Table: azure_application_insight - Query Azure Application Insights using SQL
Application Insights is a service within Microsoft Azure that allows you to monitor and respond to issues across your applications. It provides a centralized way to set up and manage telemetry for various Azure resources, including web applications, databases, and more. Application Insights helps you stay informed about the performance, usage, and availability of your Azure applications and take appropriate actions when predefined conditions are met.
Table Usage Guide
The azure_application_insight
table provides insights into Application Insights within Microsoft Azure. As a DevOps engineer, explore application-specific details through this table, including telemetry, performance metrics, and associated metadata. Utilize it to uncover information about applications, such as their usage patterns, performance metrics, and the availability status.
Examples
Basic info
Explore the details of your Azure Application Insights such as the type, retention period, and region, to better understand and manage your application monitoring settings. This can be particularly useful for optimizing resource allocation and ensuring adherence to data retention policies.
select name, kind, retention_in_days, region, resource_groupfrom azure_application_insight;
select name, kind, retention_in_days, region, resource_groupfrom azure_application_insight;
List application insights having retention period less than 30 days
Explore which Azure Application Insights have a retention period of less than 30 days. This is useful in identifying potential data loss risks due to short retention periods.
select name, kind, retention_in_days, region, resource_groupfrom azure_application_insightwhere retention_in_days < 30;
select name, kind, retention_in_days, region, resource_groupfrom azure_application_insightwhere retention_in_days < 30;
List insights that can be queried publicly
Explore which Azure application insights are accessible via public network. This is useful in determining what information is available for public querying, aiding in data transparency and accessibility assessments.
select name, kind, retention_in_days, region, resource_groupfrom azure_application_insightwhere public_network_access_for_query ? 'Enabled';
select name, kind, retention_in_days, region, resource_groupfrom azure_application_insightwhere json_extract(public_network_access_for_query, '$.Enabled') is not null;
List insights that allow ingestion publicly
Explore which Azure Application Insights have public network access enabled for data ingestion. This query is useful for identifying potential security risks and ensuring data privacy standards are met.
select name, kind, retention_in_days, region, resource_groupfrom azure_application_insightwhere public_network_access_for_ingestion ? 'Enabled';
select name, kind, retention_in_days, region, resource_groupfrom azure_application_insightwhere json_extract(public_network_access_for_ingestion, '$.Enabled') is not null;
Control examples
- Application Insights components should block log ingestion and querying from public networks
- Azure Monitor Logs for Application Insights should be linked to a Log Analytics workspace
- CIS v2.0.0 > 5 Logging and Monitoring > 5.3 Configuring Application Insights > 5.3.1 Ensure Application Insights are Configured
- CIS v2.1.0 > 5 Logging and Monitoring > 5.3 Configuring Application Insights > 5.3.1 Ensure Application Insights are Configured
- CIS v3.0.0 > 6 Logging and Monitoring > 6.3 Configuring Application Insights > 6.3.1 Ensure Application Insights are Configured
Schema for azure_application_insight
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
app_id | text | Application insights unique id for your Application. | |
application_type | jsonb | Type of application being monitored. | |
cloud_environment | text | The Azure Cloud Environment. | |
connection_string | text | Application Insights component connection string. | |
creation_date | timestamp with time zone | Creation date for the Application Insights component. | |
disable_ip_masking | boolean | Disable IP masking. | |
disable_local_auth | boolean | Disable Non-AAD based Auth. | |
etag | text | A unique read-only string that changes whenever the resource is updated. | |
flow_type | jsonb | Determines what kind of flow this component was created by. | |
force_customer_storage_for_profiler | boolean | Force users to create their own storage account for profiler and debugger. | |
id | text | Contains id to identify the application insight uniquely. | |
immediate_purge_data_on_30_days | boolean | Purge data immediately after 30 days. | |
ingestion_mode | jsonb | Indicates the flow of the ingestion. | |
instrumentation_key | text | Application Insights Instrumentation key. | |
kind | text | The kind of application that this component refers to, used to customize UI. | |
name | text | = | The friendly name that identifies the application insight. |
private_link_scoped_resources | jsonb | List of linked private link scope resources. | |
provisioning_state | text | Current state of this component. | |
public_network_access_for_ingestion | text | The network access type for accessing Application Insights ingestion. | |
public_network_access_for_query | text | The network access type for accessing Application Insights query. | |
region | text | The Azure region/location in which the resource is located. | |
request_source | text | Describes what tool created this Application Insights component. | |
resource_group | text | = | The resource group which holds this resource. |
retention_in_days | bigint | Retention period in days. | |
sampling_percentage | double precision | Percentage of the data produced by the application being monitored that is being sampled for Application Insights telemetry. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
subscription_id | text | =, !=, ~~, ~~*, !~~, !~~* | The Azure Subscription ID in which the resource is located. |
tags | jsonb | A map of tags for the resource. | |
tenant_id | text | Azure Tenant ID. | |
title | text | Title of the resource. | |
type | text | The resource type of the application insight. | |
workspace_resource_id | text | Resource Id of the log analytics workspace to which the data will be ingested. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure
You can pass the configuration to the command with the --config
argument:
steampipe_export_azure --config '<your_config>' azure_application_insight