Log custom application security events in Azure Log Analytics which are ingested and used in Azure Sentinel

Log custom application security events in Azure Log Analytics which are ingested and used in Azure Sentinel

A powerful capability of the Azure Sentinel service is that you can ingest data from a wide variety of sources. Using Connectors, you can even ingest data from other places than Azure, and you can get a more complete picture of your security posture across services in your technological landscape. In a previous post I talked about how to ingest Office 365 logs into your Azure Sentinel dashboards. In this post, I'm talking about how we can build our own Azure Log Analytics Data Collector API application to send custom logs to your Log Analytics workspace - and since I'm…

Read More

Retrieve logs from Application Insights programmatically with .NET Core (C#)

Retrieve logs from Application Insights programmatically with .NET Core (C#)

When working with Azure's Application Insights, there's some times where I would've wanted to quickly and programmatically export specific events, search the logs or otherwise pull some data out based on dynamic metrics of applications or monitoring solutions I've set up. In this post we'll take a look at how easy it is to use the Microsoft.Azure.ApplicationInsights NuGet package to utilize .NET Core to retrieve data programmatically from Application Insights. For example, in the Azure Portal I can easily see my Application Insights data on demand and search and filter my logs in the intuitive and simplified UI:…

Read More

Azure Container Instances (ACI) and Secrets - Using Secure Environment Variables

Azure Container Instances (ACI) and Secrets - Using Secure Environment Variables

In this post I'm talking about how you can use something called secureValue, or secure environment variables, with your Azure Container Instance. Given the sensitive nature of some data you put into the variables, it is a good idea to understand different ways to protect some of that data - with secure environment variables you can hide the values from the UI and API calls to the ACI, and from the Azure Portal. BackgroundRunning your applications in the cloud has become increasingly popular. Migrating your .NET applications to .NET Core and hosting them as Docker images in the cloud is…

Read More