Extracting Nested Fields in Kusto 2.0

What a difference 3 years makes. Since my last Extracting nested fields post, I’ve learned a lot and thought it might be time to provide a new post with new examples and more ways to accomplish the same goal. Like the first version, but better! Operators, Functions & Dynamic Types, Oh my! There are a number …

Read more

Azure Monitor Alerts from Azure Resource Graph

In my previous post I talked about how we can now query Azure Resource Graph data with Log Analytics. The purpose of that addition was to be able to alert on Azure Resource Graph data with Azure Monitor Alerts. In this post I’ll show exactly what you need to be able to create alerts in …

Read more

Query Azure Resource Graph from Log Analytics

Have you ever wanted to filter resources in Log Analytics by resource tags? Or wanted to query Azure Resource Graph data with a broader set of KQL? Well, do I have some news for you. Now we can query Azure Resource Graph directly from Log Analytics. I was fortunate enough to be a small part …

Read more

Azure Policy Exemptions Added to Resource Graph

Have you tried to get data on exemptions in your environment? Only to find they’re not in Azure Resource Graph, like policies, assignments and their states. Previously you would have to queried the API, which is limited to querying one subscription at a time. Not exactly “cloud scale.” Sometime in the last few weeks “microsoft.authorization/policyexemptions” …

Read more

Find Full FSLogix Profiles

If you’re using Azure Virtual Desktop (AVD) or Citrix with FSLogix, your users profiles in FSLogix are pretty important to them and their overall experience using Virtual Desktop Infrastructure (VDI). If their profiles are full or almost full this can cause a whole host of issues, not the least of which possibly failing to login. …

Read more

Monitor Key Vault Certificates

Did you know we can now monitor and alert on Key Vault Certificates and their expiration? I’m sure you did, there’s post after post of people showing this with Event Grid. So what’s the point of my post then? Well dear reader if you’ve ever read any of my posts or know anything about me, I …

Read more

Azure Monitor Alert Workbook

Did you know there’s all sorts of data in Azure Resource Graph, specifically all your active Azure Monitor alerts and your Alert inventory? If not why didnt you read my last post? Anyway we have all this wonderful data, but not native built in reporting, in Azure Monitor like other monitoring tools like System Center …

Read more