I'm new to Kusto queries.
I would like to use Azure Monitor queries to pull live stats for machine that are remotely connected to an on-prem RDP gateway we have set up. Lets call the server rdp1.
rdp1 is connected to Azure with Azure Arc. Are their Kusto queries that can list the currently connected rdp machine (and user) in on the rdp1 rdp gateway? Do I have to enable additional logging to be able to see this?
Related
here's to my first question on SO.
I'm trying to connect a VM (without internet connection) to a proxy so that I can setup Microsoft Monitoring Agent for Azure Log Analytics, but the time on the VM is out with about 28s. I've tried the sync to host-only approach and to no avail. What can I do to synchronize the VM's time so that it's accurate?
Thanks!
Picture of error
In Azure, want to send logs of Windows Virtual machines to 2 different Logs Analytics Workspace. I have different resource groups that want to collect logs there themselves in Logs Analytics and security logs(custom logs) to centralize(single) Logs Analytics Workspace from different resource groups.
Is it possible to send logs to multi-workspace analytics?
Since you have windows VM, you can setup to send to multiple Log Analytics Workspaces (multi-homing).
Extension is applicable for Azure Virtual Machines. Direct agent can be used for Azure and non-Azure Virtual Machines(on-premise). The agent isn't only for connecting to Azure Monitor. Other services such as Azure Security Center and Azure Sentinel rely on the agent and its connected Log Analytics workspace
If automatic provisioning is On, Security Center provisions the Log Analytics Agent on all supported Azure VMs and any new ones that are created.
Note: Windows agents can connect to up to four workspaces, even if
they are connected to a System Center Operations Manager management
group.
The Linux agent does not support multi-homing and can only connect to
a single workspace or management group.
We have an Azure IaaS database from which we want to copy data via ADF.
For that we are currently using Self hosted IR but since the DB is hosted on an Azure VM itself isn't it possible to directly communicate between ADF and IaaS DB with out IR(By whitelisting some IP or opening some port)
I think you should open some port, otherwise the self-hosted integration runtime can't access the Azure SQL database directly.
According to this post, if your firewall does not allow outbound port 1433. In this case, you can use a staged copy to Azure SQL Database. In this scenario, you would require only HTTPS (port 443) for the data movement.
This question is bit on the Reverse Side of Connecting via SSMS from Azure VM to on premise SQL Server.
Can Hybrid connection Manager be used to configure connectivity between Onpremise and Azure such that i can use SSMS from Azure VM to connect to OnPremise SQL Server?
I don't think you can use Hybrid connection Manager to connect between On-premise and Azure network. As far as I know, the HCM is a relay agent and included in a partition of hybrid connection feature. The hybrid connection feature consists of two outbound calls to Azure Service Bus Relay.
For example, if you want web apps in the app service to access the DB in the on-premise network. There is a connection from a library on the host where your app is running in App Service. There is also a connection from the HCM to Service Bus Relay. See how it works. Also, The new Hybrid Connections capability of Relay is a secure, open-protocol evolution based on HTTP and WebSockets. In this case, you could not create a Hybrid Connection from Azure VM to Service Bus Relay via SSMS.
So, If you want to connect the on-premise SQL server from Azure VM via SSMS, you need to set up a VPN connection between Azure and your on-premise network. Read more details about VPN gateway.
So what I need is a remote/cloud Windows Server that I can connect to using RDP (or another remote connection program) where I can create users, groups, basically everything I could do with an on-premises Server instance. What I need though is to be able to setup all the office computers to authenticate through the cloud AD. I have no clue how to do this. I cannot have a Server running on-premises, period. Just need something where I can connect each computer to the remote domain/forest, hopefully using an IP to the server, and then have the employees be able to logon to any domain-connected PC using their credentials. Thank you for any and all answers! -Scott
You need Azure Active Directory. You can control everything with remote management in the way you have described. Per the provided link, "Azure Active Directory (Azure AD) provides an easy way for businesses to manage identity and access, both in the cloud and on-premises."