![]() ![]() ![]() Now we can set up an Initiative to the Resource Group, In this case we will set up the initiative called “Enable Azure Monitor” and the scope will be the Resource Group (you could also apply it to the entire subscription).Īs part of the initiative, we need to provide the Log Analytics workspace we want to use to configure the agent to connect to. As a result, you will be able to see this GCP VM on Azure as an Azure Arc connected VM that is now mapped to a Resource Group, Subscription and Region. Since we can install extensions on Azure Arc enabled VMs, we can use deployIfNotExist policies to automatically remediate non-compliant resources and install the MMA as an extension.įirst, I created a Linux Virtual machine in Google Cloud Platform and installed the Azure Arc agent. We will set up an initiative at resource group level to make sure that all Azure Arc enabled servers are reporting to Azure Sentinel, including on-prem and other cloud servers. This article, shows the steps needed to set up a policy that will act as built-in control to make sure all your servers are reporting to you Azure Sentinel Log Analytics Workspace. A very common way to make sure all of your VMs are reporting events to Sentinel would be to set up an Azure Policy at subscription or Resource Group level so, why not do the same for non-Azure Linux and Windows systems? Now that external resources are connected to Azure, you can start managing them in a similar way you’d do in Azure. Other automation tools: Ansible, Puppet, Chef, etc.System Center Virtual Machine Manager (SCVMM).System Center Configuration Manager (SCCM).You could deploy this agent manually or automate the installation with tools like: Deploy extensions at scale including Microsoft monitoring Agent, Desired State Configuration and Custom Script extension. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |