Tag: Windows
-
Log Analytics for Windows Endpoint System Usage & Authentication Monitoring Part 1.3: Configure Event Auditing and Power Settings
As explained, the System Usage monitoring makes use of Windows Event logs for data gathering. While the Event Log has a ton of useful information by default, some events only log when enabled via an additional policy. Additionally, some won’t log at all until certain power settings are changed (See part 1.1, startup and shutdown…
-
Log Analytics for Windows Endpoint System Usage & Authentication Monitoring Part 1.2: Cost
Introduction: Following my initial articles describing what is collected, how it is displayed, and the quirks that the collector has, this article will cover the cost of this solution. Before we start, please know that I am no Azure cost “expert.” I can point you in the right direction and provide examples, but you need…
-
Log Analytics for Windows Endpoint System Usage & Authentication Monitoring Part 1.0: Overview
Introduction: For those of you familiar with my work on Log Analytics, you know that I have at several times throughout several articles touted the ability for PowerShell to pull Windows Events, including those from the Security log which the now old Log Analytics agent could not do. And, unfortunately, the new AMA has other…
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.7: Device Inventory Workbook
Introduction: With your data now ingesting into Log Analytics, granted the collectors not yet deployed, we are ready to begin setting up our workbooks to further confirm data is coming in properly. Now done with deploying your Admin Inventory workbook, let’s go ahead and do a big one – Device Inventory. Note: It would be a…
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.5: Sample Data, Tables, DCRs, Initial Ingestion
Introduction: We have now covered what this solution does as well as its cost, at least from an ingestion standpoint. Now, we will finally be actually deploying something! In this article, we will be generating our sample data, using it to create our new tables and DCRs, granting the appropriate permissions on those DCRs, and…
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.4: Cost
Introduction: Following my initial three intro articles describing what is collected and how it is displayed, this article will cover the cost of these solutions. In this section we will cover… The Purpose of this Article: In this article, I will specifically be discussing the Log Analytics Ingestion costs of these various collectors and NOT…
-
Block Office “Add a Place” Menu 3rd-Party Apps
Here is an interesting one. If you go into Word/Excel/PowerPoint/ETC – there is an option under Save As, Add a Place which has a multitude of 3rd party site options you can use to connect Office apps directly to those locations. As of writing I see Box, Egnyte, OpenText Content Cloud, and ShareFile (Beta). I…
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.1: Application Inventory Overview
Introduction: Following my initial article in the series, this article will cover an overview of the Application Inventory component of this collector / workbook with a primary focus on what this tool does for you and how the data is visualized in the workbooks. In this section we will cover… Prior Knowledge Requirement: I don’t…
-
PowerShell DCR Log Analytics for Windows Endpoints Part 1.0: Device Inventory Overview
Introduction: This is the start of something big. Those familiar with my work on Log Analytics probably have realized I seem to know a lot but haven’t put out a ton of useable items yet. Those familiar with the work my work is based on, that being Jan Ketil Skanke of MSEndpointMGR team and his…
-
PowerShell DCR Log Analytics for Windows 365 Monitoring Part 2.2: Sample Data, Tables, DCRs, Initial Ingestion
Let’s get right into it. Following our last post, here is how you actually set this monitoring up. This part will cover the creation of the DCR’s, Tables, and initial data ingestion. Setup of the workbook as well as the true deployment of the collector scripts will come in part three. Again, I cannot possibly recommend…
Azure to the Max 