Azure Virtual Network monitoring integration

Access to this feature depends on your subscription level. Requires Infrastructure Pro.

New Relic Infrastructure provides an integration for Microsoft Azure's Virtual Network that reports data from your Virtual Network service to New Relic products. This document explains how to activate this integration and describes the data that can be captured.

Features

New Relic's integration for Azure Virtual Network reports metric data about your virtual networks (VNets), like packets dropped per second or bytes forwarded per second. It also collects inventory data about the status and configuration of your account.

You can monitor and alert on your Virtual Network data from New Relic Infrastructure, and you can create custom queries and chart dashboards in New Relic Insights.

Requirements

Requirements include:

Activate integration

To enable this integration:

  1. Make sure you have installed the Infrastructure agent before you activate Azure integrations from your Infrastructure account.
  2. Follow standard procedures to activate your Azure service in New Relic Infrastructure.

Configuration and polling

You can change the polling frequency and filter data using configuration options.

Default polling information for the Virtual Network integration:

  • Polling interval: 1 minute for metrics; 5 minutes for inventory
  • Resolution: 1 data point per minute

Find and use data

To find your integration data in Infrastructure, go to infrastructure.newrelic.com > Integrations and look for the integration.

In New Relic Insights, data is attached to the AzureVirtualNetworksPublicIpAddressSample event type.

For more on how to find and use integration data, see Understand and use data.

Metric data

Here are the metrics reported by the Azure Virtual Network integration. For more about how data is structured and reported to New Relic, see Understand and use integration data.

Metric Description
BytesDroppedDDoS Average inbound bytes dropped per second, DDoS.
BytesForwardedDDoS Average inbound bytes forwarded per second, DDoS.
BytesInDDoS Average inbound bytes per second, DDoS.
DDoSTriggerTCPPackets Average inbound TCP packets per second to trigger DDoS mitigation.
DDoSTriggerUDPPackets Inbound UDP packets to trigger DDoS mitigation.
IfUnderDDoSAttack Count of entities under DDoS attack.
PacketsInDDoS Average inbound packets per second, DDoS
PacketsDroppedDDoS Average inbound packets dropped per second, DDoS.
PacketsForwardedDDoS Average inbound packets forwarded per second, DDoS.
TCPBytesInDDoS Average inbound TCP bytes per second, DDoS.
TCPBytesDroppedDDoS Average inbound TCP bytes dropped per second, DDoS.
TCPBytesForwardedDDoS Average inbound TCP bytes forwarded per second, DDoS.
TCPPacketsInDDoS Average inbound TCP packets per second, DDoS.
TCPPacketsDroppedDDoS Average inbound TCP packets dropped per second, DDoS.
TCPPacketsForwardedDDoS Average inbound TCP packets forwarded per second, DDoS.
UDPPacketsInDDoS Average inbound UDP packets per second, DDoS.
UDPPacketsDroppedDDoS Average inbound UDP packets dropped per second, DDoS.
UDPPacketsForwardedDDoS Average inbound UDP packets forwarded per second, DDoS.
UDPBytesInDDoS Average inbound UDP bytes per second, DDoS.
UDPBytesDroppedDDoS Average inbound UDP bytes dropped per second, DDoS.
UDPBytesForwardedDDoS Average inbound UDP bytes forwarded per second, DDoS.

Inventory data

Inventory data is information about your system's state and configuration. For details on how to find and use inventory data, see Understand and use data.

The Azure Virtual Network integration reports this inventory data:

Inventory category Data reported
azure/virtualnetworks/peering

This category includes Azure's Virtual Network peering. Data includes:

  • allowVirtualNetworkAccess
  • allowForwardedTraffic
  • allowGatewayTransit
  • useRemoteGateways
  • virtualNetworkId
  • remoteVirtualNetworkId
  • peeringState
  • provisioningState
azure/virtualnetworks/subnet

This category includes subnet and queue data. Data includes:

  • addressPrefix
  • networkSecurityGroupId
  • routeTableId
  • provisioningState
  • virtualNetworkId
  • fullSubnetName
azure/virtualnetworks/virtual-network

This category includes subscription data. Data includes:

  • addressSpace
  • dnsServers
  • provisioningState
  • resourceGroupName (deprecates ResourceGroup)
azure/virtualnetworks/security-rule/

Security rules allow or deny inbound or outbound network traffic based on source or destination IP address, port, and protocol. Data includes:

  • access description

  • destinationAddressPrefix

  • destinationPortRange

  • direction

  • priority

  • protocol

  • provisioningState

  • regionName

  • resourceGroupName

  • sourceAddressPrefix

  • sourcePortRange

azure/virtualnetworks/security-group/

Security groups contain a list of security rules, and are used to limit network traffic to resources in a virtual network. Data includes:

  • name

  • networkInterfaceIds

  • provisioningState

  • regionName

  • resourceGroupName

  • subnetIds

  • type

azure/virtualnetworks/route/

This category includes route data. Data includes:

  • destinationAddressPrefix

  • name

  • nextHopIpAddress

  • nextHopType

  • provisioningState

  • regionName

  • resourceGroupName

  • routeTableId

azure/virtualnetworks/route-table/

Route tables enable resources connected to any subnet in any virtual network to communicate with each other, and the Internet. Data includes:

  • name

  • provisioningState

  • regionName

  • resourceGroupName

  • type

azure/virtualnetworks/public-ip-address/

Public IP addresses are used for communication with the Internet, including Azure public-facing services. Data includes:

  • assignedNetworkInterface

  • idleTimeoutInMinutes

  • ipAllocationMethod

  • name

  • provisionedState

  • regionName

  • resourceGroupName

  • type

  • version

  • assignedLoadBalancer

  • fqdn

  • leafDomainLabel

azure/virtualnetworks/network-interface/

A network interface enables an Azure Virtual Machine to communicate with Internet, Azure, and on-premises resources. Data includes:

  • appliedDnsServers

  • dnsServers

  • isAcceleratedNetworkingEnabled

  • isIpForwardingEnabled

  • name

  • networkSecurityGroup

  • privateIp

  • privateIpAllocationMethod

  • provisioningState

  • regionName

  • resourceGroupName

  • type

  • virtualMachineId

  • internalDomainNameSuffix

  • macAddress

azure/virtualnetworks/ip-configuration/

This category includes Azure's IP configuration Data includes:

  • isPrimary

  • name

  • networkInterfaceId

  • privateIp

  • privateIpAllocationMethod

  • privateIpVersion

  • regionName

  • resourceGroupName

  • subnet

For more help

Recommendations for learning more: