Alerting at Scale in Azure (Again)

So, you want to alert at scale in Azure. Come grab a seat and let me regale you with the pitfalls of resource types, subscription & resource group scopes, and Log Analytics. I have previously talked about Alerting at Scale with PowerShell in this post and how to do it with PowerShell in this post. …

Read more

Azure Monitor, Security Center, Sentinel Infrastructure as Code with Bicep

When deploying resources to Azure, you have several options, the Azure Portal, PowerShell, Azure Resource Management (ARM) Templates, and now we have Bicep templates. In this post I’ll share a Bicep template I’ve made to help you deploy Log Analytics, the backbone of Azure Monitor, Sentinel and Security Center. For the operations monitoring Application Insights, …

Read more

Kusto Make-Series vs Summarize

You already know summarize in Kusto is pretty magical right? Well if not I’ll be going over some of its awesome sauce. In addition this post is going to talk about make-series and how it compares to summarize and when you might want to use each. Per the usual, my examples will be in Log …

Read more

Kusto Evaluate Operator and its Plugins

The evaluate operator is fantastic tool in your Kusto tool belt. So much so that I have requested several times that it get added to Azure Resource Graph. However, the Evaluate Operator itself won’t run anything. You have to add one of its Plugins behind it. In this post I’ll show you how to use …

Read more

Windows Virtual Desktop (WVD) Azure Monitor Workbook

Today I’ve got another Azure Monitor Workbook, this time for Windows Virtual Desktop (WVD). This workbook uses exclusively Log Analytics data IaaS data, so it will work with both WVD 1.0 and 2.0. Though there are some nice logs available in the diagnostic settings for WVD 2.0. If this is your first time on my …

Read more