You are here
404: Not Found
Cloud - Azure - Network Watchers Opspack
Azure Network Watchers allow you to monitor, diagnose, view metrics, and enable or disable logs for resources in an Azure virtual network. You can monitor communication between virtual machines and endpoints, and view the relationships between resources in a virtual network. Additionally, you can capture packets, troubleshoot and diagnose problems inside a virtual network.
What You Can Monitor
This Opspack allows you to monitor the connectivity between two VMs using a Network Watcher, get the results of troubleshooting for a virtual network gateway, get information on the connection monitors for a specific Network Watcher, and get information on the security rules present for a target VM.
|Host Template||Service Check||Description|
|Cloud - Azure - Network Watcher - VM Security Rules||Azure - Network Watcher - VM Security Rules||Display the list of network security rules for a VM if there are fewer rules than the display maximum, otherwise display the number of rules. If a warning threshold is supplied, this will return a warning whenever the total count of all rules is NOT equal to the threshold [Timespan = 5mins, Granularity = 5mins]|
|Cloud - Azure - Network Watcher - Connection Monitors||Azure - Network Watcher - Connection Monitors||If any Connection Monitors for the Network Watcher have a Monitoring Status of either 'Stopped' or 'NotStarted' then display them up to the display maximum [Timespan = 5mins, Granularity = 5mins]|
|Cloud - Azure - Network Watcher - VM Connectivity||Azure - Network Watcher - VM Connectivity||Check the status of TCP connection from a source VM to a target VM in Azure via a Network Watcher [Timespan = 5mins, Granularity = 5mins]|
|Cloud - Azure - Network Watcher - VNG Troubleshooting||Azure - Network Watcher - VNG Troubleshooting||Check the status of the last troubleshooting results for a target resource [Timespan = 5mins, Granularity = 5mins]|
- Ensure your Opsview Monitor version is newer than 07 September 2018. Check Opsview Release Notes for the latest version of Opsview Monitor.
- Service checks contained in this Opspack are not currently supported in the Troubleshooting pane. Trying to run them in Troubleshooting mode will raise an Opsview Web Exception. As a workaround, you can replace $CHECKINTERVAL$ in the arguments with your check interval (in seconds). For example, a 5 minute check interval would translate to '--check_interval 300'.
Setup Azure for Monitoring
To monitor your Azure environment, you need to configure it for monitoring. This requires Administrator access on Azure. You need to retrieve the following credentials:
- Subscription ID
- Tenant/Directory ID
- Client/Application ID
- Secret Key
Step 1: Find Subscription ID
The Subscription ID can be found in the Subscriptions section under the All services section from the Azure dashboard.
Step 2 : Find the Tenant/Directory ID
The Tenant/Directory ID can be found in the Azure Active Directory under the Properties section from the Azure dashboard.
Step 3: Find the Client/Application ID for your application
You need to create and register your application if you haven't already. Use the following documentation from Microsoft: Create an Azure Active Directory application
The Client/Application ID can be found in Azure Active Directory under the App registrations section from the Azure dashboard.
Step 4: Generate the Secret Key for your application
You will need to create a Secret Key for your application, once this has been created its value will be hidden so save the value during creation.
To create the Secret Key, select your application from the list, select the Settings within your application and then select the Keys option.
There you can create a new key by adding the description and expiration period and the value will be generated.
Step 5: Provide access to the subscription you wish to monitor
Navigate to the Subscriptions section and select the Subscription you selected before.
In the Subscription to be monitored, click Access Control (IAM).
Then click the Add button, select the required role and select the application, once for each of the following roles: * Reader * Network Contributor * Storage Account Contributor
If you are running more than one subscription these steps will need to be done for each one you wish to monitor.
Setup and Configuration
To configure and utilize this Opspack, you simply need to add the 'Cloud - Azure - Network Watchers' Opspack to your Opsview Monitor system.
Step 1: Import the Opspack
Download the cloud-azure-network-watchers.opspack file from the Releases section of this repository. Navigate to Host Template Settings inside Opsview Monitor and select Import Opspack in the top left corner.
Then click Browse and select the cloud-azure-network-watchers.opspack file. Click Upload and then click Import when the file is uploaded. You may see a 'CONFLICT' warning message after uploading - this is because all 'Cloud - Azure' Opspacks utilize the same variable (AZURE_CREDENTIALS) for authorizing access to your resources. Just click Overwrite and the Opspack should import successfully.
Step 2: Add the host template
Add the relevant host template (as listed in the Service Checks table above). If this is a resource that is applicable for a host check (has a valid hostname or IP) then you can fill in the Primary Hostname/IP field with this, and then open the Advanced section at the bottom and change the Host Check Command type to TCP Port 80 (HTTP). If the resource has no hostname or public IP, then change Host Check Command to Always assumed to be UP.
Step 3: Add and configure variables required for this host
Add 'AZURE_CREDENTIALS' to the host, then override the Subscription ID, Client ID, Secret Key and Tenant ID to match the values retrieved earlier.
Depending on your host template, you will require different additional variables declared as specified below:
|Host Template||Variables Required|
|Cloud - Azure - Network Watcher - VM Security Rules||AZURE_NETWORK_WATCHER_DETAILS, AZURE_RESOURCE_DETAILS|
|Cloud - Azure - Network Watcher - Connection Monitors||AZURE_NETWORK_WATCHER_DETAILS|
|Cloud - Azure - Network Watcher - VM Connectivity||AZURE_NETWORK_WATCHER_DETAILS, AZURE_CONNECTIVITY_SOURCE_DETAILS, AZURE_CONNECTIVITY_TARGET_DETAILS|
|Cloud - Azure - Network Watcher - VNG Troubleshooting||AZURE_NETWORK_WATCHER_DETAILS, AZURE_RESOURCE_DETAILS, AZURE_STORAGE_ACC_DETAILS|
These can be filled out as follows:
The Blob URL for an Azure Storage Account can be retrieved from the Storage Account Name > Blobs > Container Name > Properties page in the URL field.
Step 4: Reload and the system will now be monitored
ODI-1747 Fixes and Improvements to Authentication Process
Improvements to Azure authentication error handling
ODI-1453 Initial Release of Azure Opspacks for Opsview Monitor 6.0
Initial release of Opspack to work with Opsview Monitor 6.0