Panopta offers native integration with Azure Monitor, enabling Panopta to ingest your Azure monitoring data. Panopta can also perform automatic discovery and monitoring of instances within your Azure account. This is configurable by service type and region, and can also be fully customized using your Azure tags.
Azure data should be used as an augmentation of, not a replacement for, the data obtained by the Panopta server Agent and external monitoring. The server Agent can provide more detailed and accurate data across any OS distribution or application you may be running on your compute instance. As well, our external monitoring ensures you're getting the full picture of your current operating environment as well as a view into what your customers are experiencing.
Connecting Panopta and Azure
Azure takes a few minutes to provision or spin up the new role/ credential set. Ensure that Azure has completed this process before trying to create the Panopta integration. Creating the Panopta integration before Azure is ready may cause credential errors.
To grant Panopta access your Azure Monitor data, you'll need to create a service account within your Azure account that grants Panopta read-only access.
From the main navigation header, click Add. The Infrastructure and Resource Catalog will be displayed.
Follow the on-page instructions to create an Azure service account.
Once you've obtained your App ID and Password, select Verify Connection.
Once your App ID and Password have been validated, you can configure your monitoring settings.
Services: Select the Azure services you'd like to monitor. It's better to only select the ones you're using, otherwise, it uses vital API calls.
Filter Instances by Tag: You can choose to only import instances that match the Azure tag filters you define.
Regions: Only select the regions you operate in, otherwise, it uses vital API calls
Options - Import Tags: Enabling tag import will pull in your Azure tags with your Azure instances. You have the option to import only the Value portion of the Azure tag or the entire Azure key-value pair as a single string tag.
Options - Import Azure tags as Panopta Attributes: Azure tags will be imported as key-value pairs (attributes within Panopta).
Options - Routinely scan for new instances: every 20 minutes, we'll look for new instances in your account and will begin monitoring them assuming they meet your filter criteria. Instances using the Panopta Agent can be monitored immediately if you install the Agent on boot.
Options - Apply Monitoring Policies: Apply a monitoring policy to the imported Azure instances.
Options - Destination Group: any time instances are imported, they'll be placed in this group in the control panel. This is great for setting default values that are inherited from their parent group as well as apply default templates.
Options - Template: apply a Template to every instance that's imported
Click Complete Integration. We'll start pulling in your instances that meet your filter criteria and begin monitoring them.
API Limits and Throttling
By default, each Azure account gets 1M Azure Monitor API calls per month for free. When Panopta makes Azure calls to obtain metrics (every 10 minutes), it utilizes your API calls quota. We encourage you to utilize the Panopta Agent on Virtual Machine instances, not only for the cost savings but also for the increased functionality and granularity. You can read more about it here.
Once you exceed 1M Azure Monitor calls for the month, Microsoft will charge your account $10 per 1M calls. You can read more about their pricing here.
In certain large-scale scenarios, Azure could begin throttling API calls. We will begin backing-off at that time. If you expect to utilize close to or the full 1M calls per month, we recommend reaching out to Azure to ask for a limit increase. If you'd like Panopta to collect Azure metrics more often than every 10 minutes, please email firstname.lastname@example.org. As well, you can override this at the metric level by editing the metric. Check out Templates to do this in bulk.
If you're running the Agent (Linux version > 2017.40, Windows version > 18.34), Virtual Machine metrics will be automatically added to your existing Agent-based instances.
Example: if you have a Linux Virtual Machine instance you're already monitoring with the Agent, and the Agent version is > 2017.40, we won't create a second "Virtual Machine" instance with the Azure Monitor connection - the new Azure Monitor metrics will be added to your existing instance
Virtual Machine Incident Confirmation
If you're monitoring a Virtual Machine instance with external checks - such as HTTP, HTTPS, or Ping - and we identify an incident, we'll first confirm with Azure that the instance is still around. If it was gracefully removed, we will not alert. If the instance was not removed gracefully, we will alert as normal.
The following Azure integrations are supported (free or charged per instance):