Collecting Syslogs using Azure Monitor Agent
This blog will give you insight on how to setup collection of syslogs using Linux forwader server using Azure Monitor …
Azure LogAnalytics
Tutorial – How to make data transformations using Data Collection Rules?
This section will show you the steps for setting up data transformations – and how you can do the transformation …
Master Azure Logging in depth
I am really passioned about the logging capabilities in M365 Defender and Azure with the power to bring data back from clients, servers, cloud and …
How to save $$$ by storing your Syslog and Defender for Endpoint long-term logs in Azure Data Explorer cluster using Azure Data Factory and Azure Storage Account export – while keeping Kusto query functionalities ?
This blog is about keeping long-term Sentinel logs, giving you insight to the options today – with great opportunities to …
Real example with 43% cost savings on Sentinel log-costs: How to exclude Syslog log-events from banned IPs using AbuseIPDB-service with integration to firewalls
This is a real-life example of how I helped reduce the log-cost by 43% for LogAnalytics & Sentinel combined for …
How to detect File Deletions using Audit-data (SecurityEvent) & Azure LogAnalytics ?
Recently I was asked to provide a solution to detect file deletions on a file server in a sensitive folder …
How to do data transformation with Azure LogAnalytics – to enrich information, optimize cost, remove sensitive data?
One of the cool features in Azure LogAnalytics is the capability to do data-transformation before the data enters your LogAnalytics …