![]() If remedy reaches a RemedyRunsLimit it will be reset when HealthCheck passes in any subsequent run before RemedyResetInterval. RemedyResetInterval parameter allows resetting remedy after the reset interval time and RemedyWorkflow can be retried again in case monitor workflow fails. If it is not set Remedyworkflow is triggered whenever HealthCheck workflow fails. If Remedy action fails for any reason it will stop on further retries. RemedyRunsLimit parameter allows to configure how many times a remedy should be run. External systems can query these CRs and take appropriate action if they failed. Status of Remedy will be updated in the CR. If in case the monitoring check failed then the Remedy workflow will execute to fix the issue. The HealthCheck workflow is run periodically, as defined by repeatAfterSec or a schedule: cron property in its spec, and watched by the Active-Monitor controller.Īctive-Monitor sets the status of the HealthCheck CR to indicate whether the monitoring check succeeded or failed. A HealthCheck / Remedy is essentially an instrumented wrapper around an Argo workflow. Users can then create and submit HealthCheck object to the Kubernetes server. OverviewĪctive-Monitor will create a new health namespace when installed in the cluster. While it is not too difficult to know that all entities in a cluster are running individually, it is often quite challenging to know that they can all coordinate with each other as required for successful cluster operation (network connectivity, volume access, etc). Notification is sent to the action group selected while configuring the alert.Active-Monitor is a Kubernetes custom resource controller which enables deep cluster monitoring and self-healing using Argo workflows. Let’s assume that it kicked in, so the flow continues in step 5. If the result of the query matches the alert logic (that is, the number of results is greater than or equal to 1), then the action group kicks in. | project TimeGenerated, SourceSystem, TargetResource.displayName, AADTenantId, OperationName, InitiatedBy, Result, ActivityDisplayName, ActivityDateTime, Type | where ActivityDisplayName contains "Set federation settings on domain" or ActivityDisplayName contains "Set domain authentication" | extend TargetResource = parse_json(TargetResources) The log information flows to the Azure Log Analytics workspace.Ī background job from Azure Monitor executes the log query based on the configuration of the Alert Rule in the configuration step (2) above. Add an action group to the alert rule that gets notified when the alert condition is met.Īfter the environment is configured, the data flows as follows:Īzure AD Logs get populated per the activity in the tenant.Create an alert rule that triggers based on Azure AD log query. ![]() Configure Azure AD audit logs to flow to an Azure Log Analytics Workspace. ![]() ![]() Set up alerts to monitor the trust relationshipįollow these steps to set up alerts to monitor the trust relationship: To monitor the trust relationship, we recommend you set up alerts to be notified when changes are made to the federation configuration. Therefore, it's critical that this trust (federation configuration) is monitored closely, and any unusual or suspicious activity is captured. When you federate your on-premises environment with Azure AD, you establish a trust relationship between the on-premises identity provider and Azure AD.ĭue to this established trust, Azure AD honors the security token issued by the on-premises identity provider post authentication, to grant access to resources protected by Azure AD. ![]()
0 Comments
Leave a Reply. |