Official Azure Sentinel PowerShell Module Released

On December 29th, when the rest of the world wasn't watching, the Microsoft team unleashed the first rev of a PowerShell module specifically for Azure Sentinel. You can find Az.SecurityInsights version 0.1.0 here: https://www.powershellgallery.com/packages/Az.SecurityInsights/0.1.0 I've been playing with it the last couple days when my wife isn't looking. I'm off until January 4th and have … Continue reading Official Azure Sentinel PowerShell Module Released

SCCM Software Update Point (SUP) automated install via PowerShell

Automation is always good in large or small organizations to minimize error and remove the tediousness of repetitive tasks. This script will install the Software Update Point (SUP) role on one or multiple site system servers in their assigned site. This script will run the following task Check if the site server and admin domain … Continue reading SCCM Software Update Point (SUP) automated install via PowerShell

Field notes: The case of the missing Organizational Unit (OU)

I recently assisted a customer with missing OU's in Active Directory. We found that the OU's were not deleted (thanks to the AD Recycle Bin), but were actually moved to another OU instead. These occurrences can easily be prevented by using a feature that was introduced with Active Directory on Windows Server 2008. Now this is nothing new, but since we are still finding occurrences of this at our customers, I decided to publish this post as a reminder to review all OU's in your Active Directory forest, and ensure they are protected from accidental deletion.

Azure – “Executing Runbooks with Power Platform and Webhooks”

The Question In a recent Workshop I wanted to explain how you could use webhooks in clever ways to kick off specific tasks in Azure Automation. Specifically I wanted to create a Power App where I could just click a button and all my Az Modules in my Azure Automation Account gets updated. You can … Continue reading Azure – “Executing Runbooks with Power Platform and Webhooks”

Publish Custom PowerShell Workflows to Azure Automation

Introduction Writing Runbooks in Az Automation is possible in the following languages: PowerShell and Python, in PowerShell it is also possible to write PowerShell Workflow. In this blog post, I will walk through some highlights in writing 'PowerShell Workflow' and how to upload it to 'Runbook gallery' in Azure Automation. The pros and cons of using Workflow The … Continue reading Publish Custom PowerShell Workflows to Azure Automation

How to Automate the Backup of Azure Sentinel Tables to Blob Storage Using PowerShell

Not too long ago I wrote a blog post describing how to use Cloud Shell to create Export Rules for automating the backup of Azure Sentinel tables to Blob storage for long-term backup. This is useful for those organizations that need to store data, due to policy, for longer periods than the default 2 years … Continue reading How to Automate the Backup of Azure Sentinel Tables to Blob Storage Using PowerShell

How to Automate the Backup of Azure Sentinel Tables to Long-term Storage Using Cloud Shell

Azure Sentinel customers with specific policies around data retention and the ability to retain data longer than Log Analytics allows, are interested in knowing how to move their Azure Sentinel tables to long-term storage. In a more recent blog post, Matt Lowe talked about how to Move Your Azure Sentinel Logs to Long-Term Storage with … Continue reading How to Automate the Backup of Azure Sentinel Tables to Long-term Storage Using Cloud Shell

Azure GitHub Actions and Workflows

Let me give you an introduction how to use the power of GitHub Actions and Workflows to deploy resources into Azure. I'm going to explain you the basics of GitHub Actions, Workflows, runners and how to deploy resources into Azure. At the end of this post you should have understood how GitHub Actions and Workflows … Continue reading Azure GitHub Actions and Workflows

How to Export and Backup Azure Sentinel Tables Using PowerShell

I've worked with several customers recently who still like to be able to work offline somewhat. It's been part of their normal processes for a long while and has become a partial a habit due to working with legacy, on-premises security tools for so long. I try to teach better ways to modernize the processes … Continue reading How to Export and Backup Azure Sentinel Tables Using PowerShell