Monitoring Azure Active Directory
Last updated on 30 March, 2023LogicMonitor provides Microsoft Azure Active Directory (AD) monitoring for AD Connect synchronization, user activity and sign-ons, and application registration secrets.
Requirements
- You must be an administrator of an active Microsoft Azure account to grant admin consent for API permissions.
- An existing app registration and subscription in Azure. For more information, see Adding Your Azure Environment to LogicMonitor.
- Install or update the Microsoft Azure Active Directory LogicModules.
Adding API Permissions to your App Registration
- In Azure, navigate to App registrations and select the app registration that is set up for LogicMonitor. If it has not been set up, follow the steps in Adding Your Azure Environment to LogicMonitor.
- From the app registration’s Overview page, select API permissions and then select Add a permission.
- On the Request API permissions page, select Microsoft Graph.
- Select Application permissions, and then add the following:
- Organization.Read.All
- User.Read.All
- Application.Read.All
- AuditLog.Read.All
- Select Add permissions.
- Select Grant admin consent for each permission.
Note: You must be an administrator to grant admin consent. For more information, see Introduction to Permissions and Consent.
Microsoft Azure Active Directory LogicModules
The following modules are available for Azure Active Directory. For more information, see Installing Modules and Packages.
| Name | Type | Description |
| Microsoft_Azure_ActiveDirectoryApplicationSecrets | DataSource | Reports the status of Client Secrets & Certificates belonging to Azure AD application registrations. Uses the List Applications operation provided by the Microsoft Graph API. |
| Microsoft_Azure_ActiveDirectorySync | DataSource | Gathers Active Directory Connect Sync Data from Microsoft Graph API. |
| Microsoft_Azure_ActiveDirectoryUsers | DataSource | Gathers Active Directory User Data from Microsoft Graph API. |