![a close up of a logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/08/UK-Hybrid-Cloud-Team-Black-300x169.webp)
Tag: Hybrid Cloud
Explore:
![a close up of a logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/08/UK-Hybrid-Cloud-Team-Black-300x169.webp)
![Hybrid Cloud logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/07/UK-Hybrid-Cloud-Team-Blue-300x169.webp)
Using Azure Security Center Secure Score – changing your posture
This post is mainly to remind me where to find this feature, hopefully it will help you as well. This will help you fine tune the recommendations that Azure Security Center gives you. https://techcommunity.microsoft.![a close up of a logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/07/UK-Hybrid-Cloud-Team-Grey-300x169.webp)
Azure Log Analytics: Looking at data and costs
At some stage, you either need to add a new set of data to Log Analytics or even look at your usage and costs. Originally you looked at the Usage table for this data: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/log-standard-properties https://docs.microsoft.![a close up of a logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/08/UK-Hybrid-Cloud-Team-Black-300x169.webp)
Azure Log Analytics: Cross Workspace Query
This was announced at Ignite last week, see here https://azure.microsoft.com/en-us/blog/query-across-resources/ which I missed at the time. Adding the ‘withsource=SourceTable’ I have found to be really useful to see where the data was found. If the returned SourceTable is just “SecurityEvent” as per this example its from your local workspace, if its workspace(”).![Hybrid Cloud logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/07/UK-Hybrid-Cloud-Team-Blue-300x169.webp)
Azure Log Analytics: Dynamic Arrays
In my first post on parsing we looked for Eventlog data and parsed the info to get User names from with data in the Event log. Sometimes we want to work with a list of values such as User or Computer names and look for these in the data.![a close up of a logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/07/UK-Hybrid-Cloud-Team-Grey-300x169.webp)
Azure Log Analytics: Sorting Events
Jon (who also works at Microsoft) was asking me how to use an ‘or’ to filter EventIDs, I thought I’d add some syntax examples. We have seen in the last post that you can get Event or SecurityEvent details. I’ll use SecurityEvents as the example but you can use Events if you prefer.![a close up of a logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/08/UK-Hybrid-Cloud-Team-Black-300x169.webp)
Azure Log Analytics: Using Perfmon data
Updated: As last night the Settings moved to the Azure portal Today I was looking at Perfmon data for a particular process. In this case it happened to be lsass.exe but only on Domain Controllers.![Hybrid Cloud logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/07/UK-Hybrid-Cloud-Team-Blue-300x169.webp)
Azure Log Analytics: Using the Parse operator
Updated: to include some screenshots (as thus wasn’t working the other day) Today I had to look at getting some data from SecurityEvent. This is using the new Log Analytics query language and the Advanced Analytics portal. I was looking at EventID: 5061, but you can use any EventID you like, e.g.![a close up of a logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/07/UK-Hybrid-Cloud-Team-Grey-300x169.webp)
Do you use Facebook, and are you interested in OMS
…then this group is for you https://www.facebook.![a close up of a logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/08/UK-Hybrid-Cloud-Team-Black-300x169.webp)
Have you have upgraded to the new OMS Query language?
This new language and features was announced here https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-log-search-upgrade The new documents and samples can be found at https://docs.microsoft.com/en-gb/azure/log-analytics/log-analytics-log-search-new and https://docs.loganalytics.![Hybrid Cloud logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/07/UK-Hybrid-Cloud-Team-Blue-300x169.webp)
Log Analytics Syntax post series: #4 : WireData
One of the most interesting set of syntax has been the use of WireData, I’m not really a networking person but they way you can visualise and assess the data is very useful. For all of these replace aDomainName.co.![a close up of a logo](https://www.microsoft.com/en-gb/industry/blog/wp-content/uploads/sites/22/2017/07/UK-Hybrid-Cloud-Team-Grey-300x169.webp)