Configuring Azure Monitoring

Configuration Guide

Overview

This document provides the steps to configure Microsoft Azure monitoring.

Notes:

Required configuration

Complete these procedures in order for each Azure tenant that you want Arctic Wolf to monitor, to ensure that your Concierge Security® Team (CST) has the best possible coverage of your Azure services:

Note:

  1. Automatically configuring an Azure Active Directory application
  2. Providing credentials to Arctic Wolf

Additonal recommended configuration

Arctic Wolf recommends completing this additional configuration — Configuring Data Collection

Providing credentials to Arctic Wolf

To submit your credentials to Arctic Wolf:

  1. Sign in to the Arctic Wolf Portal.

  2. Select Connected Accounts in the banner menu to open the Connected Accounts page.

    Connected Accounts menu

  3. Select + Add Account to open the Add Account form.

  4. Select Cloud Threat Detection as the Account Type.

  5. Select Azure from the list of cloud services, and fill in the form:

    1. Enter a descriptive name for the credentials.

    2. Paste these values into their respective text boxes:

      • Directory ID
      • Application ID
      • Secret Key
  6. Click Submit to CST.

  7. When prompted with the confirmation message, review your submission and then click Done. This returns you to the Connected Accounts page.

  8. Verify that the newly-submitted credential entry appears in the cloud services list with the status Connection Pending.

After your CST provisions security monitoring for your Azure enterprise, the status of your Azure credentials changes to Connected.