All my scripts are hosted on GitHub and available at https://github.com/KnudsenMorten
ClientInspector | Are you in control? – or are some of your core infrastructure processes like patching, antivirus, bitlocker enablement drifting? Or would you like to do advanced inventory, where you can lookup your warranty state against Lenovo or Dell warranty, then keep reading. Check out ClientInspector, which can help you get great insight to your complete client environment. ClientInspector is free to the community – built to be a cool showcase of how you can bring back data from your clients using Azure Log Ingestion Pipeline, Azure Data Collection Rules, Azure LogAnalytics; view them with Azure Monitor & Azure Dashboards – and get “drift-alerts” using Microsoft Sentinel. |
ClientInspector-DeploymentKit | The purpose of this repository is to provide everything needed to deploy a complete environment for ClientInspector (Github) |
AzLogDcringestPS | This module can ease the steps, if you want to send any data to Azure LogAnalytics custom logs (v2) – using the new features of Azure Log Ingestion Pipeline, Azure Data Colection Rules & Log Ingestion API. |
AzLogDcrIngestPS (PsGallery) | Latest version of AzLogDcrIngestPS in Powershell Gallery |
AzureLogLibrary | Repository used for Azure logging with ARM-templates, scripts, documentation to deploy DCRs, extensions, etc |
AzLogDcringestPSLogHub | Solution that acts as an intermediate hub for “no internet connected” endpoints or incompliant endpoints, where you will be sending data using Azure Pipeline/Log Ingestion API |
Azure-Recommendations-Get-In-Control | Automate Reporting of Defender for Cloud recommendations & Role Assignments with 35 different views |
Sentinel_Alert_Rule_Management | Automates alert rule management in Sentinel |
AzureCustomScriptsExtensionAsRecurringJob | Run Azure Custom Script extension as recurring job |
AzureAAD-ManagedId-RoleAssignmentsCleanupOrphanedAccounts | AzureAAD ManagedId RoleAssignments inheritance & Cleanup Orphaned Accounts |
BlockBannedIPsWithAbuseIPDBIntegrationPaloAlto | Sample of how to block banned IPs using Loganalytics data and AbuseIPDB integration |
ActiveDirectory_Password_Overview_using_DSInternals | Get an overview of the AD passwords in the domain using DSInternals |
Azure_LogAnalytics_Data_Transformation | Scripts for making data transformations using Data Collection Rules |
UseADXForLongtermLogBackup | Steps to use Azure Data Explorer (ADX) and Azure Data Factory for longterm backup of LogAnalytics data |
DefenderForCloud_MigrateFromQualysToMdeTvm | MDC migration to MdeTvm from Qualys |