- 4 minutes to read

Release Notes
Prerequisites for the Nodinite Azure Monitoring agent

This page describes the prerequisites to successfully install and run the Nodinite Azure Agent.

graph LR subgraph "Nodinite Instance" roNI(fal:fa-monitor-waveform Azure agent) end subgraph "Azure Cloud / Subscriptions" roAzureAPI(fal:fa-cloud Microsoft Azure API)---roLA(fal:fa-business-time Web Jobs) roNI --> |X-API-KEY / Kusto queries| roAI("Application Insights") roAI --> roFx(fal:fa-function Functions Monitoring) roNI --> |REST| roAzureAPI roNI--- |Connection String| roAS(fab:fa-bitbucket Azure Storage) end
Verified Topic
Software Requirements
What Azure User rights does the Azure agent require?
What Windows User Rights does the Azure agent require?
What Firewall settings are required for the Azure agent?
What Azure Services does the Functions Monitoring require?

Instances of this agent can be installed on-premise using TCP/IP for local network access and/or in the cloud/off-site using Service Bus Relaying (see also the external link for additional information MicrosoftServiceBusRelayingLink) as long as the Log API can be accessed on the configured port.

We recommend that you keep this agent close to Nodinite Core Services. This documentation covers local network setup (usually on the Nodinite application server)

Software Requirements

The Azure Agent is a Windows Service and is usually installed on the Nodinite application server.

Product
Windows Server Windows 2022
Windows 2019
Windows 2016
Windows 2012 R2
Windows 2012
.NET Framework .NET Framework 4.8 or later New 6.0

Earlier versions of this agent made use of .NET Framework 4.7.2.

Supported Versions

Cloud technologies are evolving fast and Microsoft deprecates older versions of their APIs now and then. Nodinite will always support the APIs supported by Microsoft. This means you need to update Nodinite and our Azure Agent from time to time.

Make sure to subscribe to our Release Notes

What Azure User rights does the Azure agent require?

For the Least Privileges, review the Azure Access page, least privileges section.

The agent has features to Read, Write, Manage and Post data to many Azure-related services.

The agent makes use of the Azure REST API to read/manage Azure services and resources and also a Connection String to access the Storage account.

  1. To ease the Administration, The ApplicationId/ClientId can be assigned the Contributor role.
  2. To send messages to the Azure Event Hub; Add the Azure Event Hubs Data Sender to the ApplicationId/ClientId.
    Azure Event Hubs Data Sender
  3. To monitor Azure Storage; The agent uses Connection Strings to read the content on the Azure Storage (Blobs, Queues, Files). Additional RBAC reading for Azure Storage.
  4. To Monitor Azure Key Vault, the App Registration (Application/Client) must be assigned the Key Vault Reader role.

Carefully read and follow the instructions detailed in the Azure Applications Access user guide for specific and the least privileges.

What Windows User Rights does the Azure agent require?

The agent is installed as a Windows Service, usually on the Nodinite application server. Virtual machines are supported.

What Firewall settings are required for the Azure agent?

The Azure Agent has both inbound and outbound communication:

  1. Between the Monitoring Service and the Azure Agent
  2. Between the Azure Agent and Azure Management API and/or the Connection String
graph LR subgraph "Nodinite Instance" roMonitoringService(fal:fa-watch-fitness Monitoring Service) roNI(fal:fa-monitor-waveform Azure agent) roMonitoringService --> |8000/443| roNI end subgraph "Azure Cloud / Subscriptions" roAzureAPI(fal:fa-cloud Microsoft Azure API)---roLA(fal:fa-business-time Web Jobs) roNI --> |443| roAzureAPI roNI--- |443| roAS(fab:fa-bitbucket Azure Storage) end

1. Between the Monitoring Service and the Azure agent

The following ports must be allowed on the Windows server where the agent is installed and running :

Port Name Inbound Outbound TCP UDP Comment
53 DNS The Agent needs to know where your other servers/services are (can sometimes optionally be solved using entries in the local hosts file)

And further with 'Option 1' or 'Option 2' as documented next:

Option 1 (Local network)

Port Name Inbound Outbound TCP UDP Comment
8000 RPC Communication is initiated by the Monitoring Service

Option 2 (Cloud/Hybrid)

Use Service Bus Relayed connections when Nodinite and the agent are on totally different networks.

Nodinite uses the same principle technique as the On-Premise data gateway; Review the 'Adjust communication settings for the on-premises data gateway' user guide.

Port Name Inbound Outbound TCP UDP Comment
443 HTTPS Secure outbound traffic
5671, 5672 Secure AMQP
9350 - 9354 Net.TCP

2. Between the Azure agent and Azure Management API

Port Name Inbound Outbound TCP UDP Comment
443 HTTPS Secure outbound traffic with the Azure REST API. - Safelist the Azure portal URLs on your firewall or proxy server

What Azure Services does the Functions Monitoring require?

You must enable Applications Insights for Azure Functions to use with the Nodinite Monitoring.

The agent makes use of custom Kusto queries to get the logs and also to evaluate the state and metrics of executions.

This topic is covered in the How to configure monitoring for Azure Functions user guide.

Frequently asked questions

Additional solutions to common problems and the FAQ for the Nodinite Azure Monitoring Agent exist in the Troubleshooting user guide.

How do I enable Logging using Azure API Management Services?

Please review the APIMGMT - Logging user guide to enable Nodinite Logging with Azure API Management Service APIs.

How do I enable Logging using Azure Functions?

Please review the SeriLog user guide to enable Nodinite Logging with Azure Functions.

Next Step

Install the Azure agent

Add or manage a Monitoring Agent Configuration
Monitoring Agents
Administration
Monitoring Agents