Agents Administration - Tests
 

Default Parameters for AzrADActvtyTest

Azure Active Directory provides Audit Logs, where changes/updates to the configuration of users, groups, and applications are logged. With the audit logs in Azure AD, administrators get access to records of system activities for compliance.

Whenever critical changes are made to an Azure organization - e.g., a password is changed, an application is updated, if the license of a user has changed etc. - administrators may want to know whether such changes were initiated by authorized services/users. This is because, unauthorized changes, if permitted, can have serious, long-standing repurcussions on the overall health and operations of the cloud organization. SometimesTo quickly spot such changes, and to know what was changed and by whom, administrators need to review the audit logs periodically. The AzrADActvtyTest helps administrators in this exercise!

This test monitors the Azure AD audit logs at configured intervals, and notifies administrators every time a user-, group-, or application-related change/activity is logged in the audit log file.

Detailed diagnostics provide additional details about the change/activity, thereby enabling administrators to figure out who made the change and when. With the help of this information, administrators can quickly detect unauthorized changes, and take appropriate action.

This page depicts the default parameters that need to be configured for the AzrADActvtyTest.

  • The TEST PERIOD list box helps the user to decide how often this test needs to be executed.

  • Specify the Directory ID of the Azure AD tenant to which the target subscription belongs in the TENANT ID text box. To know how to determine the Directory ID/Tenant ID Click here.

  • The eG agent communicates with the target Microsoft Azure Subscrption using Java API calls. To collect the required metrics, the eG agent requires an Access token in the form of an Application ID and the client secret value.Specify the Application ID of the created Application in the CLIENT ID TEXTBOX To know how to determine the Application ID Click here. Specify the client secret value in the CLIENT PASSWORD text box. To obtain the client secret value Click here.

  • In some environments, all communication with the Azure cloud be routed through a proxy server. In such environments, you should make sure that the eG agent connects to the cloud via the proxy server and collects metrics. To enable metrics collection via a proxy, specify the IP address of the proxy server and the port at which the server listens against the PROXY HOST and PROXY PORT parameters. By default, these parameters are set to none , indicating that the eG agent is not configured to communicate via a proxy, by default.

  • If the proxy server requires authentication, then, specify a valid proxy user name and password in the PROXY USERNAME and PROXY PASSWORD parameters, respectively. Then, confirm the password by retyping it in the Confirm Password text box.

  • Once the necessary values have been provided, clicking on the UPDATE button will register the changes made.

When changing default configurations of tests, the values with “$” indicate variables that will be replaced by the eG system according to the specific server being managed - for instance, $hostName is the host/nickname of the target host, $port is the port number of the server being monitored. E.g., for a server xyz:80, $hostName will be changed automatically by the eG manager to “xyz*” and $port will be changed to “80” when configuring a test.