Versions Compared

Version Old Version 18 New Version 19
Changes made by

Laszlo Frazer

Laszlo Frazer

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

If you have more than one set of these items, then authorize an Event Hub or for each set.

Items created or used during the authorization process:

...

  1. In Azure Portal, search for Entra ID.

    image-20250206-182248.png

  2. Click App registrations in the left menu and click new registration

    image-20250206-182408.png

  3. Register the application

  4. Search for the Event Hubs service and click on it. 

    image-20250206-195245.png

  5. Click Create.

    image-20250206-195421.png

  6. Select the subscription and resource group corresponding to the resources that must be monitored.

  7. Enter a name.

  8. In the Location field, select the region containing the resources that must be monitored.

  9. To capture Blob or Data Lake, see How Event Hubs Capture is charged to select a tier. Otherwise, select the cheapest tier and one throughput unit. If you need more resources, they can be added later.

    image-20250206-200043.png

  10. Select “Review+Create,” then “Create.”

  11. Return to Event Hubs and open the namespace created in the previous steps.

    image-20250206-200452.png

  12. Select Access control (IAM) in the left menu, click Add, and click Add Access Role Assignment.

    image-20250206-211925.png

  13. Search for the Azure Event Hubs Data Receiver role and select it and then click Next.

    image-20250206-212040.png

  14. Click Select members and search for the previously created App registration.

  15. Select the Application by clicking its name.

  16. Once the application is already listed as a selected member, click Select.

    image-20250206-214343.png

  17. Click Review + Assign.

  18. In the namespace, Create a shared access policy for sending data to the event hub.

    image-20250211-222119.png

  19. Create a second shared access policy for listening to the event hub.

    image-20250211-222210.png

  20. Open the listen policy and copy the primary connection string.

    image-20250211-222044.png

  21. Search for and select the Monitor service.

    image-20250206-214520.png

  22. Click the Diagnostic Settings option in the left area.

Info

An Azure account may have thousands of resources which need diagnostic settings configured. If manually enabling the diagnostic settings is inconvenient, use PowerShell to create a policy.

  1. Select a resource.

    image-20250206-215233.pngImage Modified

  2. Add diagnostic setting.

    image-20250206-215402.pngImage Modified

  3. Name the diagnostic setting.

  4. Enable metrics and logs. The options will vary.

  5. Enable “Stream to an event hub.”

  6. Select the namespace, hub, and policy you created.

    image-20250206-223615.pngImage Modified

  7. Click Save.

    Image Modified

  8. Open Entra.

  9. Switch to the directory.

    image-20250211-222523.pngImage Modified

  10. Add your Entra ID diagnostic settings. Devo recommends enabling all log options.

  11. If it is necessary to monitor resources that have not been created yet, create a policy in PowerShell.

Run It

In the Cloud Collector App, create an Azure Collector instance using this parameters template, replacing the values enclosed in < >. The region name for each event hub will be logged in the region field of cloud.azure. It is not required to be your Azure region.

...