Prerequisites for Discovery connection
- Confirm you have a scanner up and running in your local environment, scanning data and collecting information from your local network.
- After you decide you would like to expand the data collected to include information stored on Azure Cloud, you must create a dedicated user including credentials via the Azure console at: azure.microsoft.com.
Azure Cloud Configuration
Navigate to Setup > Discovery & Assets > Connections.
From the All Connections index page, click the Add icon and select Azure Cloud from the dropdown.
Use the information below to configure your connection.
Field Description Cloud identification
- Subscription ID
- Tenant ID (found under Azure Active Directory in the Azure portal)
- Client ID (Azure Portal > Azure Active Directory> App Registration > Add New Registration)
- Client Secret (Inside the app registration added > Certificates and Secrets > Create new client secret)
Permissions required Reader permissions (Add Inside specific subscription > Access Control (IAM) > Role Assignments > Add Role Assignment)
Click Create on the top right of the screen to save the connection.
After you have established a secure connection between the selected scanner and Azure Cloud, you can retrieve the following information.
|Instance ID (VM ID)||eb982846-4594-4a66-afe5-dfb49f66|
|User (Admin Username)||Discovery|
|Operating System (OS)||windows/linux|
|Location||(US) East US|
|Memory and CPU|
|Number of CPUs||1|
|Field||Example (from cloud)|
See Connections for information about:
- Scanned ports and a list of the default ports scanned via Nmap
- How to run an on-demand scan
- How to pull a Last Scan Report
- What data is pulled during Discovery through connections
- Pulling fields from a mobile device via Intune
- Obtaining management data from remote computers via WMI