Connect Azure Account

Sysdig can collect both general metadata and various types of metrics from your Azure environment.

After connecting an Azure account, data will become visible in the Sysdig Monitor UI after a 10-15 minute delay. Sysdig collects metrics at five-minute intervals.

Access Cloud Accounts

  1. Log in to Sysdig Monitor as an administrator.

  2. In the management section of the left-hand sidebar, select Integration > Cloud Accounts.

    The Cloud Accounts page is displayed. Continue with connecting an Azure account.

Connect an Azure Account

In Azure

  1. Log in to the Microsoft Azure.

  2. Select Active Directory and register your application with the Active Directory.

    1. Click New registration.
    2. Specify a unique name and select a type.
    3. Click Add a certificate or secret and create the client credentials and secret.
    4. Copy the value of the secret because you will not be able to retrieve the key later. The key value is required to sign in as the application.

  3. Navigate to your Subscription and select Access control (IAM).

  4. Click Grant access to this resource to assign appropriate role to this account.

  5. In the Add role assignment page, select the Monitoring Reader role. This role will allow your application to read monitoring data (resources, metric descriptors, metrics).

  6. Click Next to move to the Members tab.

  7. Select Assign access to > User, group, or service principal and then select your application.

  8. Click Review + assign to save the changes.

  9. Ensure that you have the following before you configuring an Azure account in Sysdig:

    • From the App registration page, ensure that you copy the following:

      • Tenant ID
      • Client ID
      • Client Secret
  • From the Subscription page, copy the Subscription ID.

On Sysdig Monitor UI

  1. On the Cloud Accounts screen, click Add Account.

  2. Click Azure.

  3. Click Start Installation. The New Azure Account screen is displayed.

  4. Specify the following:

    • Tenant ID
    • Client ID
    • Client Secret
    • Subscription ID

  5. Complete the installation and click Confirm.

Monitor Azure Resource Quotas

If you wish to monitor Azure Resource Quotas, you must manually enable that feature by usingthe Sysdig API (until this option is available in the Cloud Accounts Integrations UI). To enable pulling Azure Resource Quotas in your Sysdig Monitor account, you must configure the API endpoint with the following command:

curl -X POST https://${sysdigUrl}/ui/customerSettings/${customerId}/azureIntegration/quota/enable -H "Authorization: Bearer ${token}"

where:

  • ${sysdigUrl} : The URL you use to access Sysdig Monitor. For example, https://us2.app.sysdig.com/
  • ${customerId} : Your unique Sysdig Monitor customer ID. You can locate it in User > Settings > Authentication
  • ${token}: Your Sysdig Monitor API token. You can access it at User > Settings > User Profile > Sysdig Monitor API Token

NOTE: curl is used here as an example; you may use any HTTP API tool that you wish to configure this feature.