Overview
Datadog’s Azure integration consists of an app registration with access to the subscriptions you want to monitor, and the app’s credentials configured in Datadog. This allows you to forward your metrics, logs, configuration information, and cost data to Datadog for visibility and alerting.
Azure permissions
Your Microsoft Entra ID user needs the following permissions:
Permission to create an app registration
One of the following must be true for the user:
Permission to assign roles within your subscriptions
You must have one of the Azure built-in roles in the Privileged category, or a custom role including the Microsoft.Authorization/roleAssignments/write action, in each of the subscriptions you wish to connect.
Permission to add and grant consent for Graph API permissions
The Privileged Role Administrator role contains the required permissions.
Datadog permissions
The Datadog Admin Role, or any other role with the azure_configurations_manage permission.
Azure service-specific integrations
Setting up the main Azure integration also installs all of Datadog’s Azure service-specific integrations. These integrations provide metrics, service checks, and events that give you visibility into the health and behavior of a particular Azure service.
Datadog's Azure integration is built to collect
all metrics from Azure Monitor. Datadog strives to continually update the docs to show every sub-integration, but cloud services rapidly release new metrics and services so the list of integrations can sometimes lag.
The
azure.*.count metric is generated by Datadog from Azure Resource Health. For more information, see
Count metric in the Azure Advanced Configuration guide.
| Integration | Description |
|---|
| Analysis Services | A service that provides data models in the cloud. |
| API Management | A service to publish, secure, transform, maintain, and monitor APIs. |
| App Service | A service for deploying and scaling web, mobile, API and business logic application. |
| App Service Environment | A service that provides an environment for securely running App Service apps at high scale. |
| App Service Plan | A set of compute resources for a web app to run. |
| Application Gateway | A web traffic load balancer that enables you to manage traffic to your web applications. |
| Automation | A service that provides automation and configuration management across your environments. |
| Batch Service | Managed task scheduler and processor. |
| Cognitive Services | APIs, SDKs, and services available to help build applications without AI or data science knowledge. |
| Container Instances | A service to deploy containers without the need to provision or manage the underlying infrastructure. |
| Container Service | A production-ready Kubernetes, DC/OS, or Docker Swarm cluster. |
| Cosmos DB | A database service that supports document, key-value, wide-column, and graph databases. |
| Customer Insights | Enables organizations to bring together datasets to build a 360° view of their customers. |
| Data Explorer | Fast and highly scalable data exploration service. |
| Data Factory | A service to compose data storage, movement, and processing services into automated data pipelines. |
| Data Lake Analytics | An analytics job service that simplifies big data. |
| Data Lake Store | A no limits data lake that powers big data analytics. |
| Database for MariaDB | A service that provides fully managed, enterprise-ready community MariaDB database. |
| Event Grid | An event routing service that allows for uniform event consumption using a publish-subscribe model. |
| Event Hub | Large scale data stream managed service. |
| ExpressRoute | A service to extend your on-premises networks into the cloud. |
| Firewall | Cloud-native network security to protect your Azure Virtual Network resources. |
| Functions | A service for running serverless code in response to event triggers. |
| HDInsights | A cloud service that processes massive amounts of data. |
| IOT Hub | Connect, monitor, and manage billions of IOT assets. |
| Key Vault | A service to safeguard and manage cryptographic keys and secrets used by cloud applications and services. |
| Load Balancer | Scale your applications and create high availability for your services. |
| Logic App | Build powerful integration solutions. |
| Machine Learning | Enterprise-grade machine learning service to build and deploy models faster. |
| Network Interfaces | Enables VM communication with internet, Azure, and on-premises resources. |
| Notification Hubs | A push engine that allows you to send notifications to any platform from any backend. |
| Public IP Address | A resource that enables inbound communication and outbound connectivity from the Internet. |
| Recovery Service Vault | An entity that stores the backups and recovery points created over time. |
| Redis Cache | Managed data cache. |
| Relay | Securely expose services that run in your corporate network to the public cloud. |
| Storage | Storage for blobs, files, queues, and tables. |
| Stream Analytics | An event-processing engine to examine high volumes of data streaming from devices. |
| SQL Database | Highly scalable relational database in the cloud. |
| SQL Database Elastic Pool | Manage the performance of multiple database. |
| Synapse Analytics | An analytics service that brings together data integration, enterprise data warehousing and big data analytics. |
| Usage and Quotas | Follow your Azure usage. |
| Virtual Machine | Virtual machine management service. |
| Virtual Machine Scale Set | Deploy, manage, and autoscale a set of identical VMs. |
| Virtual Network | Allow Azure resources to securely communicate with each other, the internet, and on-premises networks. |
Datadog-generated metrics
Datadog automatically queries other resource-specific Azure metadata APIs and uses that information to generate additional timeseries metrics. There are more than 40 Datadog-generated metrics and dozens of new tags for your Azure services, including:
- App Services
- Azure Functions
- App Service Plans
- Azure SQL Databases
- Azure Load Balancers
- Azure Virtual Networks
- Usage and quotas
- Resource counts and statuses
Configuration
To limit metric collection for Azure-based hosts, open the integration tile for Azure. Select the Configuration tab, then open App Registrations. Enter a list of tags in the text box under Metric Collection Filters.
This list of tags in <KEY>:<VALUE> form is separated by commas and defines a filter used while collecting metrics. Wildcards such as ? (for single characters) and * (for multiple characters) can also be used.
Only VMs that match one of the defined tags are imported into Datadog. The rest are ignored. VMs matching a given tag can also be excluded by adding ! before the tag. For example:
datadog:monitored,env:production,!env:staging,instance-type:c1.*
See the Azure Advanced Configuration guide for more configuration options.
Data Collected
Metrics
All standard Azure Monitor metrics plus unique Datadog generated metrics. You can also enable collection of custom metrics from Azure Application Insights under the Metric Collection tab in the Azure integration page.
For a detailed list of metrics, select the appropriate Azure service in the Azure service-specific integrations section. To exclude certain VMs from metric collection, see Azure VM Exclusion.
Logs
See the Azure automated log forwarding guide to set up log forwarding from your Azure environment.
Events
The Azure integration automatically collects Azure Service Health events. To view these in Datadog, navigate to the Event explorer and filter for the Azure Service Health namespace.
Service Checks
The Azure integration does not include any service checks.
Azure integration metrics, events, and service checks receive the following tags in addition to tags defined in your Azure environments:
| Integration | Namespace | Datadog Tag Keys |
|---|
| All Azure integrations | All | cloud_provider, region, kind, type, name, resource_group, tenant_name, subscription_name, subscription_id, status (if applicable) |
| Azure VM integrations | azure.vm.* | host, size, operating_system, availability_zone |
| Azure App Service Plans | azure.web_serverfarms.* | per_site_scaling, plan_size, plan_tier, operating_system |
| Azure App Services Web Apps & Functions | azure.app_services.*, azure.functions.* | operating_system, server_farm_id, reserved, usage_state, fx_version (linux web apps only), php_version, dot_net_framework_version, java_version, node_version, python_version |
| Azure SQL DB | azure.sql_servers_databases.* | license_type, max_size_mb, server_name, role, zone_redundant.
For replication Links only: state primary_server_name primary_server_region secondary_server_name secondary_server_region |
| Azure Load Balancer | azure.network_loadbalancers.* | sku_name |
| Azure Usage and Quota | azure.usage.* | usage_category, usage_name |
Note: See the Azure integration billing page for information about billing.
Next steps
Additional helpful documentation, links, and articles:
