Article : SG Azure behavior for single tenent customer and issues related to it.

Hello All,

Writing this post to highlight one of the issues we faced by implementing SG azure for discovering Azure assets.

Suggestion from ServiceNow and way forward.

Statement: We wanted to discover Azure CIs in Azure cloud without using mid server and be cost effective.

Plugin : Service Graph Connector for Microsoft Azure 1.7.2 version

Setup: Single tenant for all regions in our Azure cloud setup

Issue : When we pulled the job to ingest Azure CIs it brought in million of records including regions where no CI exist, templates ,subscriptions ,nature in which these CI are being pulled are also resulting in multiple instances because there are instances for each region.

We engaged ServiceNow HI case and our Architects to come to these recommendations : 

Recommendations :  This is OOB behavior might work better if you have multiple tenants for each region.

1) ingest all data as is and then next pull will be delta depending on the change or update.  

 2) customise to pull data from necessary region (SG-Azure Util's script include.  'datacenter' array may be able to be manipulated to limit regions. )

3)mid server

I will reply with my observation which solution  we went with and results