You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/ddos-protection/telemetry.md
+19-1Lines changed: 19 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ services: ddos-protection
5
5
author: AbdullahBell
6
6
ms.service: ddos-protection
7
7
ms.topic: tutorial
8
-
ms.date: 11/06/2023
8
+
ms.date: 05/09/2024
9
9
ms.author: abell
10
10
---
11
11
# Tutorial: View and configure Azure DDoS protection telemetry
@@ -72,6 +72,7 @@ For more information on metrics, see [Monitoring Azure DDoS Protection](monitor-
72
72
73
73
>[!NOTE]
74
74
>When changing DDoS IP protection from **enabled** to **disabled**, telemetry for the public IP resource will not be available.
75
+
75
76
## View DDoS mitigation policies
76
77
77
78
Azure DDoS Protection applies three auto-tuned mitigation policies (TCP SYN, TCP & UDP) for each public IP address of the protected resource, in the virtual network that has DDoS protection enabled. You can view the policy thresholds by selecting the **Inbound TCP packets to trigger DDoS mitigation** and **Inbound UDP packets to trigger DDoS mitigation** metrics with **aggregation** type as 'Max', as shown in the following picture:
To simulate a DDoS attack to validate DDoS protection telemetry, see [Validate DDoS detection](test-through-simulations.md).
83
84
85
+
86
+
## View peace time traffic telemetry
87
+
88
+
It's important to keep an eye on the metrics for TCP SYN, UDP, and TCP detection triggers. These metrics help you know when DDoS protection starts. Make sure these triggers reflect the normal traffic levels when there's no attack.
89
+
90
+
You can make a chart for the public IP address resource. In this chart, include the Packet Count (number of packets), Byte Count (amount of data), and Syn Count (number of synchronization packets) metrics. This will show you the sum of traffic.
91
+
92
+
93
+
1. Sign in to the [Azure portal](https://portal.azure.com/) and browse to your public IP address.
94
+
1. On the Azure portal menu, select or search for and select **Public IP addresses** then select your public IP address.
95
+
1. Under **Monitoring**, select **Metrics**.
96
+
1. Select your metrics and scope as described in the previous sections.
97
+
1. Create a chart with the metrics you want to monitor. In this example we chose *Byte Count*, *Packet Count*, and *Syn Count* set to *Sum*.
98
+
99
+
>[!NOTE]
100
+
> To make a fair comparison, you need to convert the data to packets-per-second. You can do this by dividing the number you see by 60, as the data represents the number of packets, bytes, or SYN packets collected over 60 seconds. For example, if you have 91,000 packets collected over 60 seconds, divide 91,000 by 60 to get approximately 1,500 packets-per-second (pps).
0 commit comments