AC&AI domain is the largest technology domain within the Microsoft Consulting Services Organization. We aim to deliver world-class solutions with our team of expert Consultants, Project Managers and Architects across Data & AI, Apps, Security and Azure Infrastructure
This post is part of an ongoing series to educate about the simplicity and power of the Kusto Query Language (KQL). If you’d like the 90-second post-commercial recap that seems to be a standard part of every TV show these days… The full series index (including code and queries) is located here: https://aka.ms/MustLearnKQL The book … Continue reading Must Learn KQL Part 6: Interface Intimacy
Log Analytics issues are things that should be an important matter for Microsoft Sentinel customers, since the service runs on top of a Log Analytics workspace. And, as such, there should be a mechanism to monitor when issues have been reported. The Azure Monitor team maintains a status blog: https://cda.ms/3kB This blog produces alerts when … Continue reading Quick Tip: Monitoring Log Analytics Issues for Microsoft Sentinel
If you don't regularly sift through Microsoft Sentinel Workbooks to find any new ones made available, you probably missed this one. There's a newer Workbook just for monitoring costs that I'm sure many Sentinel customers would appreciate. In addition to the normal costs for retention, ingestion, and logic apps it also provides an area to … Continue reading Using the Microsoft Sentinel Cost Workbook
Similarly to new customers wanting to know how long the Microsoft Sentinel trial has been running (see: How to Monitor When the Microsoft Sentinel Trial Expires), existing customers sometimes like to know how long each Microsoft Sentinel-enabled Log Analytics Workspace has been running. The easiest way to find this is by using the Workspace Usage … Continue reading How to Tell How Long Microsoft Sentinel Has Been Enabled on a Workspace
Added just prior to Microsoft Ignite this year, there's a new tab available in the News & Guides section in the console dedicated to the Free Trial. This Free Trial tab is the central source for getting the most out of the trial period. It includes the docs, a lab to deploy, learning, and even … Continue reading How to Monitor When the Microsoft Sentinel Trial Expires
Three new MITRE ATT&CK tactics have shown up ready to be used for Microsoft Sentinel Hunting and Analytics Rules creation. New tactics Resource Development - The adversary is trying to establish resources they can use to support operations. Impair Process Control - The adversary is trying to manipulate, disable, or damage physical control processes. Inhibit … Continue reading Three New MITRE ATT&CK Tactics to Use for Microsoft Sentinel Hunting and Analytics Rules
This post is part of an ongoing series to educate about the simplicity and power of the Kusto Query Language (KQL). If you'd like the 90-second post-commercial recap that seems to be a standard part of every TV show these days... The full series index (including code and queries) is located here: https://aka.ms/MustLearnKQL The book … Continue reading Must Learn KQL Part 5: Turn Search into Workflow
This post is part of an ongoing series to educate about the simplicity and power of the Kusto Query Language (KQL). If you'd like the 90-second post-commercial recap that seems to be a standard part of every TV show these days... The full series index, along with code and queries, is located here: https://aka.ms/MustLearnKQL The … Continue reading Must Learn KQL Part 4: Search for Fun and Profit
A short while ago, we started recommending that customers use the new Policy-based method of connecting the Azure Activity log to Microsoft Sentinel. Azure Policy-based assignment Recently, we have started to see some customers that have used this method where the Data Connector shows as not connected in the Microsoft Sentinel console. While we diagnose … Continue reading How to Manually Reset the Remediation Policy when Microsoft Sentinel Azure Activity Connector Shows Not Connected
This post is part of an ongoing series to educate about the simplicity and power of the Kusto Query Language (KQL). If you'd like the 90-second post-commercial recap that seems to be a standard part of every TV show these days... The full series index (including code and queries) is located here: https://aka.ms/MustLearnKQL The book … Continue reading Must Learn KQL Part 3: Workflow
You must be logged in to post a comment.