Acquiring monitoring data by step description of the metric API Application Gateway

This document is for testing purposes to provide reference documentation and sample scripts designed, as you deploy in a production environment, do not directly use

 

Ø  Get token

A method (i.e., by the service principle SPN):

Refer to open the following documentation:

https://blogs.technet.microsoft.com/stefan_stranger/2016/10/21/using-the-azure-arm-rest-apin-get-access-token/

 

In the very detailed step, wherein the base is performed stepwise, i.e., the decomposition step through scripts.

among them,

Set-AzureRmContext -SubscriptionId $subscription.subscriptionId -TenantId $subscription.TenantID

This step may be in the TenantID, AAD-> Properties in directoryID found in the portal:

 

 

 

Secondly, please referred to therein Assign the Contributor role to the service principal to the bit reader role:

New-AzureRmRoleAssignment -RoleDefinitionName Contributor -ServicePrincipalName $app.ApplicationId.Guid

Contributor->reader

In addition, please note the following URL two minor changes:

1. If you use third-party tools like curl, please

curl --request POST "https://login.windows.net/[tennantid]/oauth2/token" --data-urlencode "resource=https://management.core.windows.net" --data-urlencode "client_id=[clientid]" --data-urlencode "grant_type=client_credentials" --data-urlencode "client_secret=[clientsecret]"

[/sourcecode]

This step change in the login URL:

https://login.chinacloudapi.cn/common/oauth2/token

2. If you are using power shell, please

[sourcecode language='powershell' ]

#Azure Authtentication Token

 

#requires -Version 3

#SPN ClientId and Secret

$ClientID       = "clientid" #ApplicationID

$ClientSecret   = "ClientSecret"  #key from Application

$tennantid      = "TennantID"

 

 

$TokenEndpoint = {https://login.windows.net/{0}/oauth2/token} -f $tennantid

$ARMResource = "https://management.core.windows.net/";

 

$Body = @{

        'resource'= $ARMResource

        'client_id' = $ClientID

        'grant_type' = 'client_credentials'

        'Client_secret = $ ClientSecret

}

 

$params = @{

    ContentType = 'application/x-www-form-urlencoded'

    Headers = @{'accept'='application/json'}

    Body = $Body

    Method = 'Post'

    URI = $ TokenEndpoint

}

 

$token = Invoke-RestMethod @params

 

$token | select access_token, @{L='Expires';E={[timezone]::CurrentTimeZone.ToLocalTime(([datetime]'1/1/1970').AddSeconds($_.expires_on))}} | fl *

This step in

$TokenEndpoint = {https://login.windows.net/{0}/oauth2/token} -f $tennantid

URL changed https://login.chinacloudapi.cn/common/oauth2/token

The end of the -f $ tenantid unchanged

$ ARMResource = URL to read:

https://management.chinacloudapi.cn/

=====================================================================================

Method Two (AAD username password mode):

By the following function:

## get-token function gets the password security applications 

function get-token { 

    username = $ " [email protected] "; ## subscription account 

    $ Password = "xxxxx"; ## subscription password 

    $client_id = "1950a258-227b-4e31-a9cf-717495945fc2" 

    $resource = "https://management.chinacloudapi.cn/" 

    $creds = @{ 

        grant_type = "password" 

        username = $username 

        password = $password         

        client_id = $client_id 

        resource = $resource 

  

    }; 

  

    $headers = $null 

  

    try 

    { 

        $response = Invoke-RestMethod "https://login.chinacloudapi.cn/common/oauth2/token" -Method Post -Body $creds -Headers $headers; 

        $token = $response.access_token; 

        return $token; 

    } 

    catch 

    { 

        $result = $_.Exception.Response.GetResponseStream(); 

        $reader = New-Object System.IO.StreamReader($result); 

        $reader.BaseStream.Position = 0; 

        $reader.DiscardBufferedData(); 

        $responseBody = $reader.ReadToEnd() | ConvertFrom-Json 

        Write-Host "ERROR: $($responseBody.error)" 

        return; 

    } 

} 

  

$bearer = get-token 

  

     

$header = @{ 

        Authorization = "Bearer " + $bearer 

        } 

  

  

  

======================================================================================

 

Ø need to get value from metric api monitored by token:

##How to

## through powershell, or log in to view the properties portal application gateway, access to resource uri virtual machine, and replace highlight the following command in the display portion 

$uri = "https://management.chinacloudapi.cn/<resource uri>/providers/microsoft.insights/metrics?api-version=2018-01-01&metricnames=TotalRequests"

  

## calling Rest API, to obtain virtual machine state history data 

$result = Invoke-RestMethod -Method GET -Uri $uri -Headers $header -Body $null  

  

## print historical state data of the virtual machine 

$result.value  

 

## examples 

 

##$uri = "https://management.chinacloudapi.cn/subscriptions/resourceURL/providers/Microsoft.ResourceHealth/availabilityStatuses?api-version=2015-01-01" 

 

In my test environment resource ID as an example:

https://management.chinacloudapi.cn/subscriptions/test-fbfe-4f11-9af2-b81f0ee26453/resourceGroups/testresourcegroup-E/providers/Microsoft.Network/applicationGateways/TESTAPPGW/providers/microsoft.insights/metrics?api-version=2018-01-01&metricnames=TotalRequests

You can replace highlights other metric:

 

 

 

  

 

$result = Invoke-RestMethod -Method GET -Uri $uri -Headers $header -Body $null  

  

$result.value