Log Analytics

Understanding Azure Log Analytics query auditing Members Public

In this post, I will talk about Azure Log Analytics and query auditing capabilities. I may cover the use cases in an article later, expanding on why this functionality matters. There are many common use cases in legislation, regulatory compliance, and monitoring, but that's for another time. Here's what to

Tobias Zimmergren
Tobias Zimmergren
AzureLog AnalyticsAzure Monitor

Deep-linking Azure Log Analytics and Application Insights queries Members Public

For a while, I've wanted to craft deep links (direct links) to queries in Azure Monitor. Either directly to Log Analytics workspaces or to Application Insights resources I have. I have plenty of use cases for this, but most notably is the fact that we want to easily share queries

Tobias Zimmergren
Tobias Zimmergren
AzureLog AnalyticsApplication Insights

Visualize Log Analytics data ingestion using Microsoft Sentinel Members Public

With Microsoft's built-in workbook template in Azure Sentinel, named "Data collection health monitoring", we can visualize the data ingestion and quickly understand our workspaces and the data we have.

Tobias Zimmergren
Tobias Zimmergren
AzureLog AnalyticsAzure Sentinel

Querying data from multiple Application Insights instances Members Public

Getting insights into the resources we operate is a crucial part of understanding where we need to improve and what works well. In reality, the insights and telemetry we gather exist in various regions and datacenters. Data sits in multiple subscriptions and different resource groups - even the same application

Tobias Zimmergren
Tobias Zimmergren
AzureApplication InsightsLog Analytics

Introducing the LogAnalytics.Client NuGet for .NET Core Members Public

Directly related to Log Analytics and sending entities from C#, I have previously talked about Building Custom Data Collectors for Azure Log Analytics and Log custom application security events in Azure Log Analytics which are ingested and used in Azure Sentinel. I created the LogAnalytics.Client project on GitHub, and

Tobias Zimmergren
Tobias Zimmergren
AzureLog AnalyticsNuGet

Deleting Microsoft Sentinel but keep the ingested data Members Public

In this post I'm sharing a tip about how you can remove the Azure Sentinel service, but keep your ingested data in Log Analytics so you can actually keep working with the data for reports and auditing reasons.

Tobias Zimmergren
Tobias Zimmergren
AzureSecurityLog Analytics

Log custom application security events in Azure Log Analytics which are ingested and used in Microsoft Sentinel Members Public

A powerful capability of the Azure Sentinel service is that you can ingest data from a wide variety of sources. Using Connectors, you can even ingest data from other places than Azure, and you can get a more complete picture of your security posture across services in your technological landscape.

Tobias Zimmergren
Tobias Zimmergren
AzureSecurityLog Analytics

Building custom Data Collectors for Azure Log Analytics in C# Members Public

Learn how to send logs to Azure Log Analytics using C# with this simple helper wrapper.

Tobias Zimmergren
Tobias Zimmergren
AzureLog Analytics.NET
Page 1 of 2 Next

Hi, I'm Tobias 👋

Tobias Zimmergren profile picture

Find out more about me.

Recent comments

Recommended books!

Prepare for the AZ-500 exam!
Exam Ref AZ-500 Microsoft Azure Security Technologies
Azure Security Handbook!
Azure Security Handbook: A Comprehensive Guide for Defending Your Enterprise Environment
Prepare for the SC-900 exam!
Exam Ref SC-900 Microsoft Security, Compliance, and Identity Fundamentals