Support Center Home


2b. Adding your Azure environment into LogicMonitor

Adding your Azure environment into LogicMonitor


With LogicMonitor, you can monitor the state of your Azure deployment and the underlying services and license usage that allows you to identify faults and manage performance.

Prerequisites

  • Application (Client) ID, Directory (tenant ID), and client Secret Key value for a registered application in Microsoft Azure.

Note: You may want to create a New App registration in the Azure portal before you start so that you have these IDs and Secret Key available for setting up permissions. For more information, follow the steps for Setting Up LogicMonitor Account in Azure

For a list of Azure services monitored, see Cloud Monitoring Overview.

Setting Up LogicMonitor Account in Azure


Follow these steps to register and authorize a new application to call the reports API:

1. Log into the Azure portal using an administrator account.

2. From the Azure Services menu, click Azure Active Directory and click Add.

Note: Tenant ID is displayed on the Active Directory home screen. The Tenant ID will be required while adding the Azure account in LogicMonitor

3. Navigate to Home > Organizational  account > Manage > App registrations and click +New registration.

4. On the Register an application page, enter the following details:

  • Name: Enter a display name for the application. This name will be used throughout your Azure portal and does not have any specific requirements.
  • Supported account types: Select the Accounts in this organizational directory only option.
  • Redirect URI: This setting is optional and can be left unspecified. Enter the name for the application.


5. Click Register.

6. On the Registration page, you can see the Application (client) ID and Directory (tenant) ID.

Note: You will require the Application ID for the LogicMonitor portal configuration.

7. On the left navigation pane, click Certificates & secrets.

8. Add +New client secret.

9. On the Add a client secret pane, add information in the Description and the Expires fields.

10. Click Add.

Note: Ensure to copy or make a note of the Client Secret Key value. You will not be able to view the information once you navigate away from the page. You will need to enter the value in the LogicMonitor configuration.

Adding Subscription Details in Azure

For adding subscription details in Azure for the LogicMonitor account, complete the following steps:

1. Navigate to Azure portal > Azure Services > Subscriptions and click Add.

2. Click the desired subscription name to monitor, for example, we selected the Product Team in the Subscription Name field.

3. On the Registration page, you can see the Subscription ID, Offer ID, and Start Day of Billing Cycle.



Note
: You will require these details for the LogicMonitor portal.


4. On the Subscription Name (Product Team) page, from the left navigation pane, select Access control (IAM).

5. Click +Add and select Add role assignment.

6. On the Add role assignment pop-up, from the Role drop-down list, select a role.

7. Select the registered application name and click Save.

Note: You can also add large number of subscriptions. For more information, see Adding Large Number of Subscriptions topic.

Adding Azure account into LogicMonitor

For adding your Azure account into LogicMonitor for monitoring, complete the following steps:

  1. Add your Azure account into LogicMonitor from Exchange > Cloud Integrations.

2. Select Azure and click Add.

3. On the Name page, enter the following details:

  • Name: (Required) Enter a name for the Azure account.
  • Description: Provide a description for the Azure account.
  • Parent Group: (Required) Assign the Azure account to a parent group. By default, it will be assigned to the root group of the portal.
  • Properties: Define properties and values.

4. On the Permissions page, enter the following details:

  • Tenant ID: (Required) The Directory ID for your registered application.
  • Client ID: (Required) The Application ID for your registered application.

Secret Key: (Required) The application password.


Note: You can find this information in your Microsoft Azure portal, on the registration page for your app. For more information, follow the steps for Setting Up LogicMonitor Account in Azure.

  • Subscriptions selected: On the bottom-right corner, click Get Subscriptions.

    All subscriptions available to LogicMonitor based on the permissions you’ve configured will be listed. If you don’t see one or more subscriptions you expect to see, ensure that the application you created in Azure has reader permissions for those subscriptions.


5. Click Next: Services and on the Services page, select the services that you want to monitor.


6. Click Default Settings to configure services. For more information, see Configuring Azure Services for Monitoring section.

7. Click Test Permissions.

8. Click Next: Billing.

9. On the Billing page, enter Subscription ID, Offer ID, and the Start Day of Billing Cycle.


For billing information details, navigate to your Azure account > Subscriptions > select the required subscription name. On the left panel, click Overview.

10. Click Add Billing.

11. Click View Azure Resources.

You should be able to view resources and dashboards from your Azure application.

Configure Azure Services for Monitoring

To configure Azure services for Monitoring complete the following steps:

1. In the Azure Services section of the dialog, click Default Settings.

2. On the Default Settings page, click Global Settings.

3. From the NetScan Frequency drop-down list, you can select the preferred frequency for scheduling NetScans.

4. Enable Automatically delete terminated Azure resources option, to automatically remove dead instances.
You can further select whether this should happen immediately or after a specified period during which no data is received for the instance.

5. Enable Automatically disable alerting for terminated Azure resources to disable alerting for terminated instances ensures you will not receive any alerts once instances are terminated if they are not scheduled to be automatically deleted.



Note: LogicMonitor intelligently and automatically stops Azure Monitor API data collection once instances are terminated, this option will ensure you do not receive alerts for traditional Collector DataSources like Ping.

6. In the Monitored Regions section, you can select the regions that you want to monitor.

7. Click Tags, to monitor only certain Azure instances for a particular service, you can tag those instances from your Azure portal and apply a tag filter to that service in LogicMonitor.

Note: If you specify a Tag filter, only Azure resources that meet the filter criteria will be added to your LogicMonitor account. Following are the criteria:

  • You can use glob expressions with the tag filter (e.g. tag value = prod*).
  • Resources will be discovered if they contain one or more tags specified with an include operation but not any of the exclude tags.
  • The tag filter is case sensitive.

Adding Large Number of Subscriptions

For a large number of subscriptions, you may want to consider assigning permissions via PowerShell. For example, the following PowerShell script will add an AAD application for LogicMonitor and add the application as a reader to each subscription available to the user that runs the script.

# Authenticate to all Azure subscriptions that the user has access to
Login-AzureRmAccount

# Password for the service principal
$pwd = "{service-principal-password}"

# Create a new Azure AD application
$azureAdApplication = New-AzureRmADApplication `
             -DisplayName "LogicMonitor" `
             -HomePage "https://lmtest.logicmonitor.com" `
             -IdentifierUris "https://lmtest.logicmonitor.com" `
             -Password $pwd

# Create a new service principal associated with the designated application
New-AzureRmADServicePrincipal -ApplicationId $azureAdApplication.ApplicationId

# Assign Reader role to the newly created service principal for each subscription
Get-AzureRmSubscription | ForEach-Object {
  Set-AzureRmContext -SubscriptionId $_.SubscriptionId
  New-AzureRmRoleAssignment -RoleDefinitionName Reader `
            -ServicePrincipalName $azureAdApplication.ApplicationId.Guid
}

In This Article