Azure Entra ID - Enterprise Applications Test
Enterprise Application in Azure Entra ID is the identity representation of an application within the Azure tenant that allows any organization to manage authentication, authorization, and access for both internal and external (third-party) applications.
This test reports the number of enterprise applications (including the status of their certificates) running in Azure Entra ID. In the process, the test helps administrators to identify excess count of expired certificates that causes widespread service disruptions, increased security risks, and significant administrative overhead when using the third party application. These insights will help administrators perform an effective impact-analysis on certificate validity of enterprise applications running in Azure Entra ID.
Target of the Test: A Microsoft Azure Entra ID
Agent deploying the test: A remote agent
Output of the test: One set of results for the Microsoft Azure Entra ID tenant that is being monitored
| Parameters | Description |
|---|---|
|
Test Period |
How often should the test be executed. |
|
Host |
The host for which the test is to be configured. |
|
Tenant ID |
Specify the Directory ID of the Microsoft Azure Entra ID tenant to which the target subscription belongs. To know how to determine the Directory ID, refer to Configuring the eG Agent to Monitor Microsoft Entra Using Microsoft Graph API |
|
Client ID, Client Password, and Confirm Password |
To connect to Microsoft Azure Entra ID, the eG agent requires an Access token in the form of an Application ID and the client secret value. If a Microsoft Azure Subscription component is already monitored in your environment, then you would have already created an Application for monitoring purposes. You can provide the Application ID and Client Secret value of that application here. However, if no such application pre-exists, you will have to create one for monitoring Microsoft Azure Entra ID. To know how to create such an application and determine its Application ID and Client Secret, refer to Configuring the eG Agent to Monitor Microsoft Entra Using Microsoft Graph API. Specify the Application ID of the Application in the Client ID text box and the client secret value in the Client Password text box. Confirm the Client Password by retyping it in the Confirm Password text box. |
|
Proxy Host and Proxy Port |
In some environments, all communication with the Azure cloud be routed through a proxy server. In such environments, you should make sure that the eG agent connects to the cloud via the proxy server and collects metrics. To enable metrics collection via a proxy, specify the IP address of the proxy server and the port at which the server listens against the Proxy Host and Proxy Port parameters. By default, these parameters are set to none, indicating that the eG agent is not configured to communicate via a proxy, by default. |
|
Proxy Username, Proxy Password and Confirm Password |
If the proxy server requires authentication, then, specify a valid proxy user name and password in the Proxy Username and Proxy Password parameters, respectively. Then, confirm the password by retyping it in the Confirm Password text box. |
|
About to Expire Days Limit |
Specify the number of days in the About to Expire Days Limit text box to determine the days limit for the certificate that is yet to expire for the enterprise application. |
|
DD Frequency |
Refers to the frequency with which detailed diagnosis measures are to be generated for this test. The default is 1:1. This indicates that, by default, detailed measures will be generated every time this test runs, and also every time the test detects a problem. You can modify this frequency, if you so desire. Also, if you intend to disable the detailed diagnosis capability for this test, you can do so by specifying none against DD frequency. |
|
Detailed Diagnosis |
To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option. The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:
|
| Measurement | Description | Measurement Unit | Interpretation |
|---|---|---|---|
|
Enterprise applications |
Indicates the number of enterprise applications running in Azure Entra ID. |
Number |
|
|
Enterprise applications having valid certificates |
Indicates the number of enterprise applications with valid certificates. |
Number |
|
|
Enterprise applications having no certificate |
Indicates the number of enterprise applications without certificate. |
Number |
Use the detailed diagnosis of this measure to know the enterprise application name and id details that does not have any certificate. |
|
Enterprise applications having expired certificates |
Indicates the number of enterprise applications with expired certificates. |
Number |
Use the detailed diagnosis of this measure to know the enterprise application name and id details that have expired certificates. |
|
Certificates |
Indicates the number of certificates in enterprise application. |
Number |
|
|
Valid certificates |
Indicates the number of valid certificates in enterprise application. |
Number |
|
|
Expired certificates |
Indicates the number of expired certificates in enterprise application. |
Number |
|
|
Certificates about to expire |
Indicates the number of certificates nearing expiry date in enterprise application. |
Number |
|
|
New enterprise applications created recently |
Indicates the number of enterprise applications that were recently created. |
Number |
Use the detailed diagnosis of this measure to know the enterprise application name and id details that have been created recently. |
|
New certificates created recently |
Indicates the number of certificates that were recently created in enterprise application. |
Number |
|