Previously I showed you how you can use Bicep to deploy Log Analytics, App Insights, Azure Sentinel, Azure Monitor for VMs, Azure Monitor for Containers. As well as linked Automation Accounts for Change Tracking and Update Management. This week I have several Bicep templates for you. Data collection for Log Analytics, as well as saved …
When deploying resources to Azure, you have several options, the Azure Portal, PowerShell, Azure Resource Management (ARM) Templates, and now we have Bicep templates. In this post I’ll share a Bicep template I’ve made to help you deploy Log Analytics, the backbone of Azure Monitor, Sentinel and Security Center. For the operations monitoring Application Insights, …
You already know summarize in Kusto is pretty magical right? Well if not I’ll be going over some of its awesome sauce. In addition this post is going to talk about make-series and how it compares to summarize and when you might want to use each. Per the usual, my examples will be in Log …
The evaluate operator is fantastic tool in your Kusto tool belt. So much so that I have requested several times that it get added to Azure Resource Graph. However, the Evaluate Operator itself won’t run anything. You have to add one of its Plugins behind it. In this post I’ll show you how to use …
Today I’ve got another Azure Monitor Workbook, this time for Windows Virtual Desktop (WVD). This workbook uses exclusively Log Analytics data IaaS data, so it will work with both WVD 1.0 and 2.0. Though there are some nice logs available in the diagnostic settings for WVD 2.0. If this is your first time on my …
In my previous post I showed you how to collect and parse the FSLogix event log with Log Analytics. In this post I will show you how to use that event log to calculate WVD profile load time. Calculating logon time is one of those things that can provide value into our users experience. And …
I’ve been doing more and more with Windows Virtual Desktop (WVD) lately. From building custom images with Azure Image Builder and putting custom software on it. But as always I come back to monitoring. In trying to create some KPIs for the environment, we decided we wanted to collect the FSLogix Event log. Collect FSLogix …