Cloud Security and Architecture: Microsoft Holistic Security, Azure Security, Microsoft Sentinel, Defender for Cloud
update-ama.ps1 is a PowerShell script you can use to update the Azure Monitor Agent on Azure Virtual Machines and Azure Arc Machines. The script will handle both Linux and Windows servers with the below features. I have also written a universal extension upgrade script that can be used to upgrade any extension: update-extension.ps1 Usage – Azure … Read more
Currently today you can ingest Windows Security Events to Microsoft Sentinel using the Windows Security Events via AMA data connector. This data connector will send events directly to the SecurityEvent table. When it comes to Windows event log collection its fairly important that events generally land in the SecurityEvent table. Most of the out of … Read more