Monitoring Azure Active Directory

Last updated on 27 August, 2024

LogicMonitor provides Microsoft Azure Active Directory (AD) monitoring for AD Connect synchronization, user activity and sign-ons, and application registration secrets.

Requirements

  • You must be an administrator of an active Microsoft Azure account to grant admin consent for API permissions.
  • An existing app registration and subscription in Azure. For more information, see Adding Your Azure Environment to LogicMonitor.
  • Install or update the Microsoft Azure Active Directory LogicModules.

Adding API Permissions to your App Registration

  1. In Azure, navigate to App registrations and select the app registration that is set up for LogicMonitor. If it has not been set up, follow the steps in Adding Your Azure Environment to LogicMonitor.
  2. From the app registration’s Overview page, select API permissions and then select Add a permission.
  3. On the Request API permissions page, select Microsoft Graph.
  4. Select Application permissions, and then add the following:
    • Organization.Read.All
    • User.Read.All
    • Application.Read.All
    • AuditLog.Read.All
  5. Select Add permissions.
  6. Select Grant admin consent for each permission.

Note: You must be an administrator to grant admin consent. For more information, see Introduction to Permissions and Consent.

Microsoft Azure Active Directory LogicModules

The following modules are available for Azure Active Directory. For more information, see Installing Modules and Packages.

NameTypeDescription
Microsoft_Azure_ActiveDirectoryApplicationSecretsDataSourceDiscovers only those Client Secrets & Certificates, which are already expired, or within 30 days of expiration.
Microsoft_Azure_ActiveDirectorySyncDataSourceGathers Active Directory Connect Sync Data from Microsoft Graph API.
Microsoft_Azure_ActiveDirectoryUsersDataSourceGathers Active Directory User Data from Microsoft Graph API.

Additional Information

What is Azure Active Directory Monitoring?

In This Article