Forum Discussion

Srini1987's avatar
Srini1987
Copper Contributor
Jul 03, 2020

KQL query to check the v-net peering status

Hi Friends,

 

i am surprised there is no way to monitor the status of vnet peering using azure monitor.

Can any one help to find  KQL query to check the v-net peering status .

  • Hi Srini1987 ,

     

    You could try using Azure Resource Graph (also KQL-based) and this query:

     

    resources
    | where type =~ 'Microsoft.network/virtualNetworks'
    | extend peerings=array_length(properties.virtualNetworkPeerings)
    | mv-expand peering=properties.virtualNetworkPeerings
    | where isnotempty(peerings)
    | project networkId = id, VNetName = name, peeringState=tostring(peering.properties.peeringState), peering
     
    The peeringState column should show you the status.
  • pazdedav's avatar
    pazdedav
    Steel Contributor

    Hi Srini1987 ,

     

    You could try using Azure Resource Graph (also KQL-based) and this query:

     

    resources
    | where type =~ 'Microsoft.network/virtualNetworks'
    | extend peerings=array_length(properties.virtualNetworkPeerings)
    | mv-expand peering=properties.virtualNetworkPeerings
    | where isnotempty(peerings)
    | project networkId = id, VNetName = name, peeringState=tostring(peering.properties.peeringState), peering
     
    The peeringState column should show you the status.
    • thomasengzell's avatar
      thomasengzell
      Copper Contributor

      pazdedav 

      Do you know if it is possible to make an alert through that query that if one of the peerings is disconnected an email is sent?

      Thanks!

      • pazdedav's avatar
        pazdedav
        Steel Contributor
        Hi, since Azure Resource Graph (ARG) queries uses the Resource Graph db as a source, and not a Log Analytics workspace, I don't think it is currently possible to create an alert for a query result directly in the Resource Graph Explorer.
        In addition, you would probably like to capture those changes in an event-driven way (when they happen). There is a Resource Changes API (part of ARG) that allows you to detect changes, but you would need to develop a custom solution to query this API, e.g. from an Azure Function.
  • Srini1987 

     

    VNet peering is a SDN solution for connecting two different VNets. You don't have devices/appliances implementing the peering. Having Azure Monitor metrics for peering status would be almost similar to having metrics for subnet-to-subnet connectivity.

     

    However, you can implement yourself a Connection monitor, with two VM endpoints (one in each side of the peering). See more info on that.

Resources