Integrating with Azure Monitor


Azure Monitor sends notification about any potential critical condition of the applications and services, so that you can proactively take the corrective measures.

You can view the collected data in various BMC Helix applications and derive the following benefits:

BMC Helix application

Type of data collected or viewed

Benefits

BMC Helix Operations Management

Events (Azure Monitor

 alerts are received as events) 

Use a centralized event view to monitor and manage events, perform event operations, and filter events. Identify actionable events from a large volume of event data by processing events.

For more information, see Monitoring events and reducing event noise.

BMC Helix AIOps

Situations (created from events)

Improve the mean time to resolve (MTTR) based on the situation-driven workflow.

Lower the mean time to detect or discover (MTTD) and the time required for investigating tickets.

For more information, see Monitoring situations.

 

As a tenant administrator, perform the following steps to configure a connection with Azure Monitor, verify the connection, and view the collected data in various BMC Helix applications.

ConnectorSteps.png

Task 1: To plan for the connection

Review the following prerequisites to help you plan and configure a connection with Azure Monitor.

Azure Monitor prerequisites

Make sure that the Azure subscription IDs that you plan to use have the Global Reader role assigned. This role is a readonly
role that allows you to query data from Azure Monitor by using API calls. For more information about assigning roles,
see the Azure Monitor documentation.

BMC Helix Intelligent Integrations prerequisites

  • Depending on the location of the third-party product (SaaS, on-premises), choose one or more BMC Helix Intelligent Integrations deployment modes and review the corresponding port requirements. For information about various deployment modes and port requirements, see Deployment scenarios.
  • Based on the deployment mode, use the BMC Helix Intelligent Integrations SaaS deployment or the BMC Helix Intelligent Integrations on-premises gateway or both. For more information about the gateway, see Deploying the BMC Helix Intelligent Integrations on-premises gateway.

In the preceding list, third-party product refers to Azure Monitor.

Task 2: To configure the connection with Azure Monitor

 

  1. Depending on the deployment mode, perform one of the following steps to access BMC Helix Intelligent
    Integrations:
    • BMC Helix Intelligent Integrations SaaS – Log on to BMC Helix Portal, and click Launch on BMC Helix
      Intelligent Integrations.
    • BMC Helix Intelligent Integrations on-premises gateway – Use the following URL to access BMC Helix
      Intelligent Integrations: https://<hostName>:<portNumber>/swpui
  2. On the CONNECTORS  tab, click add_icon.pngin the SOURCES panel.
  3. Click the Azure Monitortile.
  4. Specify the following details for the source connection:
    1. Specify a unique instance name.

      Best practice
      We recommend that you specify the instance name in the following format: 

      <sourceType>_<sourceControllerServerName>{_<InstanceQualifier>}                    

      The instance qualifier helps you to distinguish the multiple instances configured from the same source server. For example, you can name your instances as Azure_Monitor_Alerts, Azure_Monitor_Alerts_TEST, and so on.

    2. Specify the Azure Monitor Tenant Id, Client Id, and Client Secret.
    3. Specify the Azure resource URL (default value is https://management.azure.com/).
    4. Specify the Azure authentication host (default value is management.azure.com).
    5. Specify the Azure Active Directory (AD) authentication host (default value is login.microsoftonline.com).
    6. Specify the number of maximum concurrent REST API requests that should be executed during a collection schedule (default value is 5).
    7. Click Proxy and specify if you want to configure a proxy server. If yes, specify the host name and port number (default value is 8888).
  5. Click VALIDATE AND CREATE.
    The specified connection details are validated and the corresponding source connection is created in the Source Connection list.
  6. Select the source connection that you created from the list if it is not selected already.

    Important
    The destination host connection is created and configured automatically for each tenant when the source connection is created.​​​​​

  7. Click a data type and specify the configuration parameters in the Collectors section as described in the following table:

    Parameter name

    Description

    Data Type

    Azure Monitor Alerts

    Collection Schedule

    Select one of the following options to specify the data collection frequency:

    • Duration: When you select this option, data collection happens constantly. Specify the schedule in minutes, hours, or day. 
      Default: 5 minutes
      Example:
      Collection Schedule
      is set to 5 mins.
      Current time is 00:30.

      If you run the collector just after 00:30, data is collected every 5 mins, first at 00:30 and next at 00:35, and so on.  
    • Cron schedule: When you select this option, data collection happens periodically. Specify the schedule by using a cron expression.
      A cron expression is a string consisting of five subexpressions (fields) that describe individual details of the schedule.  
      These fields, separated by blank spaces, can contain any of the allowed values with various combinations of the allowed characters for that field.
      Default: */5 * * * * (evaluates to 5 minutes)

      Format:
      Minutes Hours (24-hour format) Day of Month Month Day of Week

      Example:
      If you specify 10 15 3 7 * , data is collected at 15:10 hours every third day in the month of July.

    For more information about how this parameter affects data collection, see Data collection schedule.

    ✅️

    Data Collection Window

    Specify the historical time period (in minutes) from the current time for which the data should be collected.

    Default: 5 minutes

    Example:

    Collection Schedule is set to 5 mins.
     Data Collection Window is set to 5 mins.
     Current time is 00:30.

    If you run the collector just after 00:30, data is collected first at 00:30 for the interval 00:25 - 00:30, and next at 00:35 for the interval 00:30 - 00:35, and so on.

    For more information about how this parameter affects data collection, see Data collection window.

    ✅️

    Data Latency

    Specify the time (in minutes) by which the data time window should be shifted back on the timeline.

    This parameter is useful in delayed data availability situations.

    Default: 0 minutes

    Example:

    Collection Schedule is set to 5 mins.
     Data Collection Window is set to 10 mins.
    Data Latency is set to 2 mins.
     Current time is 00:30.

    If you run the collector just after 00:30, data is collected first at 00:30 for the interval 00:18 to 00:28 and next at 00:35 for the interval 0:23 to 00:33, and so on.

    For more information about how this parameter affects data collection, see Data latency.

    ✅️

    Subscriptions

    Select one or more subscriptions from the list.

    This list is updated automatically fromAzure Monitor.

    ✅️

    Resource Groups

    Select one or more resource groups from the list.

    This list is updated automatically fromAzure Monitor.

    ✅️

    Severity

    Select one or more severity levels from the list.

    This list is updated automatically fromAzure Monitor.

    ✅️

    Monitor Condition

    Select one or more monitor conditions from the list.

    This list is updated automatically fromAzure Monitor.

    ✅️

  8. Click CREATE COLLECTORS to create the required collector streams for the selected data types.
  9. Click a data type and specify the configuration parameters in the Distributors section as described in the following table:

    Parameter name

    Description

    Default

    Max Batching Size

    Specify the maximum number of data items to send in a single POST request to the destination API. The batch size depends on the destination’s ability to buffer the incoming data.

    250

    Max Batching Delay

    Specify the maximum time (in seconds) to wait before building a batch and processing.

    3 seconds

    Base Retry Delay

    Specify the initial time (in seconds) for which to wait before retrying to build a batch and processing. The waiting time increases in the following sequence: n1, n2, n3, and so on, where n indicates the number of seconds.

    For example, if you set the value to 2 seconds, retry is performed after 2, 4, 8, 16, ... seconds.

    2 seconds

    Max Intra-Retry Delay

    Specify the maximum limit for the base retry delay.

    For example, if you set the value of this parameter to 60 seconds and the value of the Base Retry Delay parameter to 2 seconds, retries would be performed 2, 4, 8, 16, 32, 64, 132,...seconds later again.

    60 seconds

    Max Retry Duration

    Specify the total time for retrying a delivery. For REST destinations, a delivery is a batch of data items in one POST request. 

    For example, if you set the value of this parameter to 8 hours, and the value of the Base Retry Delay parameter to 2 seconds, requests are sent for 2+4+8+16+32+64+132... until 8 hours in total duration is reached. After that, no subsequent attempts are made to retry the delivery.

    The assumption here is that if there is an outage or other issue with the destination tool, recovery should take less than the value of the Max Retry Duration parameter to complete.

    5 minutes

  10. Click CREATE DISTRIBUTORS to create the required distributor streams for the selected data types.
  11. Click one of the following buttons:
    • SAVE STREAM : Click this button if you want to edit the integration details before creating the instance. After you save the stream, the connector that you just created is listed in the SOURCES panel. Move the slider to the right to start the data stream.
    • SAVE AND START STREAM : Click this button if you want to save the integration details and start receiving data immediately.

Important
For a data stream, the Run Latency (max/avg), Items (Avg per Run), and Last Run Status columns on the Streams page might show the status as No Runs during the data collection process. After completion of the process, these columns are updated with an appropriate status.

For more information about data streams, see Starting-or-stopping-data-streams. 

Task 3: To verify the connection

In BMC Helix Intelligent Integrations , on the SOURCES panel, confirm that the data streams for the integration you created are running. Data streaming is indicated by moving colored arrows.

AzureMonitorAlerts_Stream.png

A moving dark blue arrow (EventsStream_Icon.png) indicates that the event stream is running. Event data is pushed according to the configured Collection Schedule interval.

To view data in BMC Helix applications

View data collected from Azure Monitor in BMC Helix applications.

To view events in BMC Helix Operations Management

  1. In BMC Helix Operations Management, select Monitoring > Events.
  2. Filter the events by the MSAzureAlert class.
    MSAzure.png

Incoming events from Azure Monitor are processed in BMC Helix Operations Management   through a set of deduplication rules to determine whether the incoming event is a duplicate event or a new event. For more information, see Event-deduplication-suppression-and-closure-for-reducing-event-noise.

For information about events, see Monitoring and managing events.

To view situations in BMC Helix AIOps

Before you view situations in BMC Helix AIOps, create a Business Service model in BMC Helix Discovery. For information about creating models, see Managing models 

In BMC Helix AIOps, on the Overview page, view the situations for the event data received from Azure Monitor.

For information about situations, see Monitoring and investigating situations.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*