Azure Front Door Integration
Global routing metrics, WAF events, and origin health monitoring for Azure Front Door. Detect origin degradation and attack traffic patterns before they impact global users.
How It Works
Assign Monitoring Reader Role
Grant the TigerOps Service Principal the Monitoring Reader role on your Front Door profile resource group. TigerOps pulls routing, cache, and WAF metrics from Azure Monitor without needing Front Door configuration access.
Enable Diagnostic Settings
Configure Diagnostic Settings on your Front Door profile to stream FrontDoorAccessLog, FrontDoorWebApplicationFirewallLog, and AllMetrics to a Log Analytics workspace.
Map Origins and Routes
List your origin groups and routes in TigerOps. The integration correlates routing metrics with origin health probes and surfaces origin groups with degraded backend availability.
Configure WAF Alerting
Set WAF block rate and anomaly score thresholds. TigerOps fires alerts on WAF attack pattern spikes and correlates them with origin health to distinguish between attacks and legitimate traffic.
What You Get Out of the Box
Global Request Routing Metrics
Total request count, request latency, and cache hit ratio per routing rule, origin group, and PoP location. Understand how Front Door distributes traffic globally and identify routing rule misconfigurations.
WAF Event Monitoring
WAF block rates, allow rates, and matched rule counts per WAF policy. Drill into attack pattern breakdowns — SQL injection, XSS, bot traffic — surfaced from FrontDoorWebApplicationFirewallLog.
Origin Health Tracking
Health probe success rates and latency per origin, origin group availability percentage, and failover event history. Detect unhealthy origins before Front Door routes user traffic to them.
Cache Performance
Cache hit ratio, byte hit ratio, and cache status breakdown (HIT, MISS, BYPASS, EXPIRED) per route. Identify routes with low cache efficiency that are increasing origin load and latency.
Error Rate Analysis
HTTP 4xx and 5xx error rates per route, origin, and PoP. Distinguish between client errors, origin errors, and Front Door-generated errors to pinpoint where failures originate.
AI Traffic Anomaly Detection
TigerOps AI baselines your Front Door request patterns per PoP and route. Unusual traffic surges, geographic attack patterns, or sudden origin health degradation are flagged with contextual alerts.
Front Door Diagnostic Settings
Stream access logs, WAF logs, and metrics to Log Analytics for complete Front Door observability in TigerOps.
#!/bin/bash
# TigerOps — Azure Front Door integration setup
AFD_PROFILE="my-frontdoor-profile"
RESOURCE_GROUP="my-resource-group"
WORKSPACE_ID="/subscriptions/${SUBSCRIPTION_ID}/resourceGroups/${RESOURCE_GROUP}/providers/Microsoft.OperationalInsights/workspaces/tigerops-workspace"
AFD_RESOURCE="/subscriptions/${SUBSCRIPTION_ID}/resourceGroups/${RESOURCE_GROUP}/providers/Microsoft.Cdn/profiles/${AFD_PROFILE}"
# Enable diagnostic settings for Front Door (Standard/Premium)
az monitor diagnostic-settings create \
--name tigerops-frontdoor \
--resource "${AFD_RESOURCE}" \
--workspace "${WORKSPACE_ID}" \
--metrics '[{"category":"AllMetrics","enabled":true}]' \
--logs '[
{"category":"FrontDoorAccessLog", "enabled":true},
{"category":"FrontDoorWebApplicationFirewallLog", "enabled":true},
{"category":"FrontDoorHealthProbeLog", "enabled":true}
]'
echo "Front Door diagnostics enabled for profile: ${AFD_PROFILE}"
echo "WAF and routing events will appear in TigerOps within 5 minutes"Common Questions
Does TigerOps support both Azure Front Door Standard and Premium tiers?
Yes. TigerOps monitors both Standard and Premium tiers. Premium tier WAF metrics including managed rule set events, bot protection events, and private link origin health are tracked with additional detail in TigerOps.
How does TigerOps monitor WAF events without causing alert fatigue?
TigerOps uses baseline-aware alerting for WAF events. Instead of alerting on every blocked request, it alerts when the block rate significantly deviates from the recent baseline or when a specific attack pattern reaches a count threshold you configure.
Can TigerOps detect when an origin group is fully degraded?
Yes. TigerOps monitors origin health probe success rates from the FrontDoorHealthProbeLog. When all origins in a group fail health checks, TigerOps fires a critical alert immediately — before Front Door starts serving error responses to users.
Does TigerOps track Front Door custom domain performance separately?
Yes. Requests are segmented by the host header in FrontDoorAccessLog, allowing TigerOps to show per-domain request rates, latency, and error rates when you host multiple custom domains on a single Front Door profile.
How does TigerOps correlate Front Door metrics with origin service metrics?
When TigerOps is also monitoring your origin services such as Azure App Service or AKS, it automatically links Front Door origin health degradation events with corresponding CPU, memory, or error rate spikes on the origin, giving you the full picture in one incident.
Protect and Optimize Your Global Traffic Delivery
Routing metrics, WAF event monitoring, and origin health tracking for Azure Front Door. Connect in 5 minutes.