Audit Windows machines network connectivity on all machines?

Azazel90 391 Reputation points

I'm trying to apply a policy to all my AzureArc-enabled servers (non-Azure VMs) to continously monitor their network connectivity. There is a polciy exactly for that, called "Audit Windows machines network connectivity" but it cannot be applied to multiple devices at the same time. It's asking for a host name at the parameters tab but it doesn't make sense this way. I want to apply this policy to an entire ResourceGroup, not to the servers one by one. Is their a way to apply network connectivity monitoring to an entire resource group instead of single devices?

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,858 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
803 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Stanislav Zhelyazkov 21,506 Reputation points MVP

    The description of that policy says: Machines are non-compliant if a network connection status to an IP and TCP port does not match the policy parameter. So the policy will provide compliance on that when any machine to which the policy applies is able to connect to that specific IP and tcp port. Azure Policies can be applied at management group scope, subscription scope or resource group scope. So if you have machines in different resource groups that needs to check connectivity to specific IP and tcp port you can create different assignment with different input for each resource group. I am not sure why would you do this via policy because this seems like you need network monitoring for your machines which I think Connection Monitor is better suited for this task.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments