You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory-b2c/azure-monitor.md
+12-6Lines changed: 12 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -11,7 +11,7 @@ ms.workload: identity
11
11
ms.topic: how-to
12
12
ms.author: kengaderdus
13
13
ms.subservice: B2C
14
-
ms.date: 07/12/2022
14
+
ms.date: 01/31/2023
15
15
---
16
16
17
17
# Monitor Azure AD B2C with Azure Monitor
@@ -66,7 +66,7 @@ In summary, you'll use Azure Lighthouse to allow a user or group in your Azure A
66
66
First, create, or choose a resource group that contains the destination Log Analytics workspace that will receive data from Azure AD B2C. You'll specify the resource group name when you deploy the Azure Resource Manager template.
67
67
68
68
1. Sign in to the [Azure portal](https://portal.azure.com).
69
-
1. Make sure you're using the directory that contains your Azure AD tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
69
+
1. Make sure you're using the directory that contains your *Azure AD* tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
70
70
1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD directory in the **Directory name** list, and then select **Switch**.
71
71
1.[Create a resource group](../azure-resource-manager/management/manage-resource-groups-portal.md#create-resource-groups) or choose an existing one. This example uses a resource group named _azure-ad-b2c-monitor_.
72
72
@@ -75,7 +75,7 @@ First, create, or choose a resource group that contains the destination Log Anal
75
75
A **Log Analytics workspace** is a unique environment for Azure Monitor log data. You'll use this Log Analytics workspace to collect data from Azure AD B2C [audit logs](view-audit-logs.md), and then visualize it with queries and workbooks, or create alerts.
76
76
77
77
1. Sign in to the [Azure portal](https://portal.azure.com).
78
-
1. Make sure you're using the directory that contains your Azure AD tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
78
+
1. Make sure you're using the directory that contains your *Azure AD* tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
79
79
1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD directory in the **Directory name** list, and then select **Switch**.
80
80
1.[Create a Log Analytics workspace](../azure-monitor/logs/quick-create-workspace.md). This example uses a Log Analytics workspace named _AzureAdB2C_, in a resource group named _azure-ad-b2c-monitor_.
81
81
@@ -88,7 +88,7 @@ In this step, you choose your Azure AD B2C tenant as a **service provider**. You
88
88
First, get the **Tenant ID** of your Azure AD B2C directory (also known as the directory ID).
89
89
90
90
1. Sign in to the [Azure portal](https://portal.azure.com/).
91
-
1. Make sure you're using the directory that contains your Azure AD B2C tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
91
+
1. Make sure you're using the directory that contains your *Azure AD B2C* tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
92
92
1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD B2C directory in the **Directory name** list, and then select **Switch**.
93
93
1. Select **Azure Active Directory**, select **Overview**.
94
94
1. Record the **Tenant ID**.
@@ -110,7 +110,7 @@ To make management easier, we recommend using Azure AD user _groups_ for each ro
110
110
To create the custom authorization and delegation in Azure Lighthouse, we use an Azure Resource Manager template. This template grants Azure AD B2C access to the Azure AD resource group, which you created earlier, for example, _azure-ad-b2c-monitor_. Deploy the template from the GitHub sample by using the **Deploy to Azure** button, which opens the Azure portal and lets you configure and deploy the template directly in the portal. For these steps, make sure you're signed in to your Azure AD tenant (not the Azure AD B2C tenant).
111
111
112
112
1. Sign in to the [Azure portal](https://portal.azure.com).
113
-
1. Make sure you're using the directory that contains your Azure AD tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
113
+
1. Make sure you're using the directory that contains your *Azure AD tenant*. Select the **Directories + subscriptions** icon in the portal toolbar.
114
114
1. On the **Portal settings | Directories + subscriptions** page, find your Azure AD directory in the **Directory name** list, and then select **Switch**.
115
115
1. Use the **Deploy to Azure** button to open the Azure portal and deploy the template directly in the portal. For more information, see [create an Azure Resource Manager template](../lighthouse/how-to/onboard-customer.md#create-an-azure-resource-manager-template).
116
116
@@ -172,7 +172,7 @@ You're ready to [create diagnostic settings](../active-directory/reports-monitor
172
172
173
173
To configure monitoring settings for Azure AD B2C activity logs:
174
174
175
-
1. Sign in to the [Azure portal](https://portal.azure.com/) with your Azure AD B2C administrative account. This account must be a member of the security group you specified in the [Select a security group](#32-select-a-security-group) step.
175
+
1. Sign in to the [Azure portal](https://portal.azure.com/) with your *Azure AD B2C* administrative account. This account must be a member of the security group you specified in the [Select a security group](#32-select-a-security-group) step.
176
176
1. Make sure you're using the directory that contains your Azure AD B2C tenant:
177
177
1. Select the **Directories + subscriptions** icon in the portal toolbar.
178
178
2. On the **Portal settings | Directories + subscriptions** page, find your Azure AD B2C directory in the **Directory name** list, and then select **Switch**.
@@ -207,6 +207,8 @@ Now you can configure your Log Analytics workspace to visualize your data and co
207
207
208
208
Log queries help you to fully use the value of the data collected in Azure Monitor Logs. A powerful query language allows you to join data from multiple tables, aggregate large sets of data, and perform complex operations with minimal code. Virtually any question can be answered and analysis performed as long as the supporting data has been collected, and you understand how to construct the right query. For more information, see [Get started with log queries in Azure Monitor](../azure-monitor/logs/get-started-queries.md).
209
209
210
+
1. Sign in to the [Azure portal](https://portal.azure.com).
211
+
1. Make sure you're using the directory that contains your *Azure AD* tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
210
212
1. From **Log Analytics workspace** window, select **Logs**
211
213
1. In the query editor, paste the following [Kusto Query Language](/azure/data-explorer/kusto/query/) query. This query shows policy usage by operation over the past x days. The default duration is set to 90 days (90d). Notice that the query is focused only on the operation where a token/code is issued by policy.
212
214
@@ -256,6 +258,8 @@ Workbooks provide a flexible canvas for data analysis and the creation of rich v
256
258
257
259
Follow the instructions below to create a new workbook using a JSON Gallery Template. This workbook provides a **User Insights** and **Authentication** dashboard for Azure AD B2C tenant.
258
260
261
+
1. Sign in to the [Azure portal](https://portal.azure.com).
262
+
1. Make sure you're using the directory that contains your *Azure AD* tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
259
263
1. From the **Log Analytics workspace** window, select **Workbooks**.
260
264
1. From the toolbar, select **+ New** option to create a new workbook.
261
265
1. On the **New workbook** page, select the **Advanced Editor** using the **</>** option on the toolbar.
@@ -286,6 +290,8 @@ Alerts are created by alert rules in Azure Monitor and can automatically run sav
286
290
287
291
Use the following instructions to create a new Azure Alert, which will send an [email notification](../azure-monitor/alerts/action-groups.md#configure-notifications) whenever there's a 25% drop in the **Total Requests** compared to previous period. Alert will run every 5 minutes and look for the drop in the last hour compared to the hour before it. The alerts are created using Kusto query language.
288
292
293
+
1. Sign in to the [Azure portal](https://portal.azure.com).
294
+
1. Make sure you're using the directory that contains your *Azure AD* tenant. Select the **Directories + subscriptions** icon in the portal toolbar.
289
295
1. From **Log Analytics workspace**, select **Logs**.
290
296
1. Create a new **Kusto query** by using the query below.
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments