Azure Cloud Device Details
Search > Device Details > Cloud provides inventory, security, and interface data for Azure cloud instances, samples of which follow:
Inventory Tab
One record displays. It represents the one virtual machine instance in AWS cloud.
| Data Type | Description | Example |
|---|---|---|
| Provider | Name of the cloud provider | azure |
| Account ID | Account number the cloud provider assigned to your company's account | 040758885882 |
| Instance ID | Cloud provider's instance identifier | i-010c0019a16e292b8 |
| Public IP Address | IPv4 address of the instance | 172.18.10.124 |
|
Public MAC Address |
MAC address of the instance | 0e:28:30:20:73:c8 |
| Name | Name of the cloud account such as sa-account | sa-account |
| Region | Geographic area in which the instance is running | eastus |
| VPC ID | Azure Virtual Private Cloud identifier | /subscriptions/. . . |
| VPC Name | DNS of device | Virtual-Network-NJ |
| Security Group Risk | Number of Security Group Violations | 14 |
Security Tab
Each record describes one security group violation. The risks column identifies why the security configuration has been flagged by Cloud Scout as a violation.
| Data Type | Description | Example |
|---|---|---|
| Security Group ID | Unique security group identifier generated by Azure to identify a security group. | /subscriptions |
| Check Name | Identifier of security group rule | UDP Port is Open |
| Type | Category of rule such as "SECURITY_RULE" | SECURITY_RULE |
| Source | Entity that found and identified the security violation | CloudScout |
| Direction |
Indicates whether the violation occurs going outbound or inbound |
inbound |
| Action | Command relative to that security rule | allow |
| Rule Name | Given identifier of the rule | 25_any_any |
| Rule Priority | Order in which rules should be handed; higher number indicates more risk | 130 |
| Source IP | IPv4 origin web interface |
|
| Destination IP | IPv4 end-point interface |
|
| Source Protocol Ports | Call ports | tcp/udp |
| Destination Protocol Ports | Response ports | tcp/udp:443-443. |
| Source IPv6s | IPv6 origin web interface |
|
| Destination IPv6s | IPv6 end-point interface |
|
| Region | Named cloud region | useast |
| VPC ID | Instance identifier | /subscriptions/. . . |
| VPC Name | Instance name | Virtual-Network-NJ |
Interface Tab
The source of Asset Manager Inspector tab data is Amazon Inspector, which is an automated security assessment service on AWS that helps you test the network accessibility of Amazon EC2 instances and the security state of your applications running on the instances. Amazon AWS Inspector analyzes your network configurations in AWS for reachability, a security service that assesses instances for security exposures and vulnerabilities. In-depth information about AWS Inspector is available at https://aws.amazon.com/inspector/faqs/. The inspector tab presents identifiers associated with one AWS instance.
| Data Type | Description | Example |
|---|---|---|
| Public IP | IPv4 address of the interface | 172.18.10.124 |
|
Public DNS Address |
DNS name of the instance |
|
|
MAC Address |
MAC address of the interface | 0e:28:30:20:73:c8 |
| Allowed IP Forwarding | Whether IP forwarding is permitted | false |
| Subnet ID | Unique identifier of the subnet as identified by AWS |
|
| Subnet Policies |
|
|
| Interface Policies | Current status of the network interface |
|
| Private IP Address | IPv4 address for the network interface |
|
| Private DNS Name | IPv4name for the instance |
|
| IPv6 Address | IPv6 address of the network interface |
|
| IPv6 DNS Name | IPv6 name for the instance |
|
| Provider | Name of the cloud provider | aws |
| Account ID | Account number the cloud provider assigned to your company's account | 040758885882 |
| Instance ID | Cloud provider's instance identifier | i-010c0019a16e292b8 |
| Name | Name of the cloud account such as sa-account | sa-account |
| AWS Target | Identifies AWS assessment targets (collection of AWS resources) for which you want to evaluates the security state |
|
| Agent Health | Indicates the health of the AWS security assessment service running on the AWS agent |
|
| Last Scan | Time of the last health check |
|
Inventory Tab
One record displays. It represents the one virtual machine instance in AWS cloud.
| Data Type | Description | Example |
|---|---|---|
| Provider | Name of the cloud provider | aws |
| Account ID | Account number the cloud provider assigned to your company's account | 040758885882 |
| Instance ID | Cloud provider's instance identifier | i-010c0019a16e292b8 |
| Public IP Address | IPv4 address of the instance | 172.18.10.124 |
|
Public MAC Address |
MAC address of the instance | 0e:28:30:20:73:c8 |
| Name | Name of the cloud account such as sa-account | sa-account |
| Provider | Name of the cloud provider |
|
| Account ID | Account number cloud provider assigned to your company's account |
|
| Instance ID | Unique identifier of an instance |
|
| Public IP Address | IPv4 address of instance |
|
|
Public MAC Address |
MAC address of instance |
|
| Name | Name of the AWS cloud account such as sa-account |
|
| Region | Geographic area in which the instance is running |
|
| VPC ID | Amazon Virtual Private Cloud identifier |
|
| Risks | List of security risks for instance |
|
| Security Group Risk | Number of Security Group Violations |
|
| Subnet Route Risk | Number of subnet route risks. The cell will be empty when there aren't any subnet route risks |
|
Security Tab
Each record describes one security group violation. The risks column identifies why the security configuration has been flagged by Cloud Scout as a violation.
| Security Group ID | Unique security group identifier generated by Amazon to identify a security group. |
|---|---|
| Description | User-populated field in AWS |
| Risks | Description of a violation |
| VPC ID |
Unique identifier generated by Amazon to identify an Amazon Virtual Private Cloud |
| IPv4 Range | The range of IPv4 address to which a rule applies |
| IPv6 Range | The range of IPv6 address to which a rule applies |
| Direction |
Indicates whether the violation occurs going outbound or inbound |
| Src Port | Origination port from which traffic to instance is allowed |
| Dest Port | Destination port to which traffic from instance is allowed |
| Protocol | The network protocol over which the traffic is allowed |
Interface Tab
| Data Type | Description |
|---|---|
| Public IP | IPv4 or IPv6 address of interface |
| Index | Ordinal number from AWS that identifies the interface |
| Description | Optional field. Populates with the description user provided in AWS |
|
MAC Address |
MAC address of interface |
| Network Interface ID | Unique identifier generated by AWS |
| Interface Status | Current status of the network interface |
| Subnet ID | Unique identifier of the subnet as identified by AWS |
| VPC ID | Identifies for the Virtual Private Cloud to which the interface belongs. |
| Private IP Address | IP address for the network interface |
| Attach Status | Indicator as to whether the interface is attached or not attached. Interface will only show "attached." (Asset Manager doesn't show "unattached" interfaces. ) |
Audit Logs
Shows the last 30 days or last 100 event notification records, whichever is smaller. To see more records, you can click Export to export the last 90 days or 10,000 records in JSON format. When you export to JSON, addition details are provided.
| Data Type | Description | Example |
|---|---|---|
| Event Time | Time the event was recorded in Coordinated Universal Time (UTC) format | 2019-11-08T09:57:24Z |
| Username | Identifier of the person who performed the activity that triggered an event notification | AttachNetworkInterface
ModifyInstanceAttribute RebootInstances |
| Region | Geographic area in which the instance is running |
us-east-1 |
| Event Name | Event name comes from AWS | DetatchNetworkInterface |
| Event Source | From web interface rather than CLI | ec2.amazonaws.com |
| Source IP Address | From web interface rather than CLI | 152.193.0.98 |
Notes
One record displays. It represents the one virtual machine instance in AWS cloud.
| Data Type | Description |
|---|---|
| Security Group ID | Unique security group identifier generated by Amazon to identify a security group. |
| Description | User-populated field in AWS |
| Risks | Description of a violation |
| VPC ID |
Unique identifier generated by Amazon to identify an Amazon Virtual Private Cloud |
| IPv4 Range | The range of IPv4 address to which a rule applies |
| IPv6 Range | The range of IPv6 address to which a rule applies |
| Direction |
Indicates whether the violation occurs going outbound or inbound |
| Src Port | Origination port from which traffic to instance is allowed |
| Dest Port | Destination port to which traffic from instance is allowed |
| Protocol | The network protocol over which the traffic is allowed |
Interface Tab
| Data Type | Description |
|---|---|
| Public IP | IPv4 or IPv6 address of interface |
| Index | Ordinal number from AWS that identifies the interface |
| Description | Optional field. Populates with the description user provided in AWS |
|
MAC Address |
MAC address of interface |
| Network Interface ID | Unique identifier generated by AWS |
| Interface Status | Current status of the network interface |
| Subnet ID | Unique identifier of the subnet as identified by AWS |
| VPC ID | Identifies for the Virtual Private Cloud to which the interface belongs. |
| Private IP Address | IP address for the network interface |
| Attach Status | Indicator as to whether the interface is attached or not attached. Interface will only show "attached." (Asset Manager doesn't show "unattached" interfaces. ) |
Audit Logs
Shows the last 30 days or last 100 event notification records, whichever is smaller. To see more records, you can click Export to export the last 90 days or 10,000 records in JSON format. When you export to JSON, addition details are provided.
| Data Type | Description | Example |
|---|---|---|
| Event Time | Time the event was recorded in Coordinated Universal Time (UTC) format | 2019-11-08T09:57:24Z |
| Username | Identifier of the person who performed the activity that triggered an event notification | AttachNetworkInterface
ModifyInstanceAttribute RebootInstances |
| Region | Geographic area in which the instance is running |
us-east-1 |
| Event Name | Event name comes from AWS | DetatchNetworkInterface |
| Event Source | From web interface rather than CLI | ec2.amazonaws.com |
| Source IP Address | From web interface rather than CLI | 152.193.0.98 |