Collect, analyze, and act on telemetry data from your Azure and on-premises environments.
Azure Monitor helps you maximize performance and availability of your applications and proactively identify problems in seconds.
- Azure Monitoring Overview
- Azure Monitor
- Azure Advisor
- Activity Log
- Alerts and Metrics
- LAB: Azure Monitor
Azure Log Analytics
Azure Log Analytics collects logging and monitoring data across a wide variety of resources and platforms. Data is stored in a log analytics workspace where
it can be queried.
- Log Analytics Overview
- Creating a Log Analytics Workspace
- Log Analytics Agents for Windows and Linux
- Collecting Data
- LAB: Azure Log Analytics
Kusto Query Language
A Kusto query is a read-only request to process data and return results.
The request is stated in plain text, using a data-flow model designed to make the syntax easy to read, author, and automate.
The query uses schema entities that are organized in a hierarchy similar to SQL's: databases, tables, and columns.
- Kusto Query Language
- Writing Basic Log Queries
- Filter Data
- Aggregate Data
- Using Variables
- Joining Multiple Tables in a Single Query
- LAB: Kusto Query Language
Azure Defender provides unified security management and advanced threat protection across hybrid cloud workloads.
With Azure Defender, you can apply security policies across your workloads, limit your exposure to threats, and detect and respond to attacks.
- Azure Security Center
- Configure Security Policies
- Protect Your Resources
- Respond to Incidents
- Just in Time VM Access
- Adaptive Application Controls
- File Integrity Monitor
- Adaptive Network Hardening
- Azure Secure Score
- LAB: Azure Defender
Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution.
Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.
- Azure Sentinel Overview
- Azure Sentinel Connectors
- Azure Sentinel Workbooks
- Alert and Incident Management
- Security Automation and Orchestration
- Threat Hunting
- LAB: Azure Sentinel
It departments have to manage lots of different services and applications, hosted on-premises or in a cloud infrastructure. Following up on what is going on in your
organization can become quite cumbersome. Azure provides various tools that can help you to accomplish this task.
The platform contains different monitoring tools, such as Azure Monitor, alerts and metrics to provide insights in your resources. The Log Analytics service collects all kinds
of logging data in one central place. This data can be queried using a new, rich query language called Kusto.
Collecting and analyzing security data is another important aspect of the It professional's job. Services like Azure Defender and Azure Sentinel can be a huge help in
keeping the oversight on what is going on in the organization. They also help you to investigate suspicious activities and remediate incidents that have occurred.
This course is intended for IT professional specialists responsible for analyzing and securing the cloud IT environment.