# Settings This article covers the different tabs of the **Cloud Insights > Settings** section. {% hint style="info" %} Some screens within Cloud Insights combine the data of multiple cloud providers, allowing you to filter by cloud provider, while others separate the cloud provider data into tabs. **Cloud Insights > Views**, for example, is combined while **Cloud Insights > Inventory** is tabbed. On the **Settings** screens, **FPS Monitoring** and **Integration Logs** are combined while **Tags Management** and **Integration Policies** are tabbed. Where customers have set up Cloud Insights for both AWS and Azure, ThousandEyes distinguishes between the cloud environments as different tabs in the screens that are tabbed. Where customers have set up Cloud Insights for only one cloud environment, ThousandEyes does not separate these screens into tabs. {% endhint %} ## FPS Monitoring {% hint style="info" %} Both Cloud Insights and Traffic Insights use FPS monitoring, where the functionality is similar, but for which the metrics are subtly different. Cloud Insights measures flow *log records* per second, as measured for the purposes of cloud traffic in the likes of AWS and Azure, while Traffic Insights measures flow *records* per second using NetFlow v9 and IPFIX standards. See [Network Flow Record Requirements](https://docs.thousandeyes.com/product-documentation/traffic-insights/traffic-insights-system-requirements#network-flow-record-requirements) for more information about NetFlow v9 and IPFIX standards within Traffic Insights. {% endhint %} **FPS Monitoring** lets you monitor flow log records per second (FPS) and adjust FPS limits and unit consumption. The visual timeline graph reports the 95th percentile of FPS (see [Peak Vs. 95th Percentile](https://docs.thousandeyes.com/product-documentation/traffic-insights/traffic-insights-fps-monitoring#peak-vs-95th-percentile) for more information), highlighting any spikes and consumption overages. The table underneath the timeline provides details that align with points on the timeline graph. The top of the page shows three tiles: the number of days you have been above your FPS limit, the recommended limit based on your recent usage, and your current FPS limit. ![FPS Monitoring Screen](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-e205096ab686bcd1fe2dac9113c4f5a8d3e34c0a%2Fcloud-insights-fps-monitoring.png?alt=media) ### Flow Log Records Per Second (FPS) FPS is a rate ThousandEyes calculates based on the number of flow log records being created in the configured storage service. In the case of AWS, for example, FPS is calculated using the files created and processed in the S3 bucket for the AWS account configured to integrate with ThousandEyes Cloud Insights. The flow log records are read in at the rate your cloud service provider is creating them. The process for how ThousandEyes uses flow log records in AWS is as follows: 1. AWS sends the VPC flow log record to the S3 bucket. 2. S3 bucket service sends a notification to SNS topic. 3. ThousandEyes receives a notification from SNS. 4. The ThousandEyes AWS integration pulls in the flow log record from the S3 bucket and processes the entries on the flow log file. {% hint style="info" %} You may incur some marginal costs to your AWS account or Azure Subscription to create, store, and transfer flow logs to ThousandEyes. {% endhint %} ### Cloud Insights FPS Limit #### Overages Setting your FPS limit and managing overages works the same way in Cloud Insights as for Traffic Insights. See [FPS Limit](https://docs.thousandeyes.com/product-documentation/traffic-insights/traffic-insights-fps-monitoring#fps-limit) in the Traffic Insights article for more information. The key difference is in how you lower your FPS rate as opposed to increasing your FPS limit. To decrease your FPS rate in Cloud Insights, you can decrease the number of specific resource groups, regions, or subscriptions you want ThousandEyes to analyze flow logs for. Use the **Integration Policies** tab to select where ThousandEyes should pull flow logs from. For more information, see [Integration Policies](#integration-policies). ## Tags Management The **Tags Management** tab lists your cloud provider tags. Select up to 5 tags to use as filters in **Cloud Insights > Views**. ![List of tags in Tags Management tab](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-b0014fdff60b6acfa93233a6105a3403fae9c0f4%2Fcloudinsights-settings-aws-tags-list.png?alt=media) ![Using the tag "Environment" as a filter in Cloud Insights > Views](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-45fdeb1fb6f09f4d69643098c45f666019da3816%2Fcloudinsights-settings-aws-tags-views.png?alt=media) ## Integration Logs The **Integration Logs** tab tracks the status of retrieving data via your cloud provider integration. Warnings and errors are logged every minute until the issue is no longer occurring. ![Integration Logs tab showing error messages](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-52bd2d73bda507ceefd28f0bc6b5e2e941dd2ee7%2Fcloud-insights-settings-integration-logs.png?alt=media) To troubleshoot a logged event, click on the **>** at the end of the row. This opens up the **Log Details** side panel where you can find more details about the error. ![Integration Log error details](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-50cad2a15bc87286677affe641760cb9ba8fc0da%2Fcloud-insights-settings-integration-logs-error-details.png?alt=media) Click the **Show More** link to drill further into the details of the logged event. ## Integration Policies The **Integration Policies** section allows you to configure which resources Cloud Insights monitors from your cloud providers, such as AWS and Azure. By defining specific resource types and subscription rules, you gain granular control over the data collected, helping to optimize monitoring and avoid unnecessary permissions warnings. ## AWS Integration Policies The **AWS** tab under **Integration Policies** allows you to choose the AWS resource groups and regions you want Cloud Insights to collect inventory and flow logs for. Enabling a resource group determines which network assets are imported from AWS. By default, all network elements are imported. To enable or restrict a resource group or region, click the **Edit** button in the upper right-hand corner and select the checkbox next to the resource or region name. Unchecked items are skipped. ![Cloud Insights AWS Integration Policies tab](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-06194d1e36c3d3b38da0183530a74283c0a88a82%2Fcloud-insights-integration-policies.png?alt=media) Click **Save Changes** to save your changes. ## Azure Integration Policies The **Azure** tab under **Integration Policies** allows you to define which Azure resource types and subscriptions Cloud Insights monitors. This provides flexibility to collect inventory only for the resources and subscriptions relevant to your monitoring needs. Unlike AWS, the Azure API automatically provides a list of active regions, so you do not need to specify regions for monitoring. A single Azure integration can also correspond to multiple Azure subscriptions. The Azure Integration Policies page is divided into the following sections: **Enabled Resource Types**, **Subscription Rules**, and the **Subscription List**. ![Enabled Resource Types and Subscription Rules Sections on the Azure Integration Policies page](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-a778ec1285912c84b2a436db4322efd4125861c0%2Fcloudinsights_integration-status_azure.png?alt=media) ### Azure Enabled Resource Types This section allows you to select the specific types of Azure resources that Cloud Insights should monitor. By default, all supported resource types are enabled. Deselecting a resource type prevents Cloud Insights from collecting inventory for that type, which can help avoid generating unnecessary permissions warnings if your Cloud Insights integration does not have permissions for certain resource types. The available resource types include: * **Networking (Mandatory):** Includes NICs, Public IPs, VNets, NAT gateways, resource groups, routing tables, VNet peering, VNet gateways, and VNet gateway connections. This category is mandatory for monitoring. * **VM, VMSS, Kubernetes:** Includes Virtual Machines, Virtual Machine Scale Sets, and Kubernetes resources. * **Bastion, Private Endpoint:** Includes Azure Bastion and Private Endpoints. * **Load Balancers, Application Gateways:** Includes Load Balancers and Application Gateways. * **Security:** Includes Security groups (NSG and ASG) and firewalls. * **Azure Front Door (AFD):** Includes Standard Azure Front Door, classic Azure Front Door, Azure Storage, and WAF policies. * **ExpressRoute:** Includes ExpressRoute circuits. * **Virtual WAN:** Includes Virtual WAN and Virtual Hub. * **Traffic Manager:** Includes Azure Traffic Manager. To enable or disable a resource type, select or clear the checkbox next to its name in the **Enabled Resource Types** list. ### Azure Subscription Rules This section allows you to control which Azure subscriptions Cloud Insights monitors. You can define a set of rules to include or exclude subscriptions based on their names or IDs. These rules are processed sequentially, and the first matching rule applies. The **Subscription Rules** section supports the following functionalities: * **Create Rule:** Add a new rule to include or exclude subscriptions. * **Rule Order:** Rules are applied from top to bottom. You can reorder rules to change their precedence. * **Pattern Matching:** Use **Java regular expressions (regex)** in the pattern field to match subscription names or IDs. For more information on the supported syntax, see the [Java Pattern class documentation](https://docs.oracle.com/javase/8/docs/api/java/util/regex/Pattern.html). For example, `production-.*` matches all subscriptions starting with "production-". * **Include/Exclude Action:** Each rule specifies whether to `Include` (allow) or `Exclude` (block) subscriptions that match its pattern. * **Set Default for Remaining Subscriptions:** This setting defines the action for any subscriptions that do not match any of the defined rules. You must explicitly set this to either `Include` (allow all remaining) or `Exclude` (block all remaining). This ensures that all subscriptions are accounted for. #### Common Azure Subscription Rule Scenarios Here are examples of how to configure subscription rules for common use cases: 1. **Allow all subscriptions (default behavior):** * Set the default action to **Include**. No specific rules are needed. 2. **Allow specific subscriptions (e.g., `s1`, `id2`, `s3`):** * Add rules to `Include` each specific subscription by name or ID. * Set the default action to **Exclude**. * *Example:* * `Include s1` * `Include id2` * `Include s3` * `Set Default for Remaining Subscriptions: Exclude` 3. **Allow all subscriptions except those with a specific prefix (e.g., `development-`):** * Add a rule to `Exclude` the pattern `development-.*`. * Set the default action to **Include**. * *Example:* * `Exclude development-.*` * `Set Default for Remaining Subscriptions: Include` 4. **Block all subscriptions except specific ones (e.g., `production-.*`, `qa-.*`, and `userX`):** * Add rules to `Include` the patterns `production-.*`, `qa-.*`, and `userX.*`. * Set the default action to **Exclude**. * *Example:* * `Include production-.*` * `Include qa-.*` * `Include userX.*` * `Set Default for Remaining Subscriptions: Exclude` ### Azure Subscription List Below the configuration sections, the subscription list displays all Azure subscriptions discovered by Cloud Insights for your integrated tenants. This table provides a real-time overview of each subscription's status, helping you verify the impact of your subscription rules and monitor the health of each integration. ![Subscription List Section on the Azure Integration Policies Page](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-331ea463ac2b946101a36741b85ee32e44d260f2%2Fcloudinsights_integration-status_azure_subscription-list.png?alt=media) You can use the **Search** bar to find specific subscriptions by name or ID. You can also filter the list using the **Inclusion Status** and **Integration Status** drop-down menus to narrow down the results. The subscription list includes the following columns: * **Subscription Name:** The display name of the Azure subscription. * **Subscription ID:** The unique identifier for the Azure subscription. * **Inclusion Status:** Indicates whether the subscription is being monitored (`Included`) or ignored (`Excluded`) based on the **Subscription Rules** you have configured. * **Integration Name:** The name of the Cloud Insights integration that discovered the subscription. * **Integration Status:** The current operational status of the integration for this subscription (for example, `Active`). * **Integration Status Reason:** Provides additional details about the integration status, such as confirmation of successful creation or error messages. * **Monitored Assets:** The total number of monitored assets within the subscription. #### How Azure Integration Status is Updated Cloud Insights logs messages related to subscription status: * When a new subscription is added, the log reports whether it is blocked by the subscription selection rules. * Every 24 hours, a log message reports the list of all active and blocked subscriptions. ## Events Configuration Events configuration allows you to control which inventory events are displayed across Cloud Insights. Because cloud providers frequently trigger automatic changes — such as autoscaling activity on interfaces, target groups, and instances — your event timeline can quickly become crowded. With events configuration, you can define rules to hide specific types of events, reducing noise and helping you focus on what matters most. {% hint style="info" %} Hidden events are not deleted. They are still stored but do not appear in the UI. {% endhint %} ### Understanding Event Types When configuring your rules, you work with two categories of inventory events: * **Configuration changes** — Changes that require an API call to modify a resource's configuration. These can be triggered manually or by an automated process. * **Operational changes** — Changes to fields controlled by the cloud provider rather than by you, such as status or state fields (for example, *connected*, *deploying*, *terminating*). ### Accessing Events Configuration You can access events configuration in two ways: 1. Navigate to **Cloud Insights > Settings** and select the **Events Configuration** tab. 2. From the **Events Table** on either **Cloud Insights > Inventory** or **Cloud Insights > Views**, locate an event you want to hide. * From the ellipsis (...) menu at the end of that event's row, select **Hide similar events**. * You are taken directly to the **Events Configuration** screen with the **+ Add Rule** sidebar pre-populated with that event's data. ### Default Rules When your Cloud Insights inventory integration is first set up, rules relating to hiding each cloud provider's interface events are added and enabled by default. Interface events are typically generated in high volumes by automatic cloud provider processes such as autoscaling, which can generate unnecessary noise. See [Managing Existing Rules](#managing-existing-rules) for information about disabling or deleting these default rules. ### Adding Custom Rules To hide additional event types, click **+ Add Rule**. A sidebar opens where you can define the rule. All fields in the sidebar are required. When defining a rule, you can specify: * **Provider** (for example, AWS or Azure). * **Scope** (for example, target groups or instances). * **Event type** (for example, added or configuration change) **Note:** You can define a maximum of 20 rules per account. #### Global Application Once saved, the rule applies across Cloud Insights. Rules you define affect all users in your account. Events matching your rule are hidden in both **Inventory** and **Views** screens: * On the events timeline. * In the events chart. * In search results. If you hide events for a particular resource type, while those events do not appear anywhere in the UI, you can still see the resource type itself in the UI; it is only the associated events that are hidden. ### Managing Existing Rules From the **Events Configuration** screen, you can view all rules configured for your account, which you can narrow by the search or filter function. For each rule, including default rules, you have the option to: * **Disable** the rule to temporarily stop hiding those events without losing the rule configuration. * **Delete** the rule to permanently remove it and restore visibility of those events. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.thousandeyes.com/product-documentation/cloud-insights/settings.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.