Category: Azure
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.8: Application Inventory Workbook
Introduction: With your data now ingesting into Log Analytics, granted the collectors not yet deployed, we are ready to begin setting up our workbooks to further confirm data is coming in properly. Now done with deploying your Admin Inventory and Device Inventory workbook, let’s knock out the final one – Application Inventory. Note: It would be a good…
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.7: Device Inventory Workbook
Introduction: With your data now ingesting into Log Analytics, granted the collectors not yet deployed, we are ready to begin setting up our workbooks to further confirm data is coming in properly. Now done with deploying your Admin Inventory workbook, let’s go ahead and do a big one – Device Inventory. Note: It would be a…
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.6: Admin Inventory Workbook
Introduction: With your data now ingesting into Log Analytics, granted the collectors not yet deployed, we are ready to begin setting up our workbooks to further confirm data is coming in properly. I feel like starting with Admin Inventory for some reason, so let’s go ahead and get this one knocked out. Note: It would…
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.5: Sample Data, Tables, DCRs, Initial Ingestion
Introduction: We have now covered what this solution does as well as its cost, at least from an ingestion standpoint. Now, we will finally be actually deploying something! In this article, we will be generating our sample data, using it to create our new tables and DCRs, granting the appropriate permissions on those DCRs, and…
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.1: Application Inventory Overview
Introduction: Following my initial article in the series, this article will cover an overview of the Application Inventory component of this collector / workbook with a primary focus on what this tool does for you and how the data is visualized in the workbooks. In this section we will cover… Prior Knowledge Requirement: I don’t…
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.0: Device Inventory Overview
Introduction: This is the start of something big. Those familiar with my work on Log Analytics probably have realized I seem to know a lot but haven’t put out a ton of useable items yet. Those familiar with the work my work is based on, that being Jan Ketil Skanke of MSEndpointMGR team and his…
-
PowerShell DCR Log Analytics for Windows 365 Monitoring Part 2.2: Sample Data, Tables, DCRs, Initial Ingestion
Let’s get right into it. Following our last post, here is how you actually set this monitoring up. This part will cover the creation of the DCR’s, Tables, and initial data ingestion. Setup of the workbook as well as the true deployment of the collector scripts will come in part three. Again, I cannot possibly recommend…
-
PowerShell DCR Log Analytics: Part 2.12 – Ongoing Cost Monitoring and Predictions
While I did do a section on cost mainly from an initial prediction standpoint, this section will cover how you can monitor cost going forward once things are setup. I can also guide you in cost prediction to scale the solution up. Unfortunately, this process is a little tricky and I almost considered not writing…
-
PowerShell DCR Log Analytics: Part 2.11 – Shipping Data to an Event Hub
Now that your data is in Log Analytics, and you have queries and workbooks helping you to confirm the data is good, this section will cover how you can then ship this custom data to an Event Hub! Here I have some good news and some bad news. The good news is that the actual…
-
PowerShell DCR Log Analytics: Part 2.10 – Queries & Workbooks
In this section, we will take a look at some basic KQL queries and how those are then put into a workbook. While the Sample Collector is rather basic as again, it’s just to demo how this whole thing works, there are still some simple queries we can make which do provide real value. In…
Azure to the Max 