Azure Integration

How to setup your AgileBlue integration within Azure.

Event Hub Creation

1. Log into your Azure Portal.
2. Select "Resource Group" from the left-hand menu and click "Add" at the top of the page.
   
   
3. Select the correct subscription and region, then give the Group a unique name.
   
   
4. Click on "Create Tags" and then "Review and Create."
   1. Tag creation is optional.
5. With the Resource Group created, proceed to "All Services" to create the Event Hub Name Space.
   
   
6. Click "Add" in the upper left-hand portion of the screen.
   
   
7. Give the Event Hub the previously-created Resource Group and provide a name for the Name Space. For Pricing, Basic or Standard are acceptable.
   
   
8. Click "Review + Create" and then "Create" when the hub is validated, or click "Next" if tags need to be created, then proceed to review and create and wait for deployment to complete.
9. Once the deployment is finished, click "Go to resource" and verify the namespace is properly created.
   
   
10. Now that the name space is created, proceed to create the event hub for log collection.
    
    
11. Once on the Event-Hubs page, click "+ Event Hub".
    1. These steps will be repeated for:
       1. Activity Logs
       2. Sign-in Logs/Audit Logs
       3. Optional – Platform Logs
       4. Optional – Endpoint Logs
12. Provide the name of the event hub.
    
    
13. Once the hubs have been completed, the list should look similar to the image below.
    1. AzureAD-Logs will contain the logs for Audit and Sign-In
       
       
14. Now that the event hubs have been created, the next step is to export data to the Hubs.

Activity Logs

1. Go to "Monitor" (left-hand menu) and select "Activity Logs."
   
          
2. Once on the activity logs page, click "Diagnostics settings."
   
   
3. Select the subscription that was used for the creation of the Event Hub Name Space and then select "+ Add diagnostic setting".
   
   
4. Select the required settings for the collection of Activity Logs as displayed in the image below.
   
   
5. Once the settings are set, click "Save" in the upper left of the screen then go back to the diagnostic settings and confirm the settings are in place.
   
   

Sign-In/Audit Logs

1. Go to "Azure Active Directory" in the left-hand menu.
2. Select "Sign-ins."
3. Go to "Export Data Settings" in the top left of the screen.
   
   
4. Proceed to set the diagnostic settings to reflect the image below.
   
   
5. Once completed, the log stream for both Audit Logs and Sign-in Logs will be set up.

Required Information

Below is the information AgileBlue requires in order for the collector to be able to connect to the Event Hubs and retrieve data.

1. Event Hub Connection String
   1. This can be found in the Event Hub NameSpace under "Shared Access Policies."
   2. Then select "RootManageSharedAccessKey" and copy the connection string-primary key, which will be sent back to AgileBlue
      
      
      
      
2. Storage Account
   1. In order to allow the collector to keep track of the events, a storage account is needed in order to allow write back.
   2. To create a storage account, go to All Services > Storage > Storage Accounts.
   3. Then select "Create Storage Account" and use the settings reflected below.
      
      
   4. Click "Review Create".
   5. Proceed to review the setup storage account and go to "Access Keys".
   6. Here, you will need to copy the storage account name and the values in key1.
      
      
3. AgileBlue will also need the event hub names (not the name of the event hub namespace).
4. Once these steps are completed and the information has been gathered, send an email to support@agileblue.com to notify our team. A specialist will then send an encrypted email back, to which you can reply with the required information.

Questions? Contact AgileBlue Support.

Email: support@agileblue.com
Phone: (216) 606-9400