- Elastic integrations
- Integrations quick reference
- 1Password
- Abnormal Security
- ActiveMQ
- Active Directory Entity Analytics
- Airflow
- Akamai
- Apache
- API (custom)
- Arbor Peakflow SP Logs
- Arista NG Firewall
- Atlassian
- Auditd
- Auth0
- authentik
- AWS
- Amazon CloudFront
- Amazon DynamoDB
- Amazon EBS
- Amazon EC2
- Amazon ECS
- Amazon EMR
- AWS API Gateway
- Amazon GuardDuty
- AWS Health
- Amazon Kinesis Data Firehose
- Amazon Kinesis Data Stream
- Amazon Managed Streaming for Apache Kafka (MSK)
- Amazon NAT Gateway
- Amazon RDS
- Amazon Redshift
- Amazon S3
- Amazon S3 Storage Lens
- Amazon Security Lake
- Amazon SNS
- Amazon SQS
- Amazon VPC
- Amazon VPN
- AWS Bedrock
- AWS Billing
- AWS CloudTrail
- AWS CloudWatch
- AWS ELB
- AWS Fargate
- AWS Inspector
- AWS Lambda
- AWS Logs (custom)
- AWS Network Firewall
- AWS Route 53
- AWS Security Hub
- AWS Transit Gateway
- AWS Usage
- AWS WAF
- Azure
- Activity logs
- App Service
- Application Gateway
- Application Insights metrics
- Application Insights metrics overview
- Application State Insights metrics
- Azure logs (v2 preview)
- Azure OpenAI
- Billing metrics
- Container instance metrics
- Container registry metrics
- Container service metrics
- Custom Azure Logs
- Custom Blob Storage Input
- Database Account metrics
- Event Hub input
- Firewall logs
- Frontdoor
- Functions
- Microsoft Entra ID
- Monitor metrics
- Network Watcher VNet
- Network Watcher NSG
- Platform logs
- Resource metrics
- Spring Cloud logs
- Storage Account metrics
- Virtual machines metrics
- Virtual machines scaleset metrics
- Barracuda
- BitDefender
- Bitwarden
- blacklens.io
- Blue Coat Director Logs
- BBOT (Bighuge BLS OSINT Tool)
- Box Events
- Bravura Monitor
- Broadcom ProxySG
- Canva
- Cassandra
- CEL Custom API
- Ceph
- Check Point
- Cilium Tetragon
- CISA Known Exploited Vulnerabilities
- Cisco
- Cisco Meraki Metrics
- Citrix
- Claroty CTD
- Cloudflare
- Cloud Asset Inventory
- CockroachDB Metrics
- Common Event Format (CEF)
- Containerd
- CoreDNS
- Corelight
- Couchbase
- CouchDB
- Cribl
- CrowdStrike
- Cyberark
- Cybereason
- CylanceProtect Logs
- Custom Websocket logs
- Darktrace
- Data Exfiltration Detection
- DGA
- Digital Guardian
- Docker
- Elastic APM
- Elastic Fleet Server
- Elastic Security
- Elastic Stack monitoring
- Elasticsearch Service Billing
- Envoy Proxy
- ESET PROTECT
- ESET Threat Intelligence
- etcd
- Falco
- F5
- File Integrity Monitoring
- FireEye Network Security
- First EPSS
- Forcepoint Web Security
- ForgeRock
- Fortinet
- Gigamon
- GitHub
- GitLab
- Golang
- Google Cloud
- Custom GCS Input
- GCP
- GCP Audit logs
- GCP Billing metrics
- GCP Cloud Run metrics
- GCP CloudSQL metrics
- GCP Compute metrics
- GCP Dataproc metrics
- GCP DNS logs
- GCP Firestore metrics
- GCP Firewall logs
- GCP GKE metrics
- GCP Load Balancing metrics
- GCP Metrics Input
- GCP PubSub logs (custom)
- GCP PubSub metrics
- GCP Redis metrics
- GCP Security Command Center
- GCP Storage metrics
- GCP VPC Flow logs
- GCP Vertex AI
- GoFlow2 logs
- Hadoop
- HAProxy
- Hashicorp Vault
- HTTP Endpoint logs (custom)
- IBM MQ
- IIS
- Imperva
- InfluxDb
- Infoblox
- Iptables
- Istio
- Jamf Compliance Reporter
- Jamf Pro
- Jamf Protect
- Jolokia Input
- Journald logs (custom)
- JumpCloud
- Kafka
- Keycloak
- Kubernetes
- LastPass
- Lateral Movement Detection
- Linux Metrics
- Living off the Land Attack Detection
- Logs (custom)
- Lumos
- Lyve Cloud
- Mattermost
- Memcached
- Menlo Security
- Microsoft
- Microsoft 365
- Microsoft Defender for Cloud
- Microsoft Defender for Endpoint
- Microsoft DHCP
- Microsoft DNS Server
- Microsoft Entra ID Entity Analytics
- Microsoft Exchange Online Message Trace
- Microsoft Exchange Server
- Microsoft Graph Activity Logs
- Microsoft M365 Defender
- Microsoft Office 365 Metrics Integration
- Microsoft Sentinel
- Microsoft SQL Server
- Mimecast
- ModSecurity Audit
- MongoDB
- MongoDB Atlas
- MySQL
- Nagios XI
- NATS
- NetFlow Records
- Netskope
- Network Beaconing Identification
- Network Packet Capture
- Nginx
- Okta
- Oracle
- OpenCanary
- Osquery
- Palo Alto
- pfSense
- PHP-FPM
- PingOne
- PingFederate
- Pleasant Password Server
- PostgreSQL
- Prometheus
- Proofpoint TAP
- Proofpoint On Demand
- Pulse Connect Secure
- Qualys VMDR
- QNAP NAS
- RabbitMQ Logs
- Radware DefensePro Logs
- Rapid7
- Redis
- Rubrik RSC Metrics Integration
- Salesforce
- SentinelOne
- ServiceNow
- Slack Logs
- Snort
- Snyk
- SonicWall Firewall
- Sophos
- Spring Boot
- SpyCloud Enterprise Protection
- SQL Input
- Squid Logs
- SRX
- STAN
- Statsd Input
- Sublime Security
- Suricata
- StormShield SNS
- Symantec
- Symantec Endpoint Security
- Sysmon for Linux
- Sysdig
- Syslog Router Integration
- System
- System Audit
- Tanium
- TCP Logs (custom)
- Teleport
- Tenable
- Threat intelligence
- ThreatConnect
- Threat Map
- Thycotic Secret Server
- Tines
- Traefik
- Trellix
- Trend Micro
- TYCHON Agentless
- UDP Logs (custom)
- Universal Profiling
- Vectra Detect
- VMware
- WatchGuard Firebox
- WebSphere Application Server
- Windows
- Wiz
- Zeek
- ZeroFox
- Zero Networks
- ZooKeeper Metrics
- Zoom
- Zscaler
Azure Application State Integration
editAzure Application State Integration
editVersion |
1.7.1 (View all) |
Compatible Kibana version(s) |
8.13.0 or higher |
Supported Serverless project types |
Security |
Subscription level |
Basic |
The Application State Integration allows users to retrieve application insights state related metrics from specified applications.
Integration level configuration options
edit-
Application ID
- ([]string) ID of the application. This is Application ID from the API Access settings blade in the Azure portal.
-
Api Key
- ([]string) The API key which will be generated, more on the steps here https://dev.applicationinsights.io/documentation/Authorization/API-key-and-App-ID.
Additional notes about metrics and costs
editCosts: Metric queries are charged based on the number of standard API calls. More information on pricing here https://azure.microsoft.com/en-us/pricing/details/monitor/.
Exported fields
Field | Description | Type | Metric Type |
---|---|---|---|
@timestamp |
Event timestamp. |
date |
|
agent.id |
Unique identifier of this agent (if one exists). Example: For Beats this would be beat.id. |
keyword |
|
azure.app_state.browser_timings_network_duration.avg |
Browser timings network duration |
float |
gauge |
azure.app_state.browser_timings_processing_duration.avg |
Browser timings processing duration |
float |
gauge |
azure.app_state.browser_timings_receive_duration.avg |
Browser timings receive duration |
float |
gauge |
azure.app_state.browser_timings_send_duration.avg |
Browser timings send duration |
float |
gauge |
azure.app_state.browser_timings_total_duration.avg |
Browser timings total duration |
float |
gauge |
azure.app_state.end_date |
The end date |
date |
|
azure.app_state.exceptions_browser.sum |
Exception count at browser level |
float |
gauge |
azure.app_state.exceptions_count.sum |
Exception count |
float |
gauge |
azure.app_state.exceptions_server.sum |
Exception count at server level |
float |
gauge |
azure.app_state.performance_counters_memory_available_bytes.avg |
Performance counters memory available bytes |
float |
gauge |
azure.app_state.performance_counters_process_cpu_percentage.avg |
Performance counters process cpu percentage |
float |
gauge |
azure.app_state.performance_counters_process_cpu_percentage_total.avg |
Performance counters process cpu percentage total |
float |
gauge |
azure.app_state.performance_counters_process_private_bytes.avg |
Performance counters process private bytes |
float |
gauge |
azure.app_state.performance_counters_processiobytes_per_second.avg |
Performance counters process IO bytes per second |
float |
gauge |
azure.app_state.requests_count.sum |
Request count |
float |
gauge |
azure.app_state.requests_failed.sum |
Request failed count |
float |
gauge |
azure.app_state.sessions_count.unique |
Session count |
float |
gauge |
azure.app_state.start_date |
The start date |
date |
|
azure.app_state.users_authenticated.unique |
Authenticated users count |
float |
gauge |
azure.app_state.users_count.unique |
User count |
float |
gauge |
azure.application_id |
The application ID |
keyword |
|
azure.dimensions.browser_timing_url_host |
The host part of the URL that the browser was accessing when timings were captured. |
keyword |
|
azure.dimensions.browser_timing_url_path |
The path part of the URL that the browser was accessing when timings were captured. |
keyword |
|
azure.dimensions.cloud_role_instance |
The unique identifier of the cloud instance where the application is running. |
keyword |
|
azure.dimensions.cloud_role_name |
The name of the role that the cloud instance is performing. |
keyword |
|
azure.dimensions.exception_type |
The type of exception that was thrown. |
keyword |
|
azure.dimensions.request_name |
The name of the request that was made. |
keyword |
|
azure.dimensions.request_url_host |
The host part of the URL that was requested. |
keyword |
|
azure.namespace |
The namespace selected |
keyword |
|
azure.resource.group |
The resource group |
keyword |
|
azure.resource.id |
The id of the resource |
keyword |
|
azure.resource.name |
The name of the resource |
keyword |
|
azure.resource.tags |
Azure resource tags. |
flattened |
|
azure.resource.type |
The type of the resource |
keyword |
|
azure.subscription_id |
The subscription ID |
keyword |
|
azure.timegrain |
The Azure metric timegrain |
keyword |
|
cloud.image.id |
Image ID for the cloud instance. |
keyword |
|
cloud.region |
Region in which this host is running. |
keyword |
|
data_stream.dataset |
Data stream dataset name. |
constant_keyword |
|
data_stream.namespace |
Data stream namespace. |
constant_keyword |
|
data_stream.type |
Data stream type. |
constant_keyword |
|
dataset.name |
Dataset name. |
constant_keyword |
|
dataset.namespace |
Dataset namespace. |
constant_keyword |
|
dataset.type |
Dataset type. |
constant_keyword |
|
host.containerized |
If the host is a container. |
boolean |
|
host.os.build |
OS build information. |
keyword |
|
host.os.codename |
OS codename, if any. |
keyword |
Changelog
editChangelog
Version | Details | Kibana version(s) |
---|---|---|
1.7.1 |
Enhancement (View pull request) |
8.13.0 or higher |
1.7.0 |
Enhancement (View pull request) |
8.13.0 or higher |
1.6.0 |
Enhancement (View pull request) |
8.13.0 or higher |
1.5.0 |
Enhancement (View pull request) |
8.12.0 or higher |
1.4.0 |
Enhancement (View pull request) |
8.12.0 or higher |
1.3.0 |
Enhancement (View pull request) |
8.12.0 or higher |
1.2.3 |
Bug fix (View pull request) |
8.9.0 or higher |
1.2.2 |
Enhancement (View pull request) |
8.9.0 or higher |
1.2.1 |
Enhancement (View pull request) |
8.9.0 or higher |
1.2.0 |
Enhancement (View pull request) |
8.9.0 or higher |
1.1.0 |
Enhancement (View pull request) |
8.9.0 or higher |
1.0.6 |
Enhancement (View pull request) |
7.14.0 or higher |
1.0.5 |
Enhancement (View pull request) |
7.14.0 or higher |
1.0.4 |
Bug fix (View pull request) |
7.14.0 or higher |
1.0.3 |
Enhancement (View pull request) |
7.14.0 or higher |
1.0.2 |
Enhancement (View pull request) |
— |
1.0.1 |
Enhancement (View pull request) |
7.14.0 or higher |
1.0.0 |
Enhancement (View pull request) |
7.14.0 or higher |
0.3.1 |
Enhancement (View pull request) |
— |
0.3.0 |
Enhancement (View pull request) |
— |
0.2.1 |
Enhancement (View pull request) |
— |
0.2.0 |
Enhancement (View pull request) |
— |
0.1.0 |
Enhancement (View pull request) |
— |
On this page