Forum Discussion
We had the same requirement and found that the built-in version will only show secrets and certs that were just about to expire. We wanted the confidence that it was actually able to pull in the expiry of the secrets/certs we needed to monitor and also wanted to control which secrets/certs it was monitoring.
In the majority of cases, we only want LogicMonitor to monitor the secret that it is using itself. We've used a modified version of the datasource that Mike Moniz linked to. Our version uses the azure.clientid, azure.secretkey and azure.tenantid for credentials. It also specifically queries the MS Graph API just for the secrets associated with the clientid stored in azure.clientid - so we're only monitoring the secret we use in LM.
Not all of our customers have collectors, especially if they are just monitoring Azure, so we have a pair of collectors that we use to run things like this. You have to set the default collector on the "XXXX - Account" item (the one that's right on the bottom of the resource groups under an Azure Cloud Account) and then you can use your own custom modules.
Dave