Skip to content

Commit

Permalink
Azure Active Directory - Credential Expiry Event documentation (#16158)
Browse files Browse the repository at this point in the history 
* Update README.md

Added a blurb under the Events section of the Azure Active Directory integration readme. This blurb discusses credential expiry events.

* Update README.md

pervious to previous

* Update azure_active_directory/README.md

highlight important information

Co-authored-by: May Lee <[email protected]>

---------

Co-authored-by: May Lee <[email protected]>
  • Loading branch information
@rahulkaukuntla @maycmlee
rahulkaukuntla and maycmlee authored Nov 15, 2023
1 parent 1b30ebf commit 68b5782
Showing 1 changed file with 17 additions and 0 deletions.
17 changes: 17 additions & 0 deletions azure_active_directory/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,21 @@ This includes the following:

Azure Active Directory does not include any metrics.

### Events

Datadog sends credential expiry events, which grant visibility into credential expirations for Azure app registrations, Key Vault keys, Key Vault secrets, and Key Vault certificates. The Azure Active Directory integration must be installed to receive events for Azure App Registrations.


- **Expiration events** are sent 60, 30, 15, and 1 day(s) before credential expiration, and once after expiration.
- **Missing permission events** are sent every 15 days. A missing permission event lists the Key Vaults for which Datadog has not been given permissions. If no changes have been made regarding Key Vault permissions in the previous 15-day cycle, the event notification is not sent again.

You can view these events in [Event Explorer][5].

**Notes**:

- To collect Azure app registration expiration events, [enable access to the Microsoft Graph API][6].
- If a certificate and its associated key and secret expire at the exact same time, one expiration event is sent for all resources.

## Troubleshooting

Need help? Contact [Datadog support][4].
Expand All @@ -64,3 +79,5 @@ Need help? Contact [Datadog support][4].
[2]: https://docs.datadoghq.com/logs/guide/azure-logging-guide/
[3]: https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/tutorial-azure-monitor-stream-logs-to-event-hub
[4]: https://docs.datadoghq.com/help
[5]: https://app.datadoghq.com/event/explorer
[6]: https://docs.datadoghq.com/integrations/guide/azure-graph-api-permissions/

0 comments on commit 68b5782

Please sign in to comment.