Forum Discussion
MS Defender Azure Arc Logic App
What is the best procedure for configuring a Logic App for Microsoft Defender in an Azure Arc environment?
We had a very unexpected experience during onboarding—after configuring the Logic App, we missed setting a cap, and within a week, it consumed over $18K USD. I believe there must be a way to fine-tune the configuration to optimize costs.
From my perspective, no organization would adopt an environment with such high costs for Microsoft Defender Plan 2 without better cost control measures in place. Could you suggest best practices or optimizations to prevent such excessive consumption?
Hi Salamat,
The Logic App generated $18k in utilization costs?
At $0.0.000025 per action, that would take 400 million actions, yes?
What was it doing?
Or are you saying that's the total P2 costs including Defender for cloud resources ($5/resource), Defender for Server deployment, etc.
My approach to Defender for Server is:
- Use the Defender for Server cost calculation workbook to 'simulate' your expected costs.
- Deploy Defender for Cloud on your resources (i.e. the CSPM part...)
- Deploy Defender for Cloud workload protections (i.e. the CWPP part..)
- Monitor costs daily/weekly until deployment is complete.
And as you suggested, setting cost alerts/caps is a great idea.
