Azure AD and events - automated insight with AIMS

June 4, 2020

AIMS can now get login- and audit-data from Azure AD, and pair this information with administrative- and security-events that occurs on your Azure subscription.

AIMS will also use its machine-learning to create baselines for the 4 different event-types, meaning that if there is a sudden change of activity on either event-type, AIMS will be able to detect this and correlate the information to any impacts detected. For instance, an admin event to reduce the size of a VM could impact the performance of an application hosted on that VM. An increase in security events combined with failed logins can indicate hacking attempts. 

By combining this event agent with the Azure monitor agent, you will have a very powerful tool that can

  • Detect bottlenecks, and see if it is related to available resources, config change, security issue or new deployment
  • If an admin event correlates with the performance issue, you can see when and who did the change
  • Control cost by having control over all deployments and config changes in Azure
  • Get early warnings about potential security issues, and correlate with Azure usage, performance and logins.
  • Get information about security and user settings on Azure resources, and see if any of these correlates to security events, increased traffic or performance issues.

The bullets above only list a few of the interesting capabilities available by applying machine learning to these data. Also, each event coming from Azure is logged as an event in AIMS, so you will have all the details on the event like eventtype, resource affected, user, IP, location action and more.

The agent is written in Javascript, so it can be hosted pretty much anywhere. It will consume events from a dedicated Event Hub that the user sets up. The user needs to enable diagnostics for Azure AD and Azure Monitor, and pipe the events to the selected Event Hub.

For information on how to install the Azure Event Hub agent, please see the following support page.

Topics from this blog: Technical



A Beginner's Guide To AIOps

AIOps is the core of digital operations. It acquires data from different sources including existing IT monitoring tools and automates processes to the point where users are given only the truly...
News aiops

AIMS partners with ServiceNow & AIOps specialists Einar & Partners

Partnership will speed adoption and time-to-value for enterprises and companies adopting AIOps. The demand for AIOps (Artificial Intelligence in IT Operations) is “slowly” exploding.  The pain is...
Video Sign-up install

Creating an AIMS account and installing the first agent

In this 5 minute video we show how easy it is to get going with AIMS and step-by-step how to create an account, create an environment in AIMS and install the first agent. At AIMS we are 100% focused...