Enabling the Azure Integration allows Blue Matador to monitor the resources in your Microsoft Azure subscription. After installation, more than 50 events will be automatically detected in your Azure subscription without configuring any thresholds. The supported services include:
- Azure Load Balancers
- VPN Gateway
- Azure SQL
- Application Gateway
- Traffic Manager
- Recovery Vaults
- Azure Site Recovery
- Azure App Services
- Storage Accounts
- Azure Virtual Machines
Installing the Blue Matador Azure integration requires either an active trial or paid account. Contact sales to get started. You will also need to meet the following requirements:
- Access to create Active Directory app registrations in your Azure subscription
- Create an app registration in the Azure subscription you’d like to monitor. This can be done by clicking New registration under Active Directory > App Registrations. Configure the app registration for single tenant use and leave the redirect URI blank.
2. Create a client secret for the app registration by clicking on the app registration you just created, and then selecting Certificates & secrets from the menu on the left. Next, click the button labeled + New client secret. Create a secret that expires Never, and save the secret for use later in this process because you will be unable to access it later.
3. Gather your Application (client) ID and Directory (tenant) ID from the Overview page of your app registration.
4. Give the app registration a role assignment on your subscription by searching for “Subscriptions” in the Azure portal search bar and then clicking into the subscription you’d like to monitor. Under Access Control (IAM) in the left menu, click + Add and then select Add role assignment. Select the Reader role and then search for the name of the app registration you created. Click on it, and then save the role assignment.
5. Finally, get your Subscription ID by copying the ID from your subscription’s Overview.
6. Now that you have your subscription ID, client ID, tenant ID, and client secret, Log in to Blue Matador and navigate to the Integrations page via Setup > Integrations.
7. Expand the Azure installation dialog by clicking on the Install button on the Azure tile.
8. Set the display name for your Azure integration. This will allow you to identify which Azure subscription your resources belong to if you have multiple subscriptions set up.
9. Enter your subscription information into the text fields and use the Verify Keys button to ensure the proper permissions are in place.
10. Save the integration. Data is collected at 5 minute intervals, so it will take up to 5 minutes for the first collection to take place when an Azure integration is created.
After at least 5 minutes have passed, you should verify that your Azure resources are showing up in the Atlas Azure page via Explore > Atlas. If you do not see resources, it is possible that the integration was not set up properly. The most likely reason for any issues is that IDs or the client secret were copied incorrectly. If this is the case, you may edit your Azure integration and enter different information.
Disabling an Integration
To disable an Azure integration, navigate to the list of integrations via Setup > Integrations. Click on your Azure integration, and then click Disable Integration in the dropdown.
If you are removing an Azure subscription from Blue Matador, you can disable and then delete the integration in our UI. This will help us avoid making unauthenticated calls to collect data from Azure.
Frequently Asked Questions
Is the Blue Matador Windows Server agent compatible with the Azure integration? Yes, the Blue Matador agent is compatible with the Azure integration. The agent is able to collect data that is not available from the Azure integration and vice-versa.
Does Blue Matador modify my Azure resources? The Azure integration specifically does not make any modifications to your Azure infrastructure. All of the API calls are read-only.
Does the Azure integration cost extra? All of the Blue Matador integrations are available during the free trial period and with any paid account. Since the Azure integration with Blue Matador uses the Azure Monitor API using your credentials, you are responsible for any charges incurred from Azure Monitor API calls.
Can I have multiple Azure integrations? Blue Matador supports as many Azure integrations as you have Azure subscriptions.