Big savings, Better ROI! Exclusive discounts on ManageEngine Products!* Boost your business *T&C apply
    Click here to shrink
    Click here to expand Click here to expand

    Azure AD DS configuration

    Microsoft allows you to stream your Azure AD DS event logs to external auditing and monitoring tools using Azure Event Hubs. Before you configure streaming, you need to create an Event Hubs namespace and an event hub.

    Create an Event Hubs namespace

    To create an Event Hubs namespace:

    1. Login to the Azure portal using your Microsoft account.
    2. Search for Event Hubs using the search bar on the top menu.
    3. Select Event Hubs and click + Create on the toolbar to go to the Create Namespace page.
    4. Select the Subscription in which you want to create the namespace.
    5. Select an existing Resource group from the drop-down or click Create new and enter the name of the new resource group.
    6. Specify the Namespace name and select a Location for the namespace.
      Note: The resource group and the location of the Event Hubs namespace should be the same as that of the Azure AD DS domain.
    7. Choose a Pricing tier based on your requirements.
    8. Leave the Throughput units (for standard tier) or Processing units (for premium tier) setting as it is.
    9. Click Review + Create.

      Azure AD DS configuration

    10. Review the settings, select Create, and wait for the deployment to complete.
    11. Select Go to resource on the deployment page to navigate to the Event Hubs Namespace you just created.

    Create an event hub

    To create an event hub within the namespace:

    1. Select Event Hubs from the left menu on the Event Hubs Namespace page.
    2. Select + Event Hub from the tool bar to go to the Create Event Hub page.

      Azure AD DS configuration

    3. Enter a Name for your event hub and set the values for Partition Count and Message Retention based on your tier and requirements.
    4. Enable Capture Details from the Capture tab if required.
    5. Click Review + create.

      Azure AD DS configuration

    6. Review the settings, select Create and wait for the deployment to complete. On completion, you will find your Event Hub instance listed in your Event Hubs namespace.
    7. Click the event hub you created, select Shared access policies on the left menu and click +Add from the toolbar.
    8. In the Add SAS Policy panel, enter a suitable Policy name, check Listen and click Create.
    9. Select the policy you just created and copy the Connection string–primary key to your clipboard. This key will be required when adding the Azure AD DS domain in ADAudit Plus.

      Azure AD DS configuration

    Configure Azure AD DS to stream events to EventHub

    1. In the Azure portal, go to Azure AD Domain Services and select your domain.
    2. Click Diagnostic settings under Monitoring from the left menu.
    3. Click + Add diagnostic setting to go to the Diagnostic setting page and specify a suitable name for the setting.

      Azure AD DS configuration

    4. Check audit to select all the Categories under Logs.
    5. Check Stream to an event hub under Destination details and verify the information about your Subscription, Event hub namespace, and Event hub name.
    6. Ensure that RootManageSharedAccessKey is selected from the Event hub policy name drop-down.
    7. Click Save on the toolbar.

      Azure AD DS configuration

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding

       

    On this page

    Get download link