Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Microsoft Azure

Preview of Centralized Reporting for Azure Backup

Microsoft has started to address one of the big feature requests for Azure Backup: centralized reporting. A preview has been launched to allow you to centrally visualize and report on your usage of Azure Backup.



Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

Feature Gap

Azure Backup has been with us for a few years now but it is still much younger than many other online backup solutions. There is still a feature gap. I have been promoting Azure Backup with my customers for 3 years. In all that time, the question that always presents, “Can I get a report on successful backups?” Excuse me? Do you mean failed backups? No, they do not mean that. They want to be able to show their internal and external customers that backups are working.

I can go on and on about that line of thinking but the question pointed out something that was missing in Azure Backup. We did not have a means for centrally monitoring and reporting on many sources of backup and cloud (recovery site vault) usage.

Preview Release

Microsoft launched a preview of Azure Backup Reports at the end of June. In this initial release, we can monitor and report on:

  • MARS (referred to as MAB in the user interface) backup jobs
  • Storage usage

We do not have support for but it is on the way:

  • Microsoft Azure Backup Server (MABS) or System Center Data Protection Manager (DPM)
  • Azure virtual machine backups

The Mechanism

The consumption of data in this solution is enabled by Microsoft Power BI. You can consume up to 1GB of data per user by using the free version of Power BI. Each recovery services vault is configured to dump data into an Azure storage account. An Azure Backup “service” (think of it as a packaged template) is imported into your Power BI account. Power BI is configured to consume data from the storage account via an access key and visualize that data in tons of pretty diagrams and reports.

This is a Power BI solution, so it is very customizable:

  • Create your own dashboards
  • Edit your own reports
  • Create email subscriptions
  • Share visualization through websites or SharePoint

Note that you can also export the recovery services vault data to an Event Hub or Log Analytics.

Analyzing Data

There is a ton of data presented via Power BI. Storage is one of the two costs of Azure Backup, so you will want a good grip on how much you are using and how it is trending (growth and retention).

Monitoring the storage consumed by Azure Backup [Image Credit: Microsoft]
Monitoring the Storage Consumed by Azure Backup [Image Credit: Microsoft]

And to answer the age-old question about successful and failed backups, you can get pretty visualizations on that too:

Viewing Azure Backup job health [Image Credit: Microsoft]
Viewing Azure Backup Job Health [Image Credit: Microsoft]

I have gone one step further and created a very simple report on Azure Backup jobs. It shows the machine name, the end state of the backup job, the date, and the time. I have pinned this report to a summary dashboard and I have subscribed to this report via email. This means that I get a report every day to inform me about backup health and I can see this report very quickly in Power BI.

A custom Azure Backup report in Power BI to monitor backup jobs [Image Credit: Aidan Finn]
A Custom Azure Backup Report in Power BI to Monitor Backup Jobs [Image Credit: Aidan Finn]

Microsoft Partners

At first, this solution sounded perfect for Microsoft partners. They often deal with many customers in managed services contracts and are responsible for maintaining backups. Each customer has their own tenant (an Azure AD domain), one or more subscriptions in their own tenant, and one or more recovery services vaults in each subscription. This means that the partner must cross a security boundary (the tenant) to manage each customer. Delegated access to guest admin accounts does so much but the tenant boundary is still there.

The architecture that was used in the first preview release of Azure Backup Reporting is subject to the boundaries of the tenant:

  1. The recovery services vault can only export data to a storage account in the same tenant.
  2. The Azure Backup Power BI service can only consume data from a single storage account.
  3. To monitor 50 customers’ backups, you need to deploy 50 storage accounts. You need one in each customer’s tenant and then create 50 instances of Azure Backup in Power BI.

The result is that there is not a single view of all your customers. You can do some things, such as pinning reports to a single summary dashboard, but this does not scale out beyond 4 or so tenants or customers. The reporting solution as it is now, is not very usable for Microsoft partners, to be quite frank.

The workaround to use Azure Backup Reporting as a partner [Image Credit: Aidan Finn]
The Workaround to Use Azure Backup Reporting as a Partner [Image Credit: Aidan Finn]

It would be better if the recovery services vault exported data to a single storage account via an access key. This would allow the data export to scale beyond the security boundary of a tenant and enable the Microsoft partner to have a single view of all backups.

If this cross-tenant solution is important to you, then you can vote on some feedback.

My idea for cross-tenant support in Azure Backup Reporting [Image Credit: Aidan Finn]
My Idea for Cross-Tenant Support in Azure Backup Reporting [Image Credit: Aidan Finn]


I do not want to end this post on a negative note! The preview release of this solution is great news because we have been waiting for years for centralized monitoring and reporting in Azure Backup. If you are like me, and you are new to Power BI, then this is a great chance to learn something useful. You will find that there are some other useful Azure services that you can use, such as auditing administrator activity in a subscription or auditing sign-in activity in a tenant/Azure AD domain. I think the Azure Backup Reporting solution must solve the multi-tenant problem and sooner rather than later. It needs added support for MABS and Azure virtual machine backups after the tenancy problem, in my opinion. Thankfully, Azure Backup Reporting is off to a good start.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Aidan Finn, Microsoft Most Valuable Professional (MVP), has been working in IT since 1996. He has worked as a consultant and administrator for the likes of Innofactor Norway, Amdahl DMR, Fujitsu, Barclays and Hypo Real Estate Bank International where he dealt with large and complex IT infrastructures and MicroWarehouse Ltd. where he worked with Microsoft partners in the small/medium business space.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: