Sumo Logic ahead of the packRead article
Azure monitoring: Secure your apps and improve user experience
Gain visibility into your Azure stack without having to parse individual logs and write complex queries. Access out-of-box dashboards to monitor your Azure stack and individual Microsoft Azure services seamlessly.
Azure Monitoring: Spot performance problems before they're a user's problem
Eliminate blind spots with support for Windows Azure services, modern architectures and integrations with your favorite tools. Ensure exceptional customer experience, eliminate application downtime, secure apps with built-in machine learning and simplify compliance requirements.
Monitor the health of your Azure environment. Collect data from the Azure Activity Log to monitor resource usage, service health and user activity with preconfigured dashboards.
Azure Active Directory
Gain full insight into your user experience. Sumo Logic provides application insights into role management, user management, group management, successful and failure sign-in events, directory management and application management data.
Azure Network Watcher
Troubleshoot traffic and improve your overall security posture. Leverage Network Security Group (NSG) flow logs for real-time visibility and analysis of inbound and denied network traffic patterns and outliers in traffic flow.
Azure SQL database
Detect anomalies, reduce mean time to resolve (MTTR) and improve performance. Review resource utilization, blocking queries, database wait events, errors, runtime execution stats and other database analytics.
Microsoft Office 365
Improve the security of your O365 integration and accelerate troubleshooting of your O365 environment. Simplify and improve O365 audits with the Sumo Logic App for Microsoft Office 365 that collects and monitors data across Azure Active Directory, Azure Exchange and Azure Sharepoint.
How do logs and metrics from Azure services get into Sumo Logic?
Azure services send monitoring data to Azure Monitor.
Azure Monitor streams the logs to a logs event hub and metrics to a metrics event hub.
On receipt of data from Azure Monitor, an event hub triggers its Azure function to send the data to an HTTP source on a hosted collector in Sumo Logic.
Upon being triggered by its event hub, an Azure function sends the monitoring data it received (either logs or metrics) to an appropriately configured HTTP source on a hosted collector in the Sumo Logic cloud platform.
The Azure-Sumo pipelines for Azure log and metric collection use event hubs and Sumo-provided Azure functions to get monitoring data from Azure Monitor to Sumo Logic.
What Azure data can I monitor with Sumo Logic?
Sumo Logic can bring together application and infrastructure data — Azure logs and metrics — to let you monitor:
Activity logs— subscription-level logs that provide insight into the operations performed on resources in your subscription, for example, creating a virtual machine or deleting a logic app.
Diagnostics logs— resource-level logs that provide insight into operations that were performed within a resource itself, for example, getting a secret from a Key Vault.
Metrics— performance statistics for different resources and the operating system in a virtual machine.
Sumo Logic integrates with Azure Monitor, enabling users to monitor a comprehensive set of Azure services.
What is an Active Directory (AD)
Active Directory is a specialized software tool for administrators and security management teams of Windows domain networks to manage and deploy network changes and system or security policy changes to all machines connected to the domain or defined groups of users or endpoints. Active Directory employs a unique methodology for structuring network objects that lets network admins deploy changes in an organized and streamlined way without changing each object individually.
What are Active Directory Domain Services (AD DS)?
In addition to simplifying the management of groups of network objects, Active Directory also provides crucial security services in the form of AD DS. These services include:
Domain services - performs user login authentication and provides search functionality, managing interactions between users and domains and storing data in a central location.
Rights management - prevents unauthorized access or theft of digital content and protects intellectual property.
Certificate services - handles the creation, assignment, and oversight of security certificates.
Lightweight directory services - uses LDAP protocol to support directory-enabled apps.
Directory federation services - provides single sign-on services to streamline user access to web applications.
What are Azure platform logs?
Platform logs provide detailed diagnostic and auditing information for Azure app service resources and the Azure cloud services platform they depend on.
Microsoft Azure services generate three categories of platform logs that record different actions:
Azure Active Directory reports changes made in Azure AD and login activity.
Activity logs record Azure Service Health events and operations performed on an Azure resource, such as creating a virtual machine.
Resource logs capture operations performed within an Azure resource, such as querying a database or writing to a storage bucket.