Skip to main content
Version: 2.0.0

Azure Integrations

 Azure Integrations Docs

Zeron could be integrated with Microsoft Azure via the following methods:

  • Azure Graph Log API - To monitor Azure Active Directory.
  • Azure Log Analytics - To monitor Azure Platform and Services.
  • Azure Storage - To monitor Azure Platform and Services.

Requirement for Log Analytics:

  • Application ID
  • Application Key
  • Tenant-Domain
  • Subscription ID
  • Workspace

Requirement for Graph API:

  • Application ID
  • Application Key
  • Tenant Domain

Requirement for Azure Storage:

  • Container Name
  • Account Name
  • Account Key

Configuring Azure credentials

It is necessary to provide access credentials to the Zensor Azure module so it can successfully connect to Azure. The credentials required vary depending on the type of monitoring. Getting access credentials for Microsoft Graph and Log Analytics

For Microsoft Graph and Log Analytics valid application_id and application_key values are required. The necessary application_key value for a given App Registration in Azure Active Directory can be obtained from the Certificates & secrets section while the application_id can be obtained from the Overview section:

 Azure CSR

Click New Client Secret

 Azure New Client

Save the credentials (application ID and application key values) and send them to Zeron Team.

Getting access credentials for Storage

Azure Storage requires valid account_name and account_key values. They can be obtained in the Access keys section of Storage accounts:

 Access Key

ave the credentials (account_name , account_key and application ID and application key values) and send them to Zeron Team. Tenantdomain is required

Azure Storage Configuration

Azure Storage refers to the Microsoft Azure cloud storage solution, a service that provides a massively scalable object store for data objects, a messaging store for reliable messaging, a file system service for the cloud, and a NoSQL store. | As an alternative to the Azure Log Analytics REST API, Zeron offers the possibility to access Azure Storage accounts in a simple way. The activity logs of the Microsoft Azure infrastructure can be exported to the storage accounts. | This section explains how to use the Azure portal to archive the Azure activity log in a storage account and how to configure the azure-logs module. A use case is included to show a practical example.

Configuring the Activity log export

1. Audit logs

 Audit Logs

To export the logs, search for the Activity log service. It can be found by typing “Activity” in the search engine. From there, access the Audit Logs section and click on Export Data Settings.

2. Click on Add diagnostic setting.


3. diagonastics Logs:

Check the AuditLogs box and the Archive to storage account, selecting the name of the subscription and the Storage account to export the logs.

 Diagonastics Logs

Azure Log Analytics

Azure Log Analytics is a service that monitors your infrastructure offering query capabilities that allow you to perform advanced searches specific to your data. The Log Analytics solution helps you to analyse and search the Azure activity log in all your Azure subscriptions, providing information about the operations performed with the resources of your subscriptions. The data collected by Log Analytics can be consulted through the Azure Log Analytics REST API. The Azure Log Analytics API uses the Azure Active Directory authentication scheme. A qualified application or client is required to use the Azure Log Analytics REST API. This must be configured manually on the Microsoft Azure portal.

Setting up the application

The process explained below details the creation of an application that will use the Azure Log Analytics REST API. It is also possible to configure an existing application. If this is the case, skip the Creating the application step.

Creating the application

 App Regostrations

In the Azure Active Directory panel, select the option App registrations. Then, select New registration.

Giving permissions to the application

1. Application (client) ID

Go to the Overview section and save the Application (client) ID for later authentication.

 App ID

2. API Permission

Go to the API permissions section and add the required permissions to the application.

 App Permission

3. Log Analytics API

Search for the Log Analytics API.

 Analytics api

4. Add Permission

Select the Read Log Analytics data permission from Applications permissions.

 App permisssion

Grant admin consent for the tenant domain used for the permission added in the previous step. This must be done by an admin user.

Obtaining the application key for authentication

Select Certificates & secrets and fill in the Description and Expires fields. Copy the value once the key is saved. This is required to authenticate the application in order to use the Log Analytics API. | You can view previous topic configuring azure credentials

Giving our application access to the Log Analytics API

1. create a new workspace

 Azure log analytics

Access Log Analytics workspaces and create a new workspace or choose an existing one. Then, copy the Workspace Id value from the Overview section. This will be used in the Zeron configuration to allow making requests to the API.

 Azure Frameworktest

2. Add IAM Role

 Azure Frameworktest

Add the required role to the application in the Access control (IAM) section by clicking the Add and selecting add role assignment.

3. Add Role assignment

 Azure Frameworktest

Fill in the required fields and click save. It is important to choose the User, group, or service principal option in the drop-down menu and to type the full application name in the Select field.