Tag: KQL
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.8: Application Inventory Workbook
Introduction: With your data now ingesting into Log Analytics, granted the collectors not yet deployed, we are ready to begin setting up our workbooks to further confirm data is coming in properly. Now done with deploying your Admin Inventory and Device Inventory workbook, let’s knock out the final one – Application Inventory. Note: It would be a good…
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.6: Admin Inventory Workbook
Introduction: With your data now ingesting into Log Analytics, granted the collectors not yet deployed, we are ready to begin setting up our workbooks to further confirm data is coming in properly. I feel like starting with Admin Inventory for some reason, so let’s go ahead and get this one knocked out. Note: It would…
-
PowerShell DCR Log Analytics for Windows 365 Monitoring Part 2.3: Workbook, Collector Deployment
This will be the last part of this guide. Here we will be deploying and modifying the workbook to match your environment as well as going over the deployment of the collectors and some of the options within them to configure how they function. Note: If you followed the V1 version of this series, you…
-
PowerShell DCR Log Analytics: Part 2.12 – Ongoing Cost Monitoring and Predictions
While I did do a section on cost mainly from an initial prediction standpoint, this section will cover how you can monitor cost going forward once things are setup. I can also guide you in cost prediction to scale the solution up. Unfortunately, this process is a little tricky and I almost considered not writing…
-
PowerShell DCR Log Analytics: Part 2.10 – Queries & Workbooks
In this section, we will take a look at some basic KQL queries and how those are then put into a workbook. While the Sample Collector is rather basic as again, it’s just to demo how this whole thing works, there are still some simple queries we can make which do provide real value. In…
Azure to the Max 