This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project,
feel free to reach out to us!Overview
Azure Key Vault is used to safeguard and manage cryptographic keys and secrets used by cloud applications and services.
Use the Datadog Azure integration to collect metrics from Azure Key Vault.
Setup
Installation
If you haven’t already, set up the Microsoft Azure integration. No additional installation steps are required.
Data Collected
Metrics
azure.keyvault_vaults.service_api_hit
(count) | Number of total service api hits
Shown as request |
azure.keyvault_vaults.service_api_latency
(gauge) | Overall latency of service api requests
Shown as millisecond |
azure.keyvault_vaults.service_api_result
(count) | Number of total service api results
Shown as response |
azure.keyvault_vaults.saturation_shoebox
(gauge) | Vault capacity used
Shown as percent |
azure.keyvault_vaults.availability
(gauge) | Vault requests availability
Shown as percent |
azure.keyvault_vaults.count
(gauge) | The count of all Azure Key Vault resources |
azure.keyvault_managedhsms.availability
(gauge) | Service requests availability
Shown as percent |
azure.keyvault_managedhsms.service_api_hit
(count) | Number of total service api hits
Shown as request |
azure.keyvault_managedhsms.service_api_latency
(gauge) | Overall latency of service api requests
Shown as millisecond |
Events
Datadog sends credential expiry events to help you monitor upcoming expirations for Azure app registrations, Key Vault keys, Key Vault secrets, and Key Vault certificates. To receive events for Key Vault keys, secrets, and certificates, you must install the Azure Key Vault integration.
- Expiration events are sent 60, 30, 14, 7, and 1 day(s) before credential expiration, and once after expiration.
- Missing permission events are sent every 15 days and lists the Key Vaults for which Datadog lacks the required permissions. If no changes are made to Key Vault permissions during the previous 15-day cycle, the event notification is not sent again.
You can view these events in Event Explorer.
Notes:
- To collect Azure app registration expiration events, enable access to the Microsoft Graph API.
- If a certificate and its associated key and secret expire at the exact same time, one expiration event is sent for all resources.
Service Checks
The Azure Key Vault integration does not include any service checks.
Troubleshooting
Need help? Contact Datadog support.
Further reading
Más enlaces, artículos y documentación útiles:
