It’s been a while since my last post. 78 days to be more precise or 68030323687376 ticks. I’ve been swamped both at work and home and still trying to catch-up with all the news and videos from Microsoft Ignite last month (I didn’t attend this year). One of the new features that has surfaced is Read more about Pressing pause[…]
If you would like to read the other parts of this article series, please go to: Part 1: Enable Mailbox Auditing Part 2: External Forwarding Report Part 3: Global Admin with MFA Disabled Report [this article] Introduction Long time, no see It’s been over a month since last article. A month with unusual good weather Read more about O365 Secure Score & Azure Automation (Part 3) – Global Admin with MFA Disabled Report[…]
If you would like to read the first part in this article series, please go to O365 Secure Score & Azure Automation (Part 1) – Enable Mailbox Auditing. Introduction Previously… We introduced Azure Automation as a component to adopt security features in Office 365 (and Azure). Many features are not enabled just by “a tick Read more about O365 Secure Score & Azure Automation (Part 2) – External Forwarding Report[…]
Introduction This article is the first part in a series on securing your Office 365 tenant (and improving the Secure Score) with a little help from Azure Automation. There will be 4-6 more articles in the series depending on the outcome of my demo environment, where all the scripts and modules are tested. Office 365 Read more about O365 Secure Score & Azure Automation (Part 1) – Enable Mailbox Auditing[…]
For a month I have complained about the missing documentation of handling the new JSON format used by Log Analytics (v2) when an alert is sent to a webhook. Finally, Microsoft have provided an example of converting the payload to PowerShell objects! Reference: https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-alerts-actions I have tested it myself and yes – it works, and Read more about Handling JSON payload from upgraded Log Analytics workspaces; New issues[…]
Microsoft Ignite 2017 in Orlando is over, and it is time to head home. I have been attending at many inspiring and valuable sessions during the past five days. The quality of the content has been way over my expectation. I have made tons of notes and slides to review next week. Also, I do Read more about Ignite 2017 is over; so many things to review[…]
Just 10 minutes till boarding the plane from Copenhagen, and the beginning of the journey to my fist Microsoft Ignite. I’m so excited! Of cause, I’m eager to join the session regarding OMS. It’s a product with great potential and something Microsoft is investing a lot of resources into. But Microsoft has so many great Read more about On my way to Ignite[…]
As mentioned in my post yesterday, the cmdlet Get-AzureRmOperationalInsightsSearchResults does not support the Kusto query language. Nor does the cmdlet Get-AzureRmOperationalInsightsSavedSearch. The only way to get search results is to use the “native” OMS query language. For that reason, I have created an issue on the Azure PowerShell Github repository. Hopefully Kusto will be supported Read more about Missing support of Kusto in OMS queries in PowerShell[…]
Microsoft released an option to upgrade OMS to use the Kusto for querying data in Log Analytics. The release is in public preview so bugs are still expected.
One bug I discovered breaks the whole automation part of OMS. I’m currently performing a PoC at a customer, where OMS alerts must kick-off Azure Automation Runbooks. The JSON payload is vital in this project. Unfortunately, the payload is broken!
Soren is an IT Professional based in Copenhagen, Denmark.
His primary work areas are system design, deployment, migration and administration of business-critical IT infrastructure.