Microsoft Azure

CrawlerCrawler

Overview

Connect to Microsoft Azure in order to:

  • Get metrics from Azure VMs with or without installing the Agent
  • Tag your Azure VMs with Azure-specific information (e.g. location)
  • Get metrics for other services: Application Gateway, App Service (Web & Mobile), Batch Service, Event Hub, IOT Hub, Logic App, Redis Cache, Server Farm (App Service Plan), SQL Database, SQL Elastic Pool, and Virtual Machine Scale Set

Related integrations include:

App Serviceeasy-to-use service for deploying and scaling web, mobile, API and business logic applications
Batch Servicemanaged task scheduler and processor
Event Hublarge scale data stream managed service
IOT Hubconnect, monitor, and manage billions of IOT assets
Logic Appquickly build powerful integration solutions
Redis Cachemanaged data cache
Storageblob, file, queue, and table storage
SQL Databasehighly scalable relational database in the cloud
SQL Database Elastic Poolmanage the performance of multiple databases
Virtual Machinevirtual machine management service
Virtual Machine Scale Setdeploy, manage, and autoscale a set of identical VMs

Setup

Installation

You can integrate your Microsoft Azure account with Datadog using the Azure CLI tool or the Azure portal.

Integrating through the Azure CLI

To integrate Datadog with Azure using the Azure CLI, make sure you have Azure CLI installed.

First, login to the Azure account you want to integrate with Datadog

For Azure CLI 2.0

az login

Run the account show command and copy & paste the Tenant ID value into the form on the Azure setup tile under “Tenant Name/ID”

az account show
  • Create an application as a service principal using the format below.
  • Grant the Service Principal the “reader” role for the subscription(s) you would like to monitor.
  • The appID generated from this command must be pasted into the “Client ID” text box in the Azure installation form in Datadog.
  • Add --name {some-name} to use a hand-picked name. Otherwise Azure will generate a unique one. The Name will not be used in any way in the setup process.
  • Add --password {some-password} to use a hand-picked password. Otherwise Azure will generate a unique one. This password must be copied and pasted into the “Client Secret” text box in the Azure installation form in Datadog.
az ad sp create-for-rbac --role reader --scopes /subscriptions/{subscription_id}

For Azure CLI 1.0

azure login

Run the account show command and copy & paste the Tenant ID value into the form on the Azure setup tile under “Tenant Name/ID”

azure account show
  • Create an application as a service principal using the format below. The name is NOT used in any way and is simply required as part of the setup process.
  • The password you choose must be copied and pasted into the form on the Azure setup tile under “Client Secret”.
  • You must also pass the “Client ID” of the application into Datadog. The “Client ID” is the unique ID generated from this command, shown under Service Principal Name. It is not the Object ID.
azure ad sp create -n {name} -p {password}
  • Grant the Service Principal the “Reader” role for the subscription you are interested in monitoring.
  • Use the Object Id returned from the previous command to fill in {object-Id}. {subscription-Id} is the azure subscription you would like to monitor, and is listed as ID in azure account show or through the portal
azure role assignment create --objectId {object-Id} -o Reader -c /subscriptions/{subscription-Id}/

For Azure CLI < 1.0

azure login

Run the account show command and copy & paste the Tenant ID value into the form on the Azure setup tile under “Tenant Name/ID”

azure account show
  • Create an Active Directory application using the format below.
  • The name, home-page, and identifiter-uris will be NOT used in any way and are simply required as part of the setup process.
  • The password you choose must be copied and pasted into the form on the Azure setup tile under “Client Secret”
azure ad app create --name "DatadogAuth" --home-page "http://app.datadoghq.com" --identifier-uris "http://app.datadoghq.com" --password "SomePassword"
  • Create a Service Principal using the AppId returned from the last command.
  • Copy and paste this AppId into the form on the Azure setup tile under “Client ID”

azure cli <0.10.2:

azure ad sp create {app-id}

azure cli >= 0.10.2:

azure ad sp create -a {app-id}
  • Grant the Service Principal the “Reader” role for the subscription you are interested in monitoring.
  • Use the Object Id returned from the previous command to fill in {object-Id}{subscription-Id} is the azure subscription you would like to monitor, and is listed as ID in azure account show or through the portal
azure role assignment create --objectId {object-Id} --roleName Reader --subscription {subscription-Id}

Integrating through the Azure Portals

  1. Get your tenant name and pass it to Datadog.
  2. Create a web application in your Active Directory and pass the correct credentials to Datadog.
  3. Give this application read-access to any subscriptions you would like to monitor.
Getting your Tenant Name
  1. Navigate to portal.azure.com
  2. In the leftmost blade, select “Azure Active Directory”
  3. Under properties, copy the Directory ID Value

    Azure tenant name
  4. Paste the ID under “Tenant Name/ID” in the form on the Azure setup tile

    tenant name form
Creating the Web Application
  1. Navigate to the “App Registrations” tab within your Azure Active Directory.
  2. Press “Add”
  3. Enter a name and Sign-on URL for this app.
    • These will NOT be used in any way and are simply required as part of the setup process.
    • Leave Application “Type as Web app/ API”
  4. Press “Create”

    azure create ad
  5. Once it is created, select the App from the list of App Registrations

  6. Copy the “Application ID” and paste the value into “Client ID” in the form on the Azure setup tile

    azure client id
    client id form
  7. For the same app, go to “All settings”

  8. Go to “Keys”

  9. Enter a new Client Secret key and press Save

    • Make sure to note when the key will expire!
  10. When the Secret Key is shown, copy and paste it in “Client Secret” in the form on the Azure setup tile

    azure client secret
    client secret
  11. Click “Install Integration” to complete the application creation process

Giving Read Permissions to the Application
  1. Navigate to “Subscriptions” on the left hand menu

    subscriptions icon
  2. Click on the subscription you would like to monitor

  3. Click on “Access control (IAM)” in the lefthand menu

    access control button
  4. Click “Add”

    add user button
  5. Select “Reader” as a role

    reader icon
  6. Search/select for the name of the Application you just created (i.e. Datadog Auth)

  7. Click Select

  8. Click OK

  9. Repeat this process for any other subscriptions you would like to monitor

  10. Diagnostics must be enabled for ARM deployed VMs to collect metrics. See the instructions below

In a few minutes, metrics from applications under that subscription will begin to appear!

azure vm screenboard
Naviate to the Azure VM Default Dashboard to see this dashboard populate with your infrastructure’s data

Learn more about how to monitor Azure VM performance metrics with our series of posts. We detail the key performance metrics, how to collect them, and how to use Datadog to monitor Azure VMs.

Configuration

Optionally, you can limit the Azure VMs that are pulled into Datadog by entering tags in the “Optionally filter to VMs with tag” textbox. This comma separated list of tags (in the form ‘key:value’) defines a filter that we will use when collecting metrics from Azure VMs. Wildcards, such as ‘?’ (for single characters) and ‘*’ (for multiple characters) can also be used. Only VMs that match one of the defined tags will be imported into Datadog. The rest will be ignored.

VMs matching a given tag can also be excluded by adding ‘!’ before the tag. For example:

datadog:monitored,env:production,!env:staging,instance-type:c1.*
filter_form

Deploy Agents

  1. Navigate to your VM in the Azure Portal > Settings > Extenstions > Add > Select Datadog Agent. Use an API key found here
  2. Manually deploy Agents by following the instructions here
  3. Install based on operating system or CICD tool using these instructions

Data Collected

Metrics

See metadata.csv for a list of metrics provided by this integration.

View the specific metrics we collect for each Azure service integration:

Troubleshooting

Here are some common issues you might be seeing.

I don’t know my tenant name

  1. Navigate to portal.azure.com
  2. In the leftmost blade, select “Azure Active Directory”
  3. Under properties, it is the Directory ID

    azure tenant name

Your tenant name is also available from the URL after navigating to the classic portal. It is the text in between (not including) the @ and # symbol

azure tenant url

Unable to login

If you have experienced an error logging in while trying to install the integration, please reach out to support@datadoghq.com. When possible, please attach a screenshot.

No Metrics Are Showing Up

Please ensure you completed step three of the installation process, which entails giving read permissions to the Azure application (created in step two) for the subscriptions you want to monitor.

For ARM deployed virtual machines, you must also turn on Diagnostics and select the VM metrics you would like to collect. See Enable Diagnostics below for instructions.

Missing Metrics?

For ARM virtual machines, ensure you have enabled diagnostics and selected the metrics you would like to collect using the instructions below.

For other missing metrics, please reach out to support@datadoghq.com.

Enable diagnostics

Turning on Diagnostics allows ARM deployed VMs to collect logging information which includes metrics for CPU, Network, etc. To do this, first go to Azure Portal then follow the instructions below.

After locating your VM:

  1. Click on Diagnostics settings under the Monitoring section
  2. Shift the status to On
  3. Select the metrics you would like to collect (we recommend “Basic metrics”, “Network and web metrics”, and “.Net metrics”. Un-checking logs collection could save you some storage space. Linux Virtual Machines only collect “Basic” and “Boot” diagnostics)
  4. Click Save to save your changes

    azure enable diagnostics