0
AzureTracks.com investigate using KQL and find deleted or hidden log entries.

Unveil Delete Operations in Azure using KQL

In this blog post, we’ll explore how to wield the mighty KQL to uncover those elusive “delete” actions within your Azure environment. Whether you’re a seasoned cloud explorer or just dipping your toes into the Azure waters, this guide will equip you with the knowledge to track down those vanishing resources.

Posted on 6:58 am
0
AzureTracks.com - Azure news, blog, help, security and infrastructure updates about Azure.

Azure Updates – Number 91 – June 1, 2024

A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.

Posted on 9:31 am
0
AzureTracks mascot wearing a blindfold hoping that Sentinel health is still under control!

Monitor Sentinel Data Connector Health – Alerting

Join me in taking a look at exploring Sentinel health data and using KQL to create an alert rule that tells our SOC team about data connector issues in Sentinel. This post walks through the KQL queries, exploring your data, and creating an alerting rule. Monitoring is an important part of good governance in Sentinel!

Posted on 6:52 am
0
AzureTracks.com - Azure news, blog, help, security and infrastructure updates about Azure.

Azure Updates – Number 90 – May 18, 2024

A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.

Posted on 9:00 am
0
AzureTracks mascot wearing a blindfold hoping that Sentinel health is still under control!

Monitor Sentinel Data Connector Health

There is more than one way to monitor most Azure infrastructure and data connectors are no exception. Today we look at creating a way to keep an eye on your data connectors operations in Sentinel, using Sentinel. Join me for a few minutes as we explore one of the important best practices in Microsoft Sentinel – health monitoring.

Posted on 7:05 am
0
AzureTracks.com - Azure news, blog, help, security and infrastructure updates about Azure.

Azure Updates – Number 89 – May 4, 2024

A summary update on Azure news that includes updates released from Microsoft Azure related to Azure, Architecture, Compute, Security Copilot and Sentinel topics. Save time digging around to find recent releases and changes.

Posted on 10:56 am
0
AzureTracks.com Microsoft Sentinel Health Check

How to Check the Health State of Microsoft Sentinel

Now that you have it deployed and collecting data, how to you monitor the health state of all the connectors and rules? One of the challenges with Sentinel is that this is often overlooked and data connectors can go days or weeks missing valuable logs without detection. In this post, we look at how to make your data collection more robust and create a way to tell you about broken tooling.

Posted on 7:05 am
0
AzureTracks.com drawing up Azure Lighthouse plans for Deploying Microsoft Sentinel to multiple tenants and customers.

Azure Lighthouse & Sentinel – Better Together

Want to learn more about actually creating an offer with Azure Lighthouse? Today’s post walks through the details of creating an offer template, importing that template, and how to make sure you are setup for success on both sides of that relationship! Join me as we explore Lighthouse & Sentinel – It’s Better Together!

Posted on 7:16 am