Cloud Blog

Management, Automation and Security

Hot weather. Cool PowerShell Module.

The unusual hot weather seems to go on and on in Denmark. 31 Celsius today! And we have already had 55 summer day this year, compared to 13 all last year. No rain at all, which has an impact on the color of the grass – and the country. As mentioned in my last article, Read more about Hot weather. Cool PowerShell Module.[…]

O365 Secure Score & Azure Automation (Part 3) – Global Admin with MFA Disabled Report

If you would like to read the other parts of this article series, please go to: Part 1: Enable Mailbox Auditing Part 2: External Forwarding Report Part 3: Global Admin with MFA Disabled Report [this article] Introduction Long time, no see It’s been over a month since last article. A month with unusual good weather Read more about O365 Secure Score & Azure Automation (Part 3) – Global Admin with MFA Disabled Report[…]

O365 Secure Score & Azure Automation (Part 2) – External Forwarding Report

If you would like to read the first part in this article series, please go to O365 Secure Score & Azure Automation (Part 1) – Enable Mailbox Auditing. Introduction Previously… We introduced Azure Automation as a component to adopt security features in Office 365 (and Azure). Many features are not enabled just by “a tick Read more about O365 Secure Score & Azure Automation (Part 2) – External Forwarding Report[…]

O365 Secure Score & Azure Automation (Part 1) – Enable Mailbox Auditing

Introduction This article is the first part in a series on securing your Office 365 tenant (and improving the Secure Score) with a little help from Azure Automation. There will be 4-6 more articles in the series depending on the outcome of my demo environment, where all the scripts and modules are tested. Office 365 Read more about O365 Secure Score & Azure Automation (Part 1) – Enable Mailbox Auditing[…]

Handling JSON payload from upgraded Log Analytics workspaces; New issues

For a month I have complained about the missing documentation of handling the new JSON format used by Log Analytics (v2) when an alert is sent to a webhook. Finally, Microsoft have provided an example of converting the payload to PowerShell objects! Reference: https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-alerts-actions I have tested it myself and yes – it works, and Read more about Handling JSON payload from upgraded Log Analytics workspaces; New issues[…]

Ignite 2017 is over; so many things to review

Microsoft Ignite 2017 in Orlando is over, and it is time to head home. I have been attending at many inspiring and valuable sessions during the past five days. The quality of the content has been way over my expectation. I have made tons of notes and slides to review next week. Also, I do Read more about Ignite 2017 is over; so many things to review[…]

On my way to Ignite

Just 10 minutes till boarding the plane from Copenhagen, and the beginning of the journey to my fist Microsoft Ignite. I’m so excited! Of cause, I’m eager to join the session regarding OMS. It’s a product with great potential and something Microsoft is investing a lot of resources into. But Microsoft has so many great Read more about On my way to Ignite[…]

Missing support of Kusto in OMS queries in PowerShell

As mentioned in my post yesterday, the cmdlet Get-AzureRmOperationalInsightsSearchResults does not support the Kusto query language. Nor does the cmdlet Get-AzureRmOperationalInsightsSavedSearch. The only way to get search results is to use the “native” OMS query language. For that reason, I have created an issue on the Azure PowerShell Github repository. Hopefully Kusto will be supported Read more about Missing support of Kusto in OMS queries in PowerShell[…]

OMS: JSON Payload to Webhooks is Broken after Workspace is Upgraded to Kusto Query

Microsoft released an option to upgrade OMS to use the Kusto for querying data in Log Analytics. The release is in public preview so bugs are still expected.

One bug I discovered breaks the whole automation part of OMS. I’m currently performing a PoC at a customer, where OMS alerts must kick-off Azure Automation Runbooks. The JSON payload is vital in this project. Unfortunately, the payload is broken!
[…]