July 14: Thomas Maurer on Azure Arc for the Microsoft Security Insights Podcast and Twitch Stream

A couple weeks back during the Microsoft Security Insights Podcast, the topic of Azure Arc came up in reference to the new AMA client that uses DCRs to help filter the Windows events collected from on-prem servers and sent to the Log Analytics workspace for Azure Sentinel. At the time, I suggested Thomas Maurer would … Continue reading July 14: Thomas Maurer on Azure Arc for the Microsoft Security Insights Podcast and Twitch Stream

Creating Cloud Shell Storage Resources in a Different Azure Region

I had a situation recently where I needed to test to determine if a specific cmdlet for the Azure Sentinel PowerShell module would run in a specific Azure region. Cloud Shell instances require storage to function. When you initiate a Cloud Shell instance and accept the defaults it generates a random set of storage account … Continue reading Creating Cloud Shell Storage Resources in a Different Azure Region

Intune – Query Azure AD Bitlocker Keys using Graph API

The Issue If you have recently started using the BitLocker Encryption options out of Intune whether its device configuration or the endpoint protection encryption portion you will see there are many great reports like the encryption below. The problem is its quite hard to see if your machines have backed up their keys to Azure … Continue reading Intune – Query Azure AD Bitlocker Keys using Graph API

Azure – “Executing Runbooks with Power Platform and Webhooks”

The Question In a recent Workshop I wanted to explain how you could use webhooks in clever ways to kick off specific tasks in Azure Automation. Specifically I wanted to create a Power App where I could just click a button and all my Az Modules in my Azure Automation Account gets updated. You can … Continue reading Azure – “Executing Runbooks with Power Platform and Webhooks”

How to Automate the Backup of Azure Sentinel Tables to Long-term Storage Using Cloud Shell

Azure Sentinel customers with specific policies around data retention and the ability to retain data longer than Log Analytics allows, are interested in knowing how to move their Azure Sentinel tables to long-term storage. In a more recent blog post, Matt Lowe talked about how to Move Your Azure Sentinel Logs to Long-Term Storage with … Continue reading How to Automate the Backup of Azure Sentinel Tables to Long-term Storage Using Cloud Shell

Azure – Assign A Custom Role to Allow Specific Users to Stop/Start/Restart a specific VM

The Issue A customer recently had the need to only allow specific Server Owners to Start\Restart\Deallocate specific Virtual Machines. The Investigation I actually found this article that explains how to create this for an assignment to an entire subscription. https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-enabling-custom-role-based-access-control-in-azure/ba-p/363668 You use the mentioned JSON File, { "Name": "Restart Virtual Machines", "IsCustom": true, "Description": "Restart … Continue reading Azure – Assign A Custom Role to Allow Specific Users to Stop/Start/Restart a specific VM

Azure GitHub Actions and Workflows

Let me give you an introduction how to use the power of GitHub Actions and Workflows to deploy resources into Azure. I'm going to explain you the basics of GitHub Actions, Workflows, runners and how to deploy resources into Azure. At the end of this post you should have understood how GitHub Actions and Workflows … Continue reading Azure GitHub Actions and Workflows

Azure – Point to Site Transit Traffic over Connected VNETs Issue

The Issue Recently one of my customers experienced an issue where we wanted to achieve the below. The reason was we wanted machines out on the internet to communicate with Active Directory Servers by using the Azure VPN Client. The Investigation So there are two ways to achieve a "Connection" between Virtual Networks. You can … Continue reading Azure – Point to Site Transit Traffic over Connected VNETs Issue