How to Add the New Azure Sentinel Hunting Columns for MITRE Techniques, Results Delta, and Results Delta Percentage

Those sneaky Azure Sentinel engineers! A few new data points have shown up in the Azure Sentinel console, specifically in the Hunting section. These data points are available as new columns in the Hunting display and include: MITRE ATT&CK Techniques - This is the more specific technique that's associated with the based tactic. You can … Continue reading How to Add the New Azure Sentinel Hunting Columns for MITRE Techniques, Results Delta, and Results Delta Percentage →

How to Locate installed LA Agents and If On-prem or in Azure

My colleague, Sonia Cuff, recently posted a great article around How to find your Azure Log Analytics agent deployments in preparation for the Azure Monitor agent. In the article, she presents a couple different ways to locate the Log Analytics agent including using PowerShell and the actual Log Analytics service console. There's also another way … Continue reading How to Locate installed LA Agents and If On-prem or in Azure →

How to Drag-n-Drop hotfixes with Kudu

Nowadays, CI/CD are embedded in almost every modern software solution which brings lots of benefits of course. However, sometimes you may need to skip CI/CD steps just to try something directly on one of your environments. In such cases, you may not be interested in things like (unit testing, security testing, resources creation, full deployment, … Continue reading How to Drag-n-Drop hotfixes with Kudu →

What’s in that Event Log? Discovering possible Event ID’s

Learn how to use PowerShell to dump a full list of possible EventID's from many Windows logs