Enabling the Azure Integration allows Blue Matador to monitor the resources in your Microsoft Azure subscription. After installation, your Azure resources that are found in the list below will automatically be detected and monitored without any manual configuration necessary. The supported services include:
Azure Application Gateway
Azure App Gateway
Azure App Services
Azure Cosmos DB
Azure Load Balancers
Azure Recovery Vaults
Azure Search Service
Azure Site Recovery
Azure SQL
Azure SQL Managed Instances
Azure Storage Accounts
Azure Traffic Manager
Azure Virtual Machines
Azure VPN Gateway
Requirements
Installing the Blue Matador Azure integration requires either an active trial or paid account. Contact sales to get started. You will also need to meet the following requirements:
Access to create Active Directory app registrations in your Azure subscription.
Installation Process
1. Create an App registration in the Azure subscription you’d like to monitor. This can be done by clicking “New registration” under your Active Directory > App Registrations. Configure the app registration for single tenant use and leave the redirect URI blank.
2. Create a client secret for the App registration by clicking on the App registration you just created, and then select "Certificates & Secrets" from the menu on the left.
3. Next, click the button labeled "+ New client secret". We recommend creating a secret that expires at a date that is far into the future and setting a calendar reminder for yourself in order to renew the client secret before Blue Matador loses access.
4. Next, copy your new "Client Secret Value" from the page because you will be unable to access it later.
5. Gather your "Application (client) ID" and "Directory (tenant) ID" from the Overview page of your app registration.
6. Give the app registration a role assignment on your subscription by searching for “Subscriptions” in the Azure portal search bar and then clicking into the subscription you’d like to monitor. Under "Access Control (IAM)" in the left menu, click "+ Add" and then select "Add role assignment".
7. Select the Reader role and then search for the name of the app registration you created. Click on it, and then save the role assignment.
8. Finally, get your "Subscription ID" by copying the ID from your subscription’s Overview.
9. Now that you have your subscription ID, client ID, tenant ID, and client secret value, Log in to Blue Matador and navigate to the Integrations page via Setup > Integrations.
10. Expand the Azure installation dialog by clicking on the Install button on the Azure tile.
11. Set the display name for your Azure integration. This will allow you to identify which Azure subscription your resources belong to if you have multiple subscriptions set up.
12. Enter your subscription information into the text fields and use the Verify Keys button to ensure the proper permissions are in place.
13. Save the integration. Data is collected at 5 minute intervals, so it will take up to 5 minutes for the first collection to take place when an Azure integration is created.
Troubleshooting
After at least 5 minutes have passed, you should verify that your Azure resources are showing up in the Atlas Azure page via Explore > Atlas. If you do not see resources, it is possible that the integration was not set up properly. The most likely reason for any issues is that IDs or the client secret were copied incorrectly. If this is the case, you may edit your Azure integration and enter different information.
Disabling an Integration
To disable an Azure integration, navigate to the list of integrations via Setup > Integrations. Click on your Azure integration, and then click "Disable Integration" in the dropdown.
If you are removing an Azure subscription from Blue Matador, you can disable and then delete the integration in our UI. This will help us avoid making unauthenticated calls to collect data from Azure.
Frequently Asked Questions
Is the Blue Matador Windows Server agent compatible with the Azure integration? Yes, the Blue Matador agent is compatible with the Azure integration. The agent is able to collect data that is not available from the Azure integration and vice-versa.
Does Blue Matador modify my Azure resources? The Azure integration specifically does not make any modifications to your Azure infrastructure. All of the API calls are read-only.
Does the Azure integration cost extra? All of the Blue Matador integrations are available during the free trial period and with any paid account. Since the Azure integration with Blue Matador uses the Azure Monitor API using your credentials, you are responsible for any charges incurred from Azure Monitor API calls.
Can I have multiple Azure integrations? Blue Matador supports as many Azure integrations as you have Azure subscriptions.