What SN feature is better for Azure Cloud Discovery (Azure Service Graph OR Pattern based Cloud?

varunkumar11863 · ‎11-30-2024

What SN feature is better for Azure Cloud Discovery (Azure Service Graph OR Pattern based Cloud Discovery)? We want to do Horizontal discovery on Azure VMs but foreseeing issues like VPN, Credentials. Would SG connector able to retrieve SW Installs and Running processes without any additional access? If yes, isn't this a security issue if Connector is able to read target host information without getting adequate access? Or does it require access from VM Owner?

Niklas Peterson · ‎12-01-2024

Hi,

Yes, that is how I understand it and then Azure SG fetches this information through the log analytics api.

Regards,
Niklas

View solution in original post

Niklas Peterson · ‎11-30-2024

Hi,

To get TCP and process data using SG you need to use VM Insight in Azure. It uses a montoring agent to gather performance data from the operating system.

https://www.servicenow.com/docs/bundle/xanadu-servicenow-platform/page/product/configuration-managem...

Regards,
Niklas

varunkumar11863 · ‎12-01-2024

Hi Niklas, Is VM Insight also needed to report SW Installations?

Niklas Peterson · ‎12-01-2024

Hi,

Software collection requires the Azure Monitoring agent and log analytics api. See section 5 on this link: https://www.servicenow.com/docs/bundle/washingtondc-servicenow-platform/page/product/configuration-m...

Regards,
Niklas

varunkumar11863 · ‎12-01-2024

Hi,

Isn't VM Insight uses Azure Monitoring agent to collect data using data collection rule? If yes, does it mean Azure uses same agent for SW Installations, TCP logs, processes, etc.?