It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda SecureEdge

How to Configure Log Streaming via Azure Monitor Agent in SecureEdge

  • Last updated on

Azure Monitor Agent allows you to search, analyse, and visualise machine data generated by your IT systems and incorporated technology infrastructure. Azure Monitor Agent is the official replacement for the OMS Agent that will be deprecated on August 31, 2024. The agent is used to stream logs to a Microsoft Log Analytics workspace. Azure Monitor Agent is supported on SecureEdge appliances such as Sites and Private Edge Services. With Azure Monitor Agent, the machines streaming logs to a Log Analytics Workspace are no longer directly connected to it, but are associated to a Data Collection Rule instead. For Azure virtual machines, the agent is automatically installed when the VM is associated to a Data Collection Rule for the first time. The SecureEdge Private Edge Service appliance first needs to be imported into Azure as a Connected Machine before it can be associated to a Data Collection Rule.

Az-monitor-page.png

Depending on the type of SecureEdge appliance, you need a specific configuration for streaming to Azure Analytics via Azure Monitor Agent.

  • SecureEdge Sites / Private Edge Services need to both enable Azure Monitor Agent and to configure the Azure Connected Resource settings since they are located outside of Azure.

  • Barracuda Edge Service (SaaS) / Azure Edge Services are currently not supported by Microsoft.

Before You Begin

Create a Log Analytics Workspace.

For more Information, see How to Configure Log Streaming to Microsoft Azure Log Analytics Workspace.

Import Your Private Edge Service SecureEdge Appliance into Azure via the Azure Connected Machine Agent

A service principal is required to import a SecureEdge Private Edge Service (on-premises) appliance into Azure. For more information, see Create a service principal for onboarding at scale.
Once the service principal is created, complete Steps 1-6 from the following documentation in order to get the required parameters for the connection: Generate the installation script from the Azure portal

azure-arc-add-servers-00.png

At Step 7, the script does not need to be downloaded; however, the connection parameters should be noted down.

azure-arc-add-multiple-servers-01.png

Configure Azure Monitor Agent

  1. Go to https://se.barracudanetworks.com and log in with your existing Barracuda Cloud Control account.

  2. In the left menu, click the Tenants/Workspaces icon and select the workspace your Azure Monitor Agent can connect to.

  3. Go to Integration > Azure Monitor.

    azure-monitor.png

  4. The Azure Monitor page opens.

  5. In the Azure Monitor section, specify values for the following:

    • Azure Monitor Agent – Click to enable/disable.

      • When enabled, connects SecureEdge appliance to the Azure cloud as an Azure Connected Resource (Arc Server).

      • When disabled, cannot connect SecureEdge appliance to the Azure cloud.

    • To create Azure Arc Machines for each Sites agent in your subscription, you must enter the Service Principal with the following details:

      • Client ID – Enter the unique client ID for the Service Principal used to connect the Barracuda SecureEdge appliance.

      • Client Secret – Enter the Client password.

      • Tenant ID – Enter the unique tenant ID for the Service Principal used to connect the Barracuda SecureEdge appliance.

    • To create Azure Arc Machines, you must enter the desired resource group and region:

      • Subscription ID – Enter the subscription ID of the Azure account.

      • Resource Group – Enter the Azure resource group.

      • Region – Enter the Azure region.

      • Correlation ID – Enter the correlation ID for connection of the Barracuda SecureEdge appliance.

        Az-monitor-agent-01.png

  6. Click Save.

After the configuration is complete, it takes a few minutes until the SecureEdge appliance is imported and available in Azure. On the SecureEdge Manager, you can verify that changes to the Azure Monitor Agent setting in the Audit Log have been made and that notifications have been sent.

To associate your SecureEdge Site / Private Edge Service resources with Microsoft Log Analytics, integrate Azure Sentinel and create a Data Collection Rule. For more information on SecureEdge appliances that were imported or deployed directly in Microsoft Azure, see How to Configure Log Streaming via Azure Monitor Agent (Step 1 and Step 2).

Additional Information