Microsoft Azure Monitor

Version: Azure Monitor

Azure Monitor is one of the Microsoft Azure cloud services. It provides a single source monitoring Azure resources/services. It allows the users to view, query, route, achieve and take actions on metrics, and logs collected from different Azure resources/services.

Netsurion Open XDR integrates with Azure Monitor, collects log from Azure Monitor and creates a detailed reports, alerts, dashboards and saved searches. These attributes of Netsurion Open XDR help users to view the critical and important information on a single platform.

Reports contain detailed overview of the activities that are associated with virtual machines, audit events such as authorization to services, and events that are performed by users with administrative privilege.

Alerts are provided as soon as any critical event are triggered by the Azure Monitor. With alerts, users will be able to get notifications about real time occurrences of events such as, failed authentication while accessing azure services, security events such as detection of trojan.

Visual/graphical representations, i.e. dashboard, consists of events such as administrative operation by source IP, security events by event name such as antimalware action taken, number/percentage of events available in each category, azure resources attacked by an adversary, etc.

After the Azure Monitor is configured to deliver events to the Netsurion Open XDR, the dashboards and reports can be configured into Netsurion Open XDR.

To take advantage of this data source integration and to learn more about alerts, reports, and dashboards, contact your Technical Account Manager (TAM). If you are not currently a Netsurion customer or partner, contact us to learn more.