Microsoft Azure - FAQ

Microsoft Azure - FAQ

1. What happens to the Azure monitor in Applications Manager when you delete any of the supported services from the Azure portal?

  1. When you perform a delete operation on any of the supported Azure resources in the Azure portal, the respective monitor will automatically be deleted in Applications Manager in the Azure parent monitor's next poll.
  2. Furthermore, an entry will be added in Audit logs upon deletion of Azure monitors in Applications Manager. You can check this under Admin -> Tools -> Audit logs -> choose Actions as 'Azure monitor deletion'.

2. What are the various methods of adding an Azure monitor in Applications Manager?

  1. AD Application & Service Principal:
    1. You have to create an AD App & Service Principal and assign a role for the same in the Azure portal. This will enable you to obtain the Client ID and AppKey information which you can then use to add a monitor in Applications Manager. Refer to the prerequisites to know more. 
  2. Azure Organizational Account (Powershell):
    1. Create the AD App & Service principal, assign roles for each, and generate ClientID and AppKey by executing the PowerShell script using the Org account credentials. Refer to the prerequisites to know more.
  3. OAuth:
    1. Create an AD App & Service Principal, assign a role to the same, and perform App registration in the Azure portal.
    2. Configure the OAuth Provider in Applications Manager (Admin → OAuth Provider).
    3. Choose the created OAuth Provider in the newly created monitor page to add the Azure monitor. Refer to the prerequisites to know more.

3. What are the APIs used for data collection?

  1. Azure Subscription API
  2. Azure Virtual Machine list API
  3. Azure Virtual Machine instance API
  4. Azure Storage Account list API
  5. Azure SQL Server list API
  6. Azure SQL Database list API
  7. Azure Service Bus list API

4. What are the different types of errors that can occur in Applications Manager and how can I fix them?

  1. "Authentication failed. Access is denied." (Occurs while adding a new monitor)
  2. "Az Powershell module is not installed." (Occurs while adding a new monitor)
  3. "Azure service discovery failed. Invalid application key" (Occurs when adding a monitor using method 1)
  4. "Azure service discovery failed. Invalid application key"  (Occurs when adding a monitor using mode 2)
Note: Troubleshooting for other Azure services (SQL, VMs, and Storage Account) monitoring is available in the K-base separately.

5. What are the different hosts and ports that will be accessed while monitoring Azure in Applications Manager?

Ensure the connectivity between Applications Manager and Azure for the below mentioned Hosts & Ports. Also, check your network firewall access and proxy configuration in Applications Manager.
  1. Hosts (Azure Global):
    1. login.microsoftonline.com - Used for Authentication in all the services
    2. management.azure.com - Used for Data Collection in all the services
    3. <storage-account>.table.core.windows.net - Used to fetch Diagnostic Extension metrics from the Azure Virtual Machine
    4. Azure SQL DB Server Name - Used to establish a JDBC connection to fetch query metrics (For example, the JDBC Url would be: jdbc:sqlserver://<DBserver>.database.windows.net:1433)
  2. Hosts (Azure Gov Cloud):
    1. login.microsoftonline.us - Used for Authentication in all the services
    2. management.usgovcloudapi.net - Used for Data Collection in all the services
    3. <storage-account>.table.core.usgovcloudapi.net - Used to fetch Diagnostic Extension metrics from the Azure Virtual Machine
    4. Azure SQL DB Server Name - Used to establish a JDBC connection to fetch query metrics (For example, the JDBC Url would be: jdbc:sqlserver://<DBserver>.database.usgovcloudapi.net:1433)
  3. Hosts (Azure China):
    1. login.partner.microsoftonline.cn - Used for Authentication in all the services
    2. management.chinacloudapi.cn - Used for Data Collection in all the services
    3. <storage-account>.table.core.chinacloudapi.cn - Used to fetch Diagnostic Extension metrics from the Azure Virtual Machine
    4. Azure SQL DB Server Name - Used to establish a JDBC connection to fetch query metrics (For example, the JDBC Url would be: jdbc:sqlserver://<DBserver>.database.chinacloudapi.cn:1433)
  4. Azure Kubernetes FQDN from the Azure portal - Used to connect to the Kubernetes cluster using kubectl commands
  5. Ports:
    1. HTTPS: 443
    2. SQL DB (JDBC): 1433
    3. VM Guest OS metrics via Powershell: 5985, 5986

                  New to ADSelfService Plus?

                    • Related Articles

                    • Microsoft Azure VM - Enabling Diagnostics extension for Windows & Linux VMs

                      Diagnostic Extension is now considered a legacy approach and it is limited to some server distributions. It is recommended to switch to Azure Monitor Agent (AMA). From Applications Manager v171400, Azure monitor agent is supported. Refer here to know ...
                    • Azure Virtual Machine - FAQ

                      1. How is data collection happening for Azure Virtual Machine monitors? Microsoft Azure monitor discovery modes in AppManager: AD Application mode Organizational Account mode OAuth mode Azure VM monitor - Data collection methods: Azure Monitor Azure ...
                    • Azure SQL Database - FAQ

                      1. Why have we removed the Diagnostic Settings dependency in Azure SQL Database monitor? Till APM v15240: Azure SQL Database was using Diagnostic Settings to perform data collection. Prerequisites had to be fulfilled to turn on Diagnostic Settings ...
                    • Azure Storage Account - FAQ

                      1. Why have we removed the Diagnostic Settings dependency in Azure Storage Account monitor? Till APM v15300: Azure Storage Account monitor was using Diagnostic Settings to perform data collection. Azure Storage Account monitor was dependent on ...
                    • Microsoft Azure - Error : Az Powershell module is not installed

                      While adding the Microsoft Azure monitor or during data collection, if this error occurs, follow the below steps for troubleshooting: Check whether all the prerequisites mentioned in the below link are done: ...