Script: Sentinel Data Lake Table Management
Microsoft Sentinel’s data lake story is quietly powerful: you get fast, 90-day Analytics (Shortterm) for hunting and detections, plus scalable, …
Azure
Tutorial: Integrate AI into your Powershell scripts
I have been playing around with integrating AI into my favorite scripting tool: Powershell. This blog serves as a quick-guide …
Windows Service Monitoring at Scale using Cloud Native Azure Components
Recently, I was challenged to build a scalable, cloud native solution that should be used for monitoring of critical Windows …
Troubleshooting & Monitoring of Log Ingestion with Data Collection Rules
As I have outlined in the series of blogs, Azure Logging is based on Data Collection Rules (DCRs) and Azure …
Optimize Costs using Auxiliary Logs for Verbose Logging
Today, we use logging for many purposes including security hunting with SIEM (Sentinel), troubleshooting, performance telemetry, compliance reporting – but …
Detect Impact MFA Enforcement
You may have noticed that Microsoft will enforce MFA requirement per October 15, 2024 for Azure/Entra/Intune. If this is new …
Azure Monitor alerting with Azure Resource Graph data – using Azure LogAnalytics integration
If you need to get an Azure Monitor alert using Azure Resource Graph data, this can easily be accomplished using …
[issue] Connect-AzAccount : Method not found: System.Threading.Tasks.Task
Error Connect-AzAccount : Method not found: ‘System.Threading.Tasks.Task`1 Azure.Identity.InteractiveBrowserCredential.AuthenticateAsync(Azure.Core.TokenRequestContext, System.Threading.CancellationToken)’.Could not find tenant id for provided tenant domain ‘xxxxxx’. Please ensure …
[issue] Connect-MgGraph : Method not found: ‘System.Action`1 Azure.Identity.IMsalPublicClientInitializerOptions.get_BeforeBuildClient()’.
Cause Old version of Az.Accounts v2.9.1 was being installed on the computer as part of Az.Portal installation, even though newer …
Collecting DNS events using Azure Monitor Agent
This blog will give you insight on how to setup collection of DNS Events from Windows devices using Azure Monitor …