Using Operations Management Suite to detect RDP access attempts

The malicious IP detection functionality of OMS can not only detect the outgoing communication from your Azure VM to a malicious target.

-> http://blogs.technet.com/b/momteam/archive/2015/09/10/find-out-if-your-servers-are-talking-to-a-malicious-ip-address-with-operations-management-suite.aspx

It can also detect incoming connection attempts to your Azure VMs. For example you would like to know who tries to access your Azure VM via RDP. Then you should give OMS with the Security & Audit solution a try.

In combination with the Alerting Preview you can get informed automatically when someone tries to access your Azure VM via RDP.

-> http://blogs.technet.com/b/momteam/archive/2015/12/02/announcing-the-oms-alerting-public-preview.aspx