This article is contributed. See the original author and article here.

Currently, the ISE does not provide any alert in case of any events that led to having unhealthy subnet(s)


the provided logic app will call HTTP management endpoint from azure 


How to build the logic app


 


NrO55bdkx8.png


 


the logic app will run periodically and get the content of the endpoint 


 


 


 

https://management.azure.com/subscriptions/../resourceGroups/../providers/Microsoft.Logic/integrationServiceEnvironments/../health/network?api-version=2018-07-01-preview

 


 


 


I am using the action HTTP with Azure AD


A8CkNOzQAH.png


the action will get a JSON content that shows the net health status 


 


 


 

{
  "CSS-ISE-Sub4": {
    "networkDependencyHealthState": "Healthy",
    "outboundNetworkDependencies": [
      {
        "category": "AzureStorage",
        "displayName": "Azure Storage",
        "endpoints": [
          {
            "domainName": "bvzkkzolbtymq00by.blob.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "bvzkkzolbtymq00by.queue.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "bvzkkzolbtymq00by.table.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "bvzkkzolbtymqregby.blob.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "bvzkkzolbtymqregby.queue.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "bvzkkzolbtymqregby.table.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "bvzkkzolbtymqaftsby.blob.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "bvzkkzolbtymqaftsby.queue.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "bvzkkzolbtymqaftsby.table.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "AzureActiveDirectory",
        "displayName": "Azure Active Directory",
        "endpoints": [
          {
            "domainName": "graph.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "SSLCertificateVerification",
        "displayName": "SSL Certificate Verification",
        "endpoints": [
          {
            "domainName": "ocsp.msocsp.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "mscrl.microsoft.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "crl.microsoft.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "www.microsoft.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "crl3.digicert.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "ocsp.digicert.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "cacerts.digicert.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "www.thawte.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "DiagnosticLogsAndMetrics",
        "displayName": "Diagnostic Logs And Metrics",
        "endpoints": [
          {
            "domainName": "az-prod.metrics.nsatc.net",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "IntegrationServiceEnvironmentConnectors",
        "displayName": "Integration Service Environment Connectors",
        "endpoints": [
          {
            "domainName": "flow-bvzkkzolbtymq-by-apim-runtime.westus.environments.microsoftazurelogicapps.net",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          }
        ]
      }
    ],
    "outboundNetworkHealth": {
      "state": "Healthy"
    }
  },
  "CSS-ISE-Sub2": {
    "networkDependencyHealthState": "Healthy",
    "outboundNetworkDependencies": [
      {
        "category": "SQL",
        "displayName": "SQL",
        "endpoints": [
          {
            "domainName": "apirpsql2ez4bajpcjjlkmaa.database.windows.net",
            "ports": [
              "1443"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "RecoveryService",
        "displayName": "Recovery Service",
        "endpoints": [
          {
            "domainName": "https://global.metrics.nsatc.net/",
            "ports": [
              "1886"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "RecoveryService",
        "displayName": "Recovery Service",
        "endpoints": [
          {
            "domainName": "https://prod3.metrics.nsatc.net:1886/RecoveryService",
            "ports": [
              "1886"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "AzureStorage",
        "displayName": "Azure Storage",
        "endpoints": [
          {
            "domainName": "apimstufsse40dnm8wl2aozs.blob.core.windows.net",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "apimstufsse40dnm8wl2aozs.file.core.windows.net",
            "ports": [
              "445"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "apimstufsse40dnm8wl2aozs.queue.core.windows.net",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "apimstufsse40dnm8wl2aozs.table.core.windows.net",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "gcs.prod.monitoring.core.windows.net",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          }
        ]
      }
    ],
    "outboundNetworkHealth": {
      "state": "Healthy"
    }
  },
  "CSS-ISE-Sub3": {
    "networkDependencyHealthState": "Healthy",
    "outboundNetworkDependencies": [
      {
        "category": "AzureStorage",
        "displayName": "Azure Storage",
        "endpoints": [
          {
            "domainName": "blob.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "queue.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "table.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "file.core.windows.net",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "SQL",
        "displayName": "Azure SQL Database",
        "endpoints": [
          {
            "domainName": "database.windows.net",
            "ports": [
              "1433"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "AzureManagement",
        "displayName": "Azure Management",
        "endpoints": [
          {
            "domainName": "management.core.windows.net",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "admin.core.windows.net",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "management.azure.com",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "AzureActiveDirectory",
        "displayName": "Azure Active Directory",
        "endpoints": [
          {
            "domainName": "graph.windows.net",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "RegionalService",
        "displayName": "Regional Service",
        "endpoints": [
          {
            "domainName": "gr-prod-bay.cloudapp.net",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "az-prod.metrics.nsatc.net",
            "ports": [
              "443"
            ],
            "accessibility": "Available"
          }
        ]
      },
      {
        "category": "SSLCertificateVerification",
        "displayName": "SSL Certificate Verification",
        "endpoints": [
          {
            "domainName": "ocsp.msocsp.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "mscrl.microsoft.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "crl.microsoft.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "www.microsoft.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "crl3.digicert.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "ocsp.digicert.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "cacerts.digicert.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          },
          {
            "domainName": "www.thawte.com",
            "ports": [
              "80",
              "443"
            ],
            "accessibility": "Available"
          }
        ]
      }
    ],
    "outboundNetworkHealth": {
      "state": "Healthy"
    }
  }
}

 


 


 


lots of information can be obtained from this JSON but we will be only interested in networkDependencyHealthState


 


After parsing the JSON we need to check the health of the three subnets 


 


 

 


 


 

{
  "and": [
    {
      "equals": [
        "@concat(body('Parse_JSON')?['CSS-ISE-Sub2']?['networkDependencyHealthState'],body('Parse_JSON')?['CSS-ISE-Sub3']?['networkDependencyHealthState'],body('Parse_JSON')?['CSS-ISE-Sub4']?['networkDependencyHealthState'])",
        "HealthyHealthyHealthy"
      ]
    }
  ]
}

 


 


 


you can use multiple “Ands” as well 


BTW parsing the JSON  is not necessary 


 


Last step


the last step will be sending an email and terminate the flow 


 

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

%d bloggers like this: