP resource. |
SKU Tier | The the tier of the SKU associated with the public IP resource. |
Tags | The tags attached to the public IP resource. |
Type | The resource type assigned by Microsoft Azure. |
Under DDoS Attack | Whether or not this public IP resource is under DDoS attack (0=false, 1=true). |
Version | The public IP address version. Possible values are: 'IPv4' and 'IPv6'. |
Updated almost 2 years ago