Azure Monitor, Security Center, Sentinel Infrastructure as Code with Bicep

When deploying resources to Azure, you have several options, the Azure Portal, PowerShell, Azure Resource Management (ARM) Templates, and now we have Bicep templates. In this post I’ll share a Bicep template I’ve made to help you deploy Log Analytics, the backbone of Azure Monitor, Sentinel and Security Center. For the operations monitoring Application Insights, …

Read more

Kusto Make-Series vs Summarize

You already know summarize in Kusto is pretty magical right? Well if not I’ll be going over some of its awesome sauce. In addition this post is going to talk about make-series and how it compares to summarize and when you might want to use each. Per the usual, my examples will be in Log …

Read more

Azure Application Change Analysis

This is a post I’ve been meaning to put out for quite a while. Early last year, I discovered the service when coming up with a presentation on why a client should use Azure Monitor. Azure Application Change Analysis can track changes to Azure Resources as well as your Apps. In particular it shines with …

Read more

Azure Workbooks: Icons Thresholds & Heatmaps

Today I want to show you how you can use icons, thresholds and heatmaps in Azure Monitor and Azure Sentinel Workbooks. These have long been things I’ve used in almost all my workbooks. Along with grouping and showing resource icons, these are what I consider nice touches that take your workbooks from a nice idea …

Read more

How to use Grouping Azure Workbooks

This is the second post in some Azure Workbooks quick tips. You can find the first one here. As your Azure environment grows, you’re likely to encounter situations where you have 2 or more subscriptions. Or if you are using Azure Lighthouse you might have dozens or hundreds of subscriptions under your management. This can …

Read more

How to Show Azure Resource Icons in Workbooks

One of my favorite tricks when building Azure Monitor or Azure Sentinel workbooks is to include the Azure Resource specific icons next to resources. For metric based resources the icons are including for you automatically when using Grid visualization. But for logs, you need to bring in  ‘_ResourceId’ in Log Analytics. For Azure Resourec Graph …

Read more