Getting Started With Azure Event Grid Viewer

In the last article, we had a look at how to start with  Azure DevOps: Getting Started With Audit Streaming With Event Grid

In the article, we will go to the next step to create a subscription and use webhook event handlers to view those logs in our Azure web application.

Terminologies Used in Azure Event Grid:

1. Events: What occurs
2. Events source: Where it occurs
3. Topic: Where event gird received the events
4. Event Subscription: Build-in a mechanism where we define route mapping of events to the event handlers, we can also define filter expression to filters events.
5. Event Handler: There are predefined event handlers available that received the events after we create a subscription

Event Grid Security:

Here we are going to use ValidationCode handshake when we will create a subscription, the event grid will send the validation request to the webhook. It will consist same schema body and it includes validationCode property inside the data portion, the application will verify the request.

An Example of SubscriptionValidationEvent Is Shown in the Following Example:

[

  {

    "id": "2d1781af-3a4c-4d7c-bd0c-e34b19da4e66",

    "topic": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",

    "subject": "",

    "data": {

      "validationCode": "512d38b6-c7b8-40c8-89fe-f46f9e9622b6",

      "validationUrl": "https://rp-eastus2.eventgrid.azure.net:553/eventsubscriptions/estest/validate?id=512d38b6-c7b8-40c8-89fe-f46f9e9622b6&t=2018-04-26T20:30:54.4538837Z&apiVersion=2018-05-01-preview&token=1A1A1A1A"

    },

    "eventType": "Microsoft.EventGrid.SubscriptionValidationEvent",

    "eventTime": "2018-01-25T22:12:19.4556811Z",

    "metadataVersion": "1",

    "dataVersion": "1"

  }

]

To Validate the Ownership We Need to Send Back the ValidaitonCode in ValidationReponse Property.

xxxxxxxxxx

{

  "validationResponse": "512d38b6-c7b8-40c8-89fe-f46f9e9622b6"

}

In This Demo, You Will Get To Learn the Following Topics:

1. Deploy azure resource from a custom deployment template.
2. Configure Azure DevOps to receive Audit Events in Event Grid Topic.
3. Create an event grid topic subscription.
4. Deploy azure resource from a custom deployment template.
5. Azure DevOps Audit Logs Viewer.

Deploy Azure Resources From a Custom Deployment Template

1. Login to azure portal https://portal.azure.com.
2. Let’s deploy azure resources from a custom deployment template click on this link.
3. Fill all the required details, make sure to note down the azure resource group name, event grid topic name, app site name.
4. This will be your site link https://{siteName}.azurewebsites.net

Configure Azure DevOps to Receive Audit Events in Event Grid Topic

1. Follow the steps from here
2. Get event grid topic URL and access keys from event grid topic
3. Create an azure event grid stream in the azure DevOps auditing section and paste the above URL and access key.

Create an Event Grid Topic Subscription

There are multiple options available to create a subscription for an event grid topic in the following demo we will be going to use the bash shell.

1. Log in to the Azure portal https://portal.azure.com.
2. Launch Cloud Shellin the Azure portal and must select bash, all the below commands should be executed in the bash shell.
3. Fetch subscription id from this command and noted down for further use.
   1.  “az account show --subscription "" | jq -r '.id'”
4. We need a resource group and event grid topic name that we noted down when we deployed the azure resources.
5. The webhook endpoint is {siteLink}/api/trigger.
6. In the below command all the variables are repressed by $variableName ($subscriptionId, $resourceGroupName, $myTopicName, $webhookEndpoint) just replace with the values you fetch in the above steps and get executed in the bash shell this will create an event grid topic subscription.

az eventgrid event-subscription create --source-resource-id /

"/subscriptions/$subscriptionId/resourceGroups/$resourceGroupName/providers/Microsoft.EventGrid/topics/$myTopicName" \

 --name demoViewerSub \

 --endpoint $webhookEndpoint

Azure DevOps Audit Logs Viewer

Have a look at your site link https://{siteName}.azurewebsites.net

Today we learned about the event grid custom topic, subscription, and event grid viewer.