Log custom application security events in Azure Log Analytics which are ingested and used in Azure Sentinel

Log custom application security events in Azure Log Analytics which are ingested and used in Azure Sentinel

A powerful capability of the Azure Sentinel service is that you can ingest data from a wide variety of sources. Using Connectors, you can even ingest data from other places than Azure, and you can get a more complete picture of your security posture across services in your technological landscape. In a previous post I talked about how to ingest Office 365 logs into your Azure Sentinel dashboards. In this post, I'm talking about how we can build our own Azure Log Analytics Data Collector API application to send custom logs to your Log Analytics workspace - and since I'm…

Read More

Monitoring your Kubernetes cluster running on Azure Container Service (AKS) using Log Analytics

Monitoring your Kubernetes cluster running on Azure Container Service (AKS) using Log Analytics

UPDATE AUTUMN 2018: Microsoft recently released a Preview of Azure Monitor integration with AKS. Read more about how to enable it here: https://zimmergren.net/enable-monitoring-with-azure-monitor-log-analytics-for-aks/ OBSOLETE: Please note, as the previous comment and link above suggest, the information here is now obsolete since it was written during the Preview of AKS. Please use the link above to navigate to the simplified, and updated, information about how to get this running! One of the things I've noticed many times over the last year working with different orchestrators, distributed cloud platforms and container systems is that without proper monitoring and logging,…

Read More