Beth Pariseau · @BPariseau
318 followers · 151 posts · Server hachyderm.io
Part deux of my #observability and #datamanagement feature series.
#loganalytics #splunk #coralogix #netflix #puma #streaminganalytics #itmanagement #itmonitoring #monitorama
#observability #datamanagement #loganalytics #splunk #coralogix #netflix #puma #streaminganalytics #itmanagement #itmonitoring #monitorama
Dimitar Grozdanov · @grozdanovd
24 followers · 40 posts · Server masto.ai#MicrosoftDefender for Cloud - strategy and plan towards #LogAnalytics Agent (MMA) deprecation #ITOperations #monitoring https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/microsoft-defender-for-cloud-strategy-and-plan-towards-log/ba-p/3883341?WT.mc_id=AZ-MVP-5002880
#microsoftdefender #loganalytics #itoperations #monitoring
Dotan Horovits #CNCFAmbassador · @horovits
181 followers · 256 posts · Server fosstodon.org
ICYMI @OpenSearchProject version 2.8 is here!
Featuring cross-cluster support for queries with PPL, experimental feature to build a chain of search processors in an #OpenSearch cluster to integrate components such as query rewriters and results rerankers, and more:
https://lnkd.in/dpn3ZE2c
#opensource #logging #loganalytics #devops
#opensearch #opensource #logging #loganalytics #devops
Qiita - 人気の記事 · @qiita
2 followers · 197 posts · Server rss-mstdn.studiofreesia.comAzureのIPsec S2S VPNをLog Analyticsで死活監視しよう(多分日本初記事)
https://qiita.com/fsdg-kohei-ioroi/items/9d034a45dd4c77015961?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items
#Azure #VPN #S2S #死活監視 #LogAnalytics
#azure #vpn #s2s #死活監視 #loganalytics
otterkring · @otterkring
8 followers · 46 posts · Server social.vivaldi.net#Powershell #logging to #LogAnalytics
Yes, it is not #PS_Framework, but if you want to use something smaller, I created this LogAnalyticsLog module for simple posting to LogAnalytics.
https://github.com/OtterKring/LogAnalyticsLog
Feedback and bug reports welcome, not yet on gallery.
#powershell #logging #loganalytics #ps_framework
holger · @holgerjs
31 followers · 84 posts · Server hachyderm.ioThis week is all about Azure logging and monitoring. My last two days have been centered around these four pages:
**Supported metrics with Azure Monitor** (https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/metrics-supported)
**Supported categories for Azure Monitor resource logs** (https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/resource-logs-categories)
**Azure Monitor Logs table reference** (https://learn.microsoft.com/en-us/azure/azure-monitor/reference/tables/tables-resourcetype)
**Tables that support transformations in Azure Monitor Logs** (https://learn.microsoft.com/en-us/azure/azure-monitor/logs/tables-feature-support)
#azure #azuremonitor #loganalytics
Stanislav Zhelyazkov · @StanZhelyazkov
30 followers · 10 posts · Server infosec.exchangeAzure Monitor Logs now supports Availability Zones in North Europe #Azure #LogAnalytics #AzureMonitor https://techcommunity.microsoft.com/t5/azure-observability-blog/azure-monitor-logs-now-supports-availability-zones-in-north/ba-p/3763628
#azure #loganalytics #azuremonitor
Daniel Neumann · @neumanndaniel
79 followers · 24 posts · Server hachyderm.ioLearnings from the field – Running Fluent Bit on Azure Kubernetes Service – Part 3 https://www.danielstechblog.io/learnings-from-the-field-running-fluent-bit-on-azure-kubernetes-service-part-3/ #Azure #AKS #LogAnalytics #FluentBit #Kubernetes
#azure #aks #loganalytics #fluentbit #kubernetes
matsest · @matsest
13 followers · 4 posts · Server hachyderm.io
TIL: How to search for two consecutive log entries in #loganalytics using #kql to make an alert in #AzureMonitor using the prev() operator.
In this case the error message is generic, and I need the context of the previous message to create a specific alert. #MustLearnKQL
#loganalytics #KQL #azuremonitor #mustlearnkql
holger · @holgerjs
28 followers · 56 posts · Server hachyderm.ioHuh, nice, it is possible to upload custom logs to #Azure #LogAnalytics workspaces through the #AzureSDK Client libraries.
https://azure.microsoft.com/en-us/updates/azure-monitor-ingestion-libraries/
Details and examples on the Azure Monitor Ingestion client library for #Python are also available: https://github.com/Azure/azure-sdk-for-python/blob/main/sdk/monitor/azure-monitor-ingestion/README.md
#azure #loganalytics #azuresdk #python
Stanislav Zhelyazkov · @StanZhelyazkov
30 followers · 8 posts · Server infosec.exchangeAzure Log Alert scoped to resource that sends logs to more than one Log Analytics workspace #Azure #AzureMonitor #LogAnalytics #AzureAlerts https://cloudadministrator.net/2023/03/02/azure-log-alert-scoped-to-resource-that-sends-logs-to-more-than-one-log-analytics-workspace/#more-4928
#azure #azuremonitor #loganalytics #azurealerts
F0rm4t · @F0rm4t
35 followers · 37 posts · Server infosec.exchange
This blog will walk through different scenarios and methods to retrieve Defender for Cloud data, including exporting to Security Incident Event Management (SIEM) solutions, Log Analytics workspaces, CSV files, and alternative locations via an automated script.
#cspm #cwp #azure #cloud #multicloud #cloudsecurity #security #eventmanagement #analytics #siem #soar #defenderforcloud #loganalytics #securescore #paas #saas #microsoft #gpc #aws #sentinel #microsoftsentinel
#cspm #cwp #azure #cloud #multicloud #cloudsecurity #security #eventmanagement #analytics #siem #soar #defenderforcloud #loganalytics #securescore #paas #saas #microsoft #gpc #aws #sentinel #MicrosoftSentinel
Stanislav Zhelyazkov · @StanZhelyazkov
29 followers · 7 posts · Server infosec.exchangeTip of the day. Depending on the language of your #Azure function app different default logging is configured to send the logs via Diagnostics Settings. #LogAnalytics #AzureFunctions #AzureMonitor https://learn.microsoft.com/en-us/answers/questions/1168360/azure-functions-logs-(functionapplogs)-table-does?page=1#answer-1172861
#azure #loganalytics #azurefunctions #azuremonitor
Stanislav Zhelyazkov · @StanZhelyazkov
29 followers · 6 posts · Server infosec.exchange
A lot of legacy and deprecated stuff in #LogAnalytics. Of course it is obvious that many of those will be deprecated but I think for some there was not official message. #Azure #AzureMonitor
#loganalytics #azure #azuremonitor
Daniel Neumann · @neumanndaniel
79 followers · 23 posts · Server hachyderm.ioLearnings from the field – Running Fluent Bit on Azure Kubernetes Service – Part 2 https://www.danielstechblog.io/learnings-from-the-field-running-fluent-bit-on-azure-kubernetes-service-part-2/ #Azure #AKS #LogAnalytics #FluentBit #Kubernetes
#azure #aks #loganalytics #fluentbit #kubernetes
F0rm4t · @F0rm4t
27 followers · 30 posts · Server infosec.exchange
Forensic artifacts in Office 365 and where to find them.
In this article, we aim to provide some explanations and tips for investigators to use to be able to easily understand in any situation what data is available.
#office365 #data #forensics #graphapi #api #Azuread #aad #azure #microsoft365 #log #loganalytics #sentinel #microsoftsentinel #microsoft #microsoftsecurity #azure #xdr #siem #soar #hunting #exchange #sharepoint #teams #powerautomate #defender #casb #retention
#office365 #data #forensics #graphapi #api #azuread #aad #azure #microsoft365 #log #loganalytics #sentinel #MicrosoftSentinel #microsoft #microsoftsecurity #xdr #siem #soar #hunting #exchange #sharepoint #teams #PowerAutomate #defender #casb #retention
AdamFowler_IT · @AdamFowler_IT
90 followers · 18 posts · Server infosec.exchangeRT @lukasberancz: #Microsoft #Sentinel has a new #incident #experience. There is a new top insights panel, new activity log, tasks newly embedded into the new incident page, #LogAnalytics panel that opens within the incident page, and detailed information about entities. https://t.co/jfQ3JN9PhI
#microsoft #sentinel #incident #experience #loganalytics
Gareth Emslie 🇿🇦 🇪🇦 🇨🇭 · @keyoke_za
40 followers · 211 posts · Server hachyderm.ioAnalyst need to be able to quickly and effectively respond to security incidents. The new incident experience in Sentinel offers the analyst many new features, including top insights, an activity log, and a Log Analytics query window, to aid in triage and investigation. https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/the-new-incident-experience-is-here/ba-p/3717042 #SecurityIncidents #Sentinel #LogAnalytics
#securityincidents #Sentinel #loganalytics
F0rm4t · @F0rm4t
22 followers · 24 posts · Server infosec.exchange
A Look at Different Options for Storing and Searching Sentinel Archived Logs.
Options available for storing and searching Sentinel logs beyond the retention period:
1. Azure Data Explorer (ADX) - recommended for users who need to frequently query the data
2. Retention and Archive Policies in Log Analytics Workspaces - recommended for users that want to query the data on occasion
3. Exporting Data to an Azure Storage Account - recommended for users who rarely need to perform queries on the data or have specific querying needs
4. Storage account export via Logic Apps - recommended for users who rarely need to perform queries on the data and have their storage account set in a different region than their log analytics workspace
Learn more here:
#azure #analytics #data #export #microsoft #microsoftsentinel #sentinel #siem #soar #loganalytics #logicapp #adx #AzureDataExplorer #storage #storageaccount #kql #archive #analytics #basic #log #restore #retention #cloud #multicloud #soc #compliance #hunting
#azure #analytics #data #export #microsoft #MicrosoftSentinel #sentinel #siem #soar #loganalytics #logicapp #adx #azuredataexplorer #storage #storageaccount #KQL #archive #basic #log #restore #retention #cloud #multicloud #soc #compliance #hunting
Daniel Neumann · @neumanndaniel
74 followers · 14 posts · Server hachyderm.ioLearnings from the field – Running Fluent Bit on Azure Kubernetes Service – Part 1 https://www.danielstechblog.io/learnings-from-the-field-running-fluent-bit-on-azure-kubernetes-service-part-1/ #Azure #AKS #LogAnalytics #FluentBit #Kubernetes
#azure #aks #loganalytics #fluentbit #kubernetes