Fortinet black logo

User Guide

Home FortiMonitor 24.2.0 User Guide

Azure

24.2.0
24.2.0
Copy Link
Copy Doc ID af1daa65-c273-11ec-9fd1-fa163e15d75b:173922
Download PDF

Azure

FortiMonitor offers native integration with Azure Monitor, enabling FortiMonitor to ingest your Azure monitoring data. FortiMonitor can also perform automatic discovery and monitoring of instances within your Azure account. This is configurable by service type and region, and can also be fully customized using your Azure tags.

Azure data should be used as an augmentation of, not a replacement for, the data obtained by the FortiMonitor server Agent and external monitoring. The server Agent can provide more detailed and accurate data across any OS distribution or application you may be running on your compute instance. As well, our external monitoring ensures you're getting the full picture of your current operating environment as well as a view into what your customers are experiencing.

Connecting FortiMonitor and Azure

Azure takes a few minutes to provision or spin up the new role/ credential set. Ensure that Azure has completed this process before trying to create the FortiMonitor integration. Creating the FortiMonitor integration before Azure is ready may cause credential errors.

To grant FortiMonitor access your Azure Monitor data, you'll need to create a service account within your Azure account that grants FortiMonitor read-only access.

  1. From the navigation menu, click Add. The Infrastructure and Resource Catalog will be displayed.

  2. Select Microsoft Azure.

  3. Follow the on-page instructions to create an Azure service account.

  4. Once you've obtained your App ID and Password, select Verify Connection.

  5. Once your App ID and Password have been validated, you can configure your monitoring settings.

    • Services: Select the Azure services you'd like to monitor. It's better to only select the ones you're using, otherwise, it uses vital API calls.

    • Filter Instances by Tag: You can choose to only import instances that match the Azure tag filters you define.

    • Regions: Only select the regions you operate in, otherwise, it uses vital API calls

    • Options - Import Tags: Enabling tag import will pull in your Azure tags with your Azure instances. You have the option to import only the Value portion of the Azure tag or the entire Azure key-value pair as a single string tag.

    • Options - Import Azure tags as FortiMonitor Attributes: Azure tags will be imported as key-value pairs (attributes within FortiMonitor).

    • Options - Routinely scan for new instances: every 20 minutes, we'll look for new instances in your account and will begin monitoring them assuming they meet your filter criteria. Instances using the FortiMonitor Agent can be monitored immediately if you install the Agent on boot.

    • Options - Apply Monitoring Policies: Apply a monitoring policy to the imported Azure instances.

    • Options - Destination Group: any time instances are imported, they'll be placed in this group in the control panel. This is great for setting default values that are inherited from their parent group as well as apply default templates.

    • Options - Template: apply a Template to every instance that's imported

  6. Click Complete Integration. We'll start pulling in your instances that meet your filter criteria and begin monitoring them.

API Limits and Throttling

By default, each Azure account gets 1M Azure Monitor API calls per month for free. When FortiMonitor makes Azure calls to obtain metrics (every 10 minutes), it utilizes your API calls quota. We encourage you to utilize the FortiMonitor Agent on Virtual Machine instances, not only for the cost savings but also for the increased functionality and granularity. You can read more about it here.

Once you exceed 1M Azure Monitor calls for the month, Microsoft will charge your account $10 per 1M calls. You can read more about their pricing here.

In certain large-scale scenarios, Azure could begin throttling API calls. We will begin backing-off at that time. If you expect to utilize close to or the full 1M calls per month, we recommend reaching out to Azure to ask for a limit increase. If you'd like FortiMonitor to collect Azure metrics more often than every 10 minutes, please contact our support team. As well, you can override this at the metric level by editing the metric. Check out Templates to do this in bulk.

Existing Monitoring

If you're running the Agent (Linux version > 2017.40, Windows version > 18.34), Virtual Machine metrics will be automatically added to your existing Agent-based instances.

Example: if you have a Linux Virtual Machine instance you're already monitoring with the Agent, and the Agent version is > 2017.40, we won't create a second "Virtual Machine" instance with the Azure Monitor connection - the new Azure Monitor metrics will be added to your existing instance

Virtual Machine Incident Confirmation

If you're monitoring a Virtual Machine instance with external checks - such as HTTP, HTTPS, or Ping - and we identify an incident, we'll first confirm with Azure that the instance is still around. If it was gracefully removed, we will not alert. If the instance was not removed gracefully, we will alert as normal.

Azure integrations

The following Azure integrations are supported (free or charged per instance):

Free

  • App Service

  • Functions Apps

  • Storage Account

  • Storage: File

  • Storage: Queue

  • Storage: Table

  • Storage: Blob

  • ServiceBus

Paid

  • Virtual Machines

  • SQL Databases

  • Datawarehouse

  • MySQL Databases

  • PostgreSQL Databases

  • Redis Cache

Previous
Next

Azure

FortiMonitor offers native integration with Azure Monitor, enabling FortiMonitor to ingest your Azure monitoring data. FortiMonitor can also perform automatic discovery and monitoring of instances within your Azure account. This is configurable by service type and region, and can also be fully customized using your Azure tags.

Azure data should be used as an augmentation of, not a replacement for, the data obtained by the FortiMonitor server Agent and external monitoring. The server Agent can provide more detailed and accurate data across any OS distribution or application you may be running on your compute instance. As well, our external monitoring ensures you're getting the full picture of your current operating environment as well as a view into what your customers are experiencing.

Connecting FortiMonitor and Azure

Azure takes a few minutes to provision or spin up the new role/ credential set. Ensure that Azure has completed this process before trying to create the FortiMonitor integration. Creating the FortiMonitor integration before Azure is ready may cause credential errors.

To grant FortiMonitor access your Azure Monitor data, you'll need to create a service account within your Azure account that grants FortiMonitor read-only access.

  1. From the navigation menu, click Add. The Infrastructure and Resource Catalog will be displayed.

  2. Select Microsoft Azure.

  3. Follow the on-page instructions to create an Azure service account.

  4. Once you've obtained your App ID and Password, select Verify Connection.

  5. Once your App ID and Password have been validated, you can configure your monitoring settings.

    • Services: Select the Azure services you'd like to monitor. It's better to only select the ones you're using, otherwise, it uses vital API calls.

    • Filter Instances by Tag: You can choose to only import instances that match the Azure tag filters you define.

    • Regions: Only select the regions you operate in, otherwise, it uses vital API calls

    • Options - Import Tags: Enabling tag import will pull in your Azure tags with your Azure instances. You have the option to import only the Value portion of the Azure tag or the entire Azure key-value pair as a single string tag.

    • Options - Import Azure tags as FortiMonitor Attributes: Azure tags will be imported as key-value pairs (attributes within FortiMonitor).

    • Options - Routinely scan for new instances: every 20 minutes, we'll look for new instances in your account and will begin monitoring them assuming they meet your filter criteria. Instances using the FortiMonitor Agent can be monitored immediately if you install the Agent on boot.

    • Options - Apply Monitoring Policies: Apply a monitoring policy to the imported Azure instances.

    • Options - Destination Group: any time instances are imported, they'll be placed in this group in the control panel. This is great for setting default values that are inherited from their parent group as well as apply default templates.

    • Options - Template: apply a Template to every instance that's imported

  6. Click Complete Integration. We'll start pulling in your instances that meet your filter criteria and begin monitoring them.

API Limits and Throttling

By default, each Azure account gets 1M Azure Monitor API calls per month for free. When FortiMonitor makes Azure calls to obtain metrics (every 10 minutes), it utilizes your API calls quota. We encourage you to utilize the FortiMonitor Agent on Virtual Machine instances, not only for the cost savings but also for the increased functionality and granularity. You can read more about it here.

Once you exceed 1M Azure Monitor calls for the month, Microsoft will charge your account $10 per 1M calls. You can read more about their pricing here.

In certain large-scale scenarios, Azure could begin throttling API calls. We will begin backing-off at that time. If you expect to utilize close to or the full 1M calls per month, we recommend reaching out to Azure to ask for a limit increase. If you'd like FortiMonitor to collect Azure metrics more often than every 10 minutes, please contact our support team. As well, you can override this at the metric level by editing the metric. Check out Templates to do this in bulk.

Existing Monitoring

If you're running the Agent (Linux version > 2017.40, Windows version > 18.34), Virtual Machine metrics will be automatically added to your existing Agent-based instances.

Example: if you have a Linux Virtual Machine instance you're already monitoring with the Agent, and the Agent version is > 2017.40, we won't create a second "Virtual Machine" instance with the Azure Monitor connection - the new Azure Monitor metrics will be added to your existing instance

Virtual Machine Incident Confirmation

If you're monitoring a Virtual Machine instance with external checks - such as HTTP, HTTPS, or Ping - and we identify an incident, we'll first confirm with Azure that the instance is still around. If it was gracefully removed, we will not alert. If the instance was not removed gracefully, we will alert as normal.

Azure integrations

The following Azure integrations are supported (free or charged per instance):

Free

  • App Service

  • Functions Apps

  • Storage Account

  • Storage: File

  • Storage: Queue

  • Storage: Table

  • Storage: Blob

  • ServiceBus

Paid

  • Virtual Machines

  • SQL Databases

  • Datawarehouse

  • MySQL Databases

  • PostgreSQL Databases

  • Redis Cache

Previous
Next