update readme

Author: nicolgit

README.md

@@ -50,44 +50,53 @@ Some examples of queries are as follows:
 
 ![chatgpt](images/03-chatgpt.gif)
 
-# Setup a connection with your Azure Firewall
-Azure-Firewall-mon is an open source, [Single Page Application](https://en.wikipedia.org/wiki/Single-page_application), written in [Angular](https://angular.io/) with an [Azure function](https://learn.microsoft.com/en-us/azure/azure-functions/functions-overview) backend written in C# DotNet. 
+# Set up a connection with your Azure Firewall
+Azure-Firewall-mon is an open source, [Single Page Application](https://en.wikipedia.org/wiki/Single-page_application), written in [Angular](https://angular.io/) with an [Azure function](https://learn.microsoft.com/en-us/azure/azure-functions/functions-overview) backend written in C# .NET. 
 
-Here the current architecture:
+Here's the current architecture:
 
 ![architecture](./images/architecture.png)
 
-To use this app with **YOUR data**, you must perform the following steps on your Azure Subscription:
+To use this app with **YOUR FIREWALL data** you have 2 options:
+
+1. Use Azure Firewall mon sample deployment available at <https://az-firewall-mon.duckiesfarm.com> 
+2. Deploy Azure Firewall mon in your environment
+
+The recommended option is number 2, because this way you are 100% sure your logs are not going outside your environment. I suggest you use the public deployment only for testing purposes.
+
+> <https://az-firewall-mon.duckiesfarm.com> uses resources of my subscription (Azure Maps API, Azure OpenAI, Azure Static Web App Standard). These resources have a cost, so consider that I am limiting their cost as much as possible. The result is that the tool can be quite slow. In your deployment, you can dedicate more resources and also have better performance. 
+
+# Use az-firewall-mon sample deployment
+To use this version with your data, you must perform the following steps on your Azure Subscription:
 
 1. Create an Azure Event Hub Namespace
 2. Create an Azure Event Hub inside the namespace, with a `1-day retention` and `1 partition`
-3. Create a Shared Access Policy, with  _Listen_ claim
-4. Create an Azure Map Account
-5. Create an Azure OpenAI Service
-6. Go to OpenAI Studio > Deployments > Create a new deployment using as model `gpt-4o version 2024-05-13`
-7. Open the Azure Firewall instance you want to monitor, go to Monitoring > Diagnostic Settings > Add Diagnostic Settings: 
+3. Create a Shared Access Policy, with _Listen_ claim
+4. Open the Azure Firewall instance you want to monitor, go to Monitoring > Diagnostic Settings > Add Diagnostic Settings: 
 
     - Select _all_ _logs_ and "Stream to Event Hub"
     - Select the Event Hub Namespace and Hub created above
     - click `SAVE`
 
-Lazy engineers can performs steps from 1 to 6 by clicking the following button [![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fnicolgit%2Fazure-firewall-mon%2Fmain%2Fbicep%2Ffirewall-mon-azure-stuff.json) :-)
+If you are a lazy engineer, like me, you can perform all these steps by clicking the following button😊
 
-Now, open <https://az-firewall-mon.duckiesfarm.com/> and do the following:
+[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fnicolgit%2Fazure-firewall-mon%2Fmain%2Fbicep%2Ffirewall-mon-azure-stuff.json)
+
+Open the Azure Firewall instance you want to monitor from Azure portal, go to Monitoring > Diagnostic Settings > Add Diagnostic Settings:
 
-1. copy in the `Event Hub Connection String` field the connection string of the Shared Access Policy created above
-2. copy the corresponding `Event Hub Consumer Group` Name
-3. copy in the `Azure Map Account Shared Key` field the primary or secondary Shared Key of the Azure Map Account created above
-4. copy in the `Azure OpenAi Endpoint` field the enpoint URI for the OpenAI resouce created above
-5. copy in the `Azure OpenAI deployment` field tne name of the deployment created above
-6. copy in the `Azure OpenAI access key` field the primary or secondary Shared Key of the Azure OpenAI account created above
-7. click on `Let's begin`.
+* Select all logs and "Stream to Event Hub"
+* Select the Event Hub Namespace and Hub created above
+* Click SAVE
+
+Now, open <https://az-firewall-mon.duckiesfarm.com/> and do the following:
 
-# Install Azure-firewall-mon in your environment
+1. Copy the connection string of the Shared Access Policy created above into the `Event Hub Connection String` field
+2. Copy the corresponding `Event Hub Consumer Group` name
+3. Click on `Let's begin`.
 
-[@lukemurraynz](https://github.com/lukemurraynz) has written a very detailed blog post on how deploy Azure-Firewall-mon in an Azure Static Web App. If you prefer this approach, have a look at his blog post <https://luke.geek.nz/azure/deploy-azure-firewall-mon-to-a-static-web-app/>
+# Install az-firewall-mon in your environment
 
-> NOTE: `environment.prod.ts` must be updated with your environment information. az-firewall-mon requires an [Application Insights](https://learn.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview) instance to work properly.
+to install az-firewall-mon in your environment, follow this guide. Once the instance is ready and working, you can go back and follow instructions in the [Use az-firewall-mon sample deployment](#use-az-firewall-mon-sample-deployment) section. Just change the URL with the one of your deployment.
 
 # More Information
 

bicep/firewall-mon-azure-stuff.bicep

@@ -1,11 +1,8 @@
-param namespace string = 'fwmonns354526'
+@description('Namespace for the Event Hub')
+param namespace string = 'fwmonns${uniqueString(resourceGroup().id, deployment().name)}'
 param hubname string = 'fwmonhub'
 param sharedkey string = 'fwmonkey'
-param mapAccountName string = 'fwmonflags'
-param openAiAccountName string = 'fwmonaoai'
 param location string = resourceGroup().location
-param locationaoai string = 'swedencentral'
-param fwmonappinsights string = 'fwmonappinsights'
 
 resource eventHubNamespace 'Microsoft.EventHub/namespaces@2017-04-01' = {
   name: namespace
@@ -37,49 +34,4 @@ resource firewallMonHub 'Microsoft.EventHub/namespaces/eventhubs/authorizationRu
   }
 }
 
-resource mapsAccount 'Microsoft.Maps/accounts@2023-06-01' = {
-  name: mapAccountName
-  location: location
-  sku: {
-    name: 'G2'
-  }
-  kind: 'Gen2'
-}
-
-resource openAiService 'Microsoft.CognitiveServices/accounts@2022-03-01' = {
-  name: openAiAccountName
-  location: locationaoai
-  sku: {
-    name: 'S0'
-  }
-  kind: 'OpenAI'
-  properties: {
-    customSubDomainName: openAiAccountName
-    networkAcls: {
-      defaultAction: 'Allow'
-      virtualNetworkRules: []
-      ipRules: []
-    }
-    publicNetworkAccess: 'Enabled'
-  }
-}
-
-resource cognitiveServicesDeployment 'Microsoft.CognitiveServices/accounts/deployments@2024-04-01-preview' = {
-  parent: openAiService
-  name: 'mygpt4'
-  sku: {
-    name: 'Standard'
-    capacity: 2
-  }
-  properties: {
-    model: {
-      format: 'OpenAI'
-      name: 'gpt-4o'
-      version: '2024-05-13'
-    }
-    versionUpgradeOption: 'OnceNewDefaultVersionAvailable'
-    currentCapacity: 2
-    raiPolicyName: 'Microsoft.Default'
-  }
-}
 

bicep/firewall-mon-azure-stuff.json

@@ -4,14 +4,17 @@
   "metadata": {
     "_generator": {
       "name": "bicep",
-      "version": "0.33.93.31351",
-      "templateHash": "8760060908616098772"
+      "version": "0.36.1.42791",
+      "templateHash": "14141912891136746926"
     }
   },
   "parameters": {
     "namespace": {
       "type": "string",
-      "defaultValue": "fwmonns354526"
+      "defaultValue": "[format('fwmonns{0}', uniqueString(resourceGroup().id, deployment().name))]",
+      "metadata": {
+        "description": "Namespace for the Event Hub"
+      }
     },
     "hubname": {
       "type": "string",
@@ -21,25 +24,9 @@
       "type": "string",
       "defaultValue": "fwmonkey"
     },
-    "mapAccountName": {
-      "type": "string",
-      "defaultValue": "fwmonflags"
-    },
-    "openAiAccountName": {
-      "type": "string",
-      "defaultValue": "fwmonaoai"
-    },
     "location": {
       "type": "string",
       "defaultValue": "[resourceGroup().location]"
-    },
-    "locationaoai": {
-      "type": "string",
-      "defaultValue": "swedencentral"
-    },
-    "fwmonappinsights": {
-      "type": "string",
-      "defaultValue": "fwmonappinsights"
     }
   },
   "resources": [
@@ -78,57 +65,6 @@
         "[resourceId('Microsoft.EventHub/namespaces/eventhubs', parameters('namespace'), parameters('hubname'))]",
         "[resourceId('Microsoft.EventHub/namespaces', parameters('namespace'))]"
       ]
-    },
-    {
-      "type": "Microsoft.Maps/accounts",
-      "apiVersion": "2023-06-01",
-      "name": "[parameters('mapAccountName')]",
-      "location": "[parameters('location')]",
-      "sku": {
-        "name": "G2"
-      },
-      "kind": "Gen2"
-    },
-    {
-      "type": "Microsoft.CognitiveServices/accounts",
-      "apiVersion": "2022-03-01",
-      "name": "[parameters('openAiAccountName')]",
-      "location": "[parameters('locationaoai')]",
-      "sku": {
-        "name": "S0"
-      },
-      "kind": "OpenAI",
-      "properties": {
-        "customSubDomainName": "[parameters('openAiAccountName')]",
-        "networkAcls": {
-          "defaultAction": "Allow",
-          "virtualNetworkRules": [],
-          "ipRules": []
-        },
-        "publicNetworkAccess": "Enabled"
-      }
-    },
-    {
-      "type": "Microsoft.CognitiveServices/accounts/deployments",
-      "apiVersion": "2024-04-01-preview",
-      "name": "[format('{0}/{1}', parameters('openAiAccountName'), 'mygpt4')]",
-      "sku": {
-        "name": "Standard",
-        "capacity": 2
-      },
-      "properties": {
-        "model": {
-          "format": "OpenAI",
-          "name": "gpt-4o",
-          "version": "2024-05-13"
-        },
-        "versionUpgradeOption": "OnceNewDefaultVersionAvailable",
-        "currentCapacity": 2,
-        "raiPolicyName": "Microsoft.Default"
-      },
-      "dependsOn": [
-        "[resourceId('Microsoft.CognitiveServices/accounts', parameters('openAiAccountName'))]"
-      ]
     }
   ]
 }