How to Enroll a Huawei Device in Intune

In May 2019, then-United States President Donald Trump announced that Huawei, along with several other Chinese companies, was now on something called the Entity List. Companies on this list are unable to do business with any organization that operates in the United States. This made the lives of administrators difficult, to ensure that these devices … Continue reading How to Enroll a Huawei Device in Intune

How to use the Intune Group Policy Analytics Migration Tool

In my blog Using PowerShell to create Windows 10 Custom Device Policy from the output of Endpoint Manager Group Policy Analytics - Azure Cloud & AI Domain Blog (azurecloudai.blog) we looked at using PowerShell to assist with GPO migration. Today we a new migration tool available in the Microsoft Endpoint Manager admin center and we … Continue reading How to use the Intune Group Policy Analytics Migration Tool

How to Manually Reset the Remediation Policy when Microsoft Sentinel Azure Activity Connector Shows Not Connected

A short while ago, we started recommending that customers use the new Policy-based method of connecting the Azure Activity log to Microsoft Sentinel. Azure Policy-based assignment Recently, we have started to see some customers that have used this method where the Data Connector shows as not connected in the Microsoft Sentinel console. While we diagnose … Continue reading How to Manually Reset the Remediation Policy when Microsoft Sentinel Azure Activity Connector Shows Not Connected

Must Learn KQL Part 3: Workflow

This post is part of an ongoing series to educate about the simplicity and power of the Kusto Query Language (KQL). If you’d like the 90-second post-commercial recap that seems to be a standard part of every TV show these days… The full series index (including code and queries) is located here: https://aka.ms/MustLearnKQL The book … Continue reading Must Learn KQL Part 3: Workflow

Must Learn KQL Part 2: Just Above Sea Level

This post is part of an ongoing series to educate about the simplicity and power of the Kusto Query Language (KQL). If you’d like the 90-second post-commercial recap that seems to be a standard part of every TV show these days… The full series index (including code and queries) is located here: https://aka.ms/MustLearnKQL The book … Continue reading Must Learn KQL Part 2: Just Above Sea Level

Must Learn KQL Part 1: Tools and Resources

This post is part of an ongoing series to educate about the simplicity and power of the Kusto Query Language (KQL). If you'd like the 90-second post-commercial recap that seems to be a standard part of every TV show these days... The full series index (including code and queries) is located here: https://aka.ms/MustLearnKQL The book … Continue reading Must Learn KQL Part 1: Tools and Resources

Schedule a Reboot for Manual installation of Windows 10 Feature Updates

With the various methods of deploying Windows 10 Feature Updates, the Feature Update Rollouts via Application Deployment does not provide restart notifications to the user and as such the device will automatically reboot if the “/noreboot” switch is not added to your batch file or if the switch is added the reboot will not happen … Continue reading Schedule a Reboot for Manual installation of Windows 10 Feature Updates

How to Add the New Azure Sentinel Hunting Columns for MITRE Techniques, Results Delta, and Results Delta Percentage

Those sneaky Azure Sentinel engineers! A few new data points have shown up in the Azure Sentinel console, specifically in the Hunting section. These data points are available as new columns in the Hunting display and include: MITRE ATT&CK Techniques - This is the more specific technique that's associated with the based tactic. You can … Continue reading How to Add the New Azure Sentinel Hunting Columns for MITRE Techniques, Results Delta, and Results Delta Percentage