Getting insights into the resources we operate is a crucial part of understanding where we need to improve and what works well. In reality, the insights and telemetry we gather exist in various regions and datacenters. Data sits in multiple subscriptions and different resource groups - even the same application can have numerous Application Insights instances, depending on what type of data and how much we collect. When I want to aggregate and query the logs from various Application Insights instances, I can use KQL in the log query. For example, a distributed set of applications report telemetry in different…
All posts in Log Analytics
Directly related to Log Analytics and sending entities from C#, I have previously talked about Building Custom Data Collectors for Azure Log Analytics and Log custom application security events in Azure Log Analytics which are ingested and used in Azure Sentinel. I created the LogAnalytics.Client project on GitHub, and recently published a NuGet for anyone to consume. Simply put: It's an easy way to send logs from your applications to Azure Log Analytics. It abstracts away the boring bits, leaving us with a client that accepts any entity (object) with valid properties. A contributing reason why I initially built…
In this post I'm sharing a tip about how you can remove the Azure Sentinel service, but keep your ingested data in Log Analytics so you can actually keep working with the data for reports and auditing reasons.
A powerful capability of the Azure Sentinel service is that you can ingest data from a wide variety of sources. Using Connectors, you can even ingest data from other places than Azure, and you can get a more complete picture of your security posture across services in your technological landscape. In a previous post I talked about how to ingest Office 365 logs into your Azure Sentinel dashboards. In this post, I'm talking about how we can build our own Azure Log Analytics Data Collector API application to send custom logs to your Log Analytics workspace - and since I'm…
Learn how to send logs to Azure Log Analytics using C# with this simple helper wrapper.
UPDATE AUTUMN 2018: Microsoft recently released a Preview of Azure Monitor integration with AKS. Read more about how to enable it here: GHOST_URL/enable-monitoring-with-azure-monitor-log-analytics-for-aks/ OBSOLETE: Please note, as the previous comment and link above suggest, the information here is now obsolete since it was written during the Preview of AKS. Please use the link above to navigate to the simplified, and updated, information about how to get this running! One of the things I've noticed many times over the last year working with different orchestrators, distributed cloud platforms and container systems is that without proper monitoring and logging, you'll…