Pre-requisites for Monitoring the Microsoft Azure Entra ID

As mentioned already, you need to fulfill the following pre-requisites to enable the eG agent to monitor Microsoft Entra ID:

1. The eG agent should be configured to use the Microsoft Graph API for collecting metrics from Microsoft Entra ID. For this purpose, you need to do the following:

   • Register an Application with an Microsoft Entra ID Tenant;

   • Determine the Tenant ID, the Application (Client) ID and Secret Key value associated with the registered Application;

   • Assign API permissions to the registered Application;

   Refer to Configuring the eG Agent to Monitor Microsoft Azure Entra ID Using Microsoft Graph API topic to know how to perform each of the steps discussed above.

2. The eG agent should be configured to read from logs sent to a Log Analytics Workspaces. To achieve this, refer to Configuring the eG Agent to Read Logs Sent to Log Analytics Workspacestopic .

3. Furthermore, for some of the eG tests to run and report metrics, the eG agent should be allowed access to the following endpoint URLs:

   • https://westus2.api.loganalytics.io

   • https://login.microsoftonline.com

   • https://graph.microsoft.com

   • https://login.windows.net

   • https://management.azure.com

   If the eG agent is behind a firewall, then make sure that the firewall is configured to allow access to the aforesaid URLs.