Real world business tracks leading towards Azure Services
Join me as I explore getting started with threat hunting using Microsoft Sentinel and KQL to jump-start our investigations. We will dive into a world where we look for anomalies in the data and try to identify potential threats before they can escalate within our environment.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
In this post we take a look at using KQL to observe machine status of Azure Arc managed machines. We will look at a couple of examples of how to create some helpful queries and then using those to enable monitoring in Microsoft Sentinel. As organizations adopt a more cloud-centric management model, it is becoming more common to see machines through Azure Arc, but also our Sentinel log collectors via Azure Monitor Agent are deployed using Azure Arc agent; so we need to make sure we can keep tabs on our log collectors and other servers easily.
A summary update on Azure News that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, and Sentinel topics. Every update is linked to it’s original Microsoft Azure, Microsoft Sentinel or other blog source. Hopefully this will save you some time digging around to find recent releases and changes.
In this post, I explore using Azure Dashboard to help summarize Sentinel reporting and to provide an enhanced method for non-technical users to understand the current incidents in Microsoft Sentinel. We will look at creating Azure Dashboards, KQL queries, displaying data in a meaningful way, and how to grant users permission to see the dashboard.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
Today, we embark on a thrilling quest through the Azure cosmos to uncover the secrets of failed create operations using Kusto Query Language (KQL). This quick post will equip you with the knowledge to track down those elusive “create” mishaps and help find clues behind these operations quickly.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
In this blog post, we’ll explore how to wield the mighty KQL to uncover those elusive “delete” actions within your Azure environment. Whether you’re a seasoned cloud explorer or just dipping your toes into the Azure waters, this guide will equip you with the knowledge to track down those vanishing resources.
A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.
