Skip to content
Blog by Morten Knudsen about Microsoft Security, Azure, M365 & Automation
  • Blog Posts
  • Blog Posts by Category
  • Github Repo
  • Speaks & Events
  • Experts Live Denmark
  • Pictures
    • Pictures Microsoft
    • Pictures Tech Peers
  • About | Morten
    • Contact
    • Disclaimer

Blog by Morten Knudsen about Microsoft Security, Azure, M365 & Automation

  • Blog Posts
  • Blog Posts by Category
  • Github Repo
  • Speaks & Events
  • Experts Live Denmark
  • Pictures
    • Pictures Microsoft
    • Pictures Tech Peers
  • About | Morten
    • Contact
    • Disclaimer

Sentinel

Troubleshooting & Monitoring of Log Ingestion with Data Collection Rules

18/09/202414/09/2024 by Morten Knudsen

As I have outlined in the series of blogs, Azure Logging is based on Data Collection Rules (DCRs) and Azure …

Read more

Tags azure, Loganalytics, Logging, MicrosoftSecurity, security, Sentinel

Optimize Costs using Auxiliary Logs for Verbose Logging

18/09/202414/09/2024 by Morten Knudsen

Today, we use logging for many purposes including security hunting with SIEM (Sentinel), troubleshooting, performance telemetry, compliance reporting – but …

Read more

Tags Auxiliary, azure, cost, Kusto, Loganalytics, Logging, Optimize, Sentinel

Security Copilot Scalable Capacity Management for non-24×7 SOC scenario

10/05/202505/04/2024 by Morten Knudsen

Background Some of my customers are not having 24×7 SOC but still wants to utilize Microsoft Security Copilot during their …

Read more

Re-onboard LogAnalytics to Sentinel, if SecurityInsights solution is deleted by mistake

25/03/2024 by Morten Knudsen

Critical features will break or stop working, if you delete too much in Legacy solutions like SecurityInsights, SQLAdvancedThreatProtection or SQLVulnerabilityAssessment. …

Read more

Collecting DNS events using Azure Monitor Agent

10/08/2023 by Morten Knudsen

This blog will give you insight on how to setup collection of DNS Events from Windows devices using Azure Monitor …

Read more

AzLogDcrIngestPS – tips & tricks sending data via Azure Pipeline, Azure Log Ingestion API, Azure Data Collections into Azure LogAnalytics

10/04/202307/04/2023 by Morten Knudsen

If you are sending data using HTTP Data Collector API (REST) today, you should continue reading, as this API will …

Read more

AzLogDcrIngestPS – how to do data manipulation before sending data via Azure Pipeline, Log ingestion API & Azure Data Collection Rules into Azure LogAnalytics ?

10/04/202307/04/2023 by Morten Knudsen

If you are sending data using HTTP Data Collector API (REST) today, you should continue reading, as this API will …

Read more

Understanding Azure Data Collection Endpoint

03/04/202302/04/2023 by Morten Knudsen

Azure Data Collection Endpoint (DCE) provide a connection for certain data sources of Azure Monitor. This article gives you an …

Read more

“AnyConnector” AzLogDcrIngestPS – your helper to send data via Azure Pipeline, Azure Log Ingestion API & Azure Data Collection Rules into Azure LogAnalytics table

20/04/202302/04/2023 by Morten Knudsen

If you are sending data using HTTP Data Collector API (REST) today, you should continue reading, as this API will …

Read more

ClientInspector – a cool showcase to demonstrate Log ingestion API, Azure Log Ingestion Pipeline, Azure Data Collection Rules and my new Powershell module AzLogDcrIngestPS

10/04/202302/04/2023 by Morten Knudsen

Are you in control? – or are some of your core infrastructure processes like patching, antivirus, bitlocker enablement drifting? Or would you like …

Read more

Older posts
Page1 Page2 Page3 Next →

About | Morten Knudsen

Dual Microsoft MVP (Security & Azure)

Microsoft Certified Trainer

Cloud & Security Architect

Microsoft Sentinel Black Belt

Microsoft Defender Black Belt

Microsoft Cloud Security Influencer

Microsoft Sentinel Influencer

Microsoft Defender for Cloud Influencer

Recent Posts

  • How to authenticate with Windows Hello for Business or FIDO security key in RDP session ?
  • Windows Service Monitoring at Scale using Cloud Native Azure Components
  • Troubleshooting & Monitoring of Log Ingestion with Data Collection Rules
  • Optimize Costs using Auxiliary Logs for Verbose Logging
  • “No Internet access” on Azure VM in new VNET Subnet
Tweets by knudsenmortendk
  • Privacy Policy
  • Terms
  • Contact
© 2025 Blog by Morten Knudsen about Microsoft Security, Azure, M365 & Automation • Built with GeneratePress