Applies To: Azure Monitor
Azure Monitor is one of the Microsoft Azure cloud services. It provides a single source monitoring Azure resources/services. It allows the users to view, query, route, archieve and take actions on metrics, and logs collected from different Azure resources/services.
Netsurion integrates with Azure Monitor, collects log from Azure Monitor and creates a detailed reports, alerts, dashboards and saved searches. These attributes of Netsurion help users to view the critical and important information on a single platform.
Reports contain detailed overview of the activities that are associated with virtual machines, audit events such as authorization to services, and events that are performed by users with administrative privilege.
Alerts are provided as soon as any critical event are triggered by the Azure Monitor. With alerts, users will be able to get notifications about real time occurrences of events such as, failed authentication while accessing azure services, security events such as detection of trojan.
Visual/graphical representations, i.e. dashboard, consists of events such as administrative operation by source IP, security events by event name such as antimalware action taken, number/percentage of events available in each category, azure resources attacked by an adversary, etc.
Once Azure Monitor is configured to deliver events to Netsurion Manager; alerts, dashboards, and reports can be configured into Netsurion.
Alerts
Reports
The configuration details in this guide are consistent with Netsurion version 9.x and later, Microsoft Azure Platform.
To configure Microsoft Azure to send logs to Netsurion, refer to the How-to Guide.
For more information, please refer to the Integration guide.