Category Archives: Azure Log Analytics

HOWTO: Set the Retention Period for the Azure Log Analytics Workspace where you stream Azure AD logs to

When you stream Azure AD logs to an Azure Log Analytics workspace, you might just do it to get an alert to notify when an additional person is assigned the Azure AD Global Administrator role or when an Azure AD emergency access account is used. For these purposes, the default retention period for an Azure […]

0  

TODO: Stream additional logs from Azure AD for optimal visibility

Over the past six months, I’ve shown you ways to get to know the devices that people in your organization use App Passwords on, set an alert to notify when an additional person is assigned the Azure AD Global Administrator role and set an alert to notify when an Azure AD emergency access account is […]

0  

Getting to know the devices that people in your organization use App Passwords on

On this blog, and in several other places, I’ve shared my experiences with Azure Multi-Factor Authentication. In the early days of Azure MFA, a lot of organizations, a lot of client applications and a lot of 3rd party services were not able to perform multi-factor authentication. For these situations, Microsoft provided the App Passwords functionality. […]

1  

HOWTO: Set an alert to notify when an additional person is assigned the Azure AD Global Administrator role

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. User objects with the Global administrator role are the highest privileged objects in Azure AD and should be monitored.   The challenge with Global Admins Some organizations have opted for a Technical State […]

5  

Calculating your Azure Log Analytics bill when you stream your Azure AD logs to it

Azure Log Analytics is a superb product to store and query logs. When an organization streams the sign-in logs and audit logs from Azure Active Directory to an Azure Log Analytics workspace, however, the Azure Log Analytics bill might rake up. In the blogpost I’ll provide a way to effectively calculate the Azure Log Analytics […]

0  

HOWTO: Set an alert to notify when an Azure AD emergency access account is used

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. For administrative access at al times and under all circumstances, Microsoft recommends to create at least one emergency access account in Azure Active Directory when an organization has Azure AD Premium P1 and/or […]

2  

Getting Started with Azure Monitor Workbooks for Azure Active Directory

It’s time to take a look at the Azure Workbooks and get started with monitoring Azure Active Directory the new way. In the overview of What’s New in Azure Active Directory for August 2019, Microsoft announced the deprecation of the Azure AD Power BI content packs in favor of Azure Monitor Workbooks. Microsoft also made […]

0