Microsoft Azure Key Vaults/Key Vault Managed HSM監視
概要
Applications Managerで、Azure Key VaultとAzure Key Vault Managed HSMの監視を行うことで、サービスのパフォーマンス、可用性、セキュリティを効果的に監視し、実用的な洞察を得て、使用状況を最適化し、異常を検出し、セキュリティインシデントに迅速に対応することが可能です。
新規監視追加
新規にAzure Key Vaults/Key Vault Managed HSMの監視を追加する方法はこちらをご参照ください。
監視対象パラメーター
[監視]タブをクリックして、監視カテゴリービューへ移動します。[クラウド]カテゴリーから[Microsoft Azure]配下の[子モニター]にカーソルを合わせて、表示された欄から[Key
Vaults]または[Key Vault Managed HSM]をクリックしてください。
一括設定ビューが3つのタブに分類のうえ表示されます。
- [可用性]タブ:最新24時間か30日の可用性履歴がわかります。
- [パフォーマンス]タブ:最新24時間か30日のステータスとイベントを確認可能です。
- [リストビュー]タブ:一括管理設定を実行できます。
Azure Key Vaults/Key Vault Managed HSM監視で対応するタブで監視できるメトリクスのリストは次のとおりです。
パフォーマンス概要
| パラメーター | 説明 |
監視タイプ
|
|
|---|---|---|---|
|
Key Vaults
|
Key Vault Managed HSM
|
||
| VAULT AVAILABILITY | |||
| Vault Availability | The average availability of the vault requests between the poll interval (in %). |  |
|
| VAULT SATURATION | |||
| Vault Saturation | The average vault capacity used between the poll interval (in %). | |
|
| SERVICE AVAILABILITY | |||
| Service Availability | The average availability of the service requests between the poll interval (in %). | |
|
| API LATENCY | |||
| API Latency | The average overall latency of service API requests between the poll interval (in seconds). | |
|
| API HITS | |||
| Rate of API Hits | The number of total service API hits per minute, between the poll interval (in requests/min). | |
|
| Total API Hits | The number of total service API hits between the poll interval. | |
|
| API RESULTS | |||
| API Results | The number of total service API results between the poll interval (in MB). | |
|
構成
RESOURCE ACCESS CONFIGURATION配下のメトリクスは、Azure Key
Vaults監視でのみサポートされます。
| Parameter | Description |
|---|---|
| CONFIGURATION | |
| Resource Group Name | The name of the resource group. |
| Location | The location of the resource. |
| Provisioning State | The current provisioning state of the resource. Possible values: RegisteringDns, Succeeded. |
| SKU Tier | The SKU name to specify the type of vault. Possible Values:
|
| SKU Family | The SKU Family name. |
| Vault URl/HSM URl | The URl of the vault/HSM used to perform operations on keys and secrets. |
| Creation Time | The timestamp of the key vault resource creation. |
| Creator Identity Type | The identity type used to create the key vault resource. |
| Last Modified Time | The timestamp of the key vault resource last modification. |
| Last Modifier Identity Type | The type of identity that last modified the key vault resource. |
| ADVANCED SETTINGS | |
| Soft Delete | Property to specify whether the 'Soft Delete' functionality is enabled for this key vault. Possible values: Enabled/Disabled. |
| Soft Delete Retention Days | The total number of Soft Delete data retention days. The possible value will be >=7 & <=90. |
| Purge Protection | Property specifying whether protection against purge is enabled for this vault. This setting is effective only if soft delete is also enabled. Possible values: Enabled/Disabled. |
| Public Network Access | Property to specify whether the vault will accept traffic from the public internet. Possible values: Enabled/Disabled. |
| RESOURCE ACCESS CONFIGURATION | |
| RBAC Authorization | Property that controls how data actions are authorized. Possible values: Enabled/Disabled. |
| Virtual Machine for Deployment | Property to specify whether the Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Possible values: Enabled/Disabled. |
| Resource Manager for Template Deployment | Property to specify whether the Azure Resource Manager is permitted to retrieve secrets from the key vault. Possible values: Enabled/Disabled. |
| Disk Encryption for Volume Encryption | Property to specify whether the Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Possible values: Enabled/Disabled. |