I will be the first one to admit I am not an expert at Logic Apps, but I love a challenge. I was exploring how to get notifications out of Defender for Cloud recommendations sent to me via email. I am going to make this multiple post, so it is not so long. In this… Read more

I needed to pull some information from the Azure Activity Table for a Sentinel Report. The issue that I came across was the SubscriptionID are in the logs, but the display name is not. Here is a quick solution to show you both the SubscriptionID and Subscription Name. Enough of that, let’s get into this.… Read more

In this article I am going to walk you though how to do XPath queries to be used to ingest Windows Security Events into Sentinel First step is to open up event viewer, honestly on any windows machine it will work. In this example we are going to gather Logon and Logoff events Click on… Read more

In my previous articles I have demonstrated how to enable Azure Arc for on premises machines, put the Azure Monitoring Agent on those machines. For my last article in this series, I will be setting up the Security Events to flow into Sentinel using Data Collection Rules. Enough of that, let’s get into this. Before… Read more

Today’s article I will detail out how to install the Azure Monitoring Agent (AMA) on Azure Arc Enabled VM’s. I will state for the record there are a couple of methods in order to accomplish this goal. One is to use a Powershell script and also using Azure Policies. I will focus on the script… Read more

Today we are going to cover how to view an individual tables data retention. I am not the first to write about this, but this is my take on things. I will also be referring to other sites to pull information from and also acknowledge those sites. There are many use cases for this, but… Read more

In this post I will walk you through the steps to on-boarding on-prem Windows server to Azure. What is Azure Arc you may ask? Here is an article to describe it best. In short it enables you to bring on-prem or Windows VM’s hosted in other cloud environments into Azure for management. That is very… Read more

I was currently working in my lab and in Sentinel. I was looking over my current workspace usage and noticed that Azure Diagnostic was my top ingestion and I wanted to remove the data connector to stop the ingestion. The specific data connector that was enabled to cause this situation was the Network Security Groups.… Read more

Today we are going to cover how to change an individual tables data retention. I am not the first to write about this, but this is my take on things. I will also be referring to other sites to pull information from and also acknowledge those sites. There are a couple of methods ARM and… Read more

The following post will not be the most comprehensive but I wanted to share setting up a basic Azure Lighthouse and accessing another instance of Microsoft Sentinel. Azure Lighthouse is intended for MSP providers or any company that might have multiple instances Microsoft Sentinel that they would like to access. If you would like to… Read more

Have you ever used the feature Azure Bastion to access a VM? Have you ever needed to grant someone access to Bastion but want to limit their access? In this post I will show you how to set the minimum access. Enough of that, lets get into it! In this scenario I have created a… Read more

Imaging Made Simple – My Final Thoughts MDT is a great tool that you can do many things with it besides what I have demonstrated to you. This is a very basic setup. You can deploy applications with it. You can set it up to be an application installer for your desktops if you want.… Read more

Imaging Made Simple – Tie it all together We are now at a point where we can get imaging working but before we do we need to do some house cleaning. Open up the deployment workbench and, right click and click properties Click on the rules tab and we need to do some work here… Read more

Imaging Made Simple – WDS Setup Now we need enable the WDS role. You will add the role in Server Manager. Click on Manage then Add Roles and Features Click Next Click Next Click Next Click on Windows Deployment Service Click on Add Features Click Next Click Next Click Next Click Install Click Close Once… Read more

Imaging Made Simple – Task Creation The next step is to create a Task. A task in short is what you will run to deploy the OS, Drivers and Packages. Right Click on Task Sequence and click New Task Sequence Fill in the Task Sequence ID and the Task Sequence Name. I usually name them… Read more

Imaging Made Simple – Drivers Couple of items we need to discuss. With MDT you can create profiles to auto inject drivers in order to do this you need to do some prep work. On a test machine you need the make and model of the device you do that by opening up a command… Read more

Imaging Made Easy Before we get started, its best to create a Service Account that can join a machine to the domain. I find it best this way then its not a Domain Admin but has security permissions on joining the domain The first thing you need to do is configure the CustomSettings.INI file Right… Read more

Imaging Made Simple In my previous post I detailed out how to enable WDS and install the ADK. In this article we are going to get MDT installed and configured First download and install MDT, Click Next Click Accept and then Click Next Accept the Defaults and Click Next Your, choice pick what ever and… Read more

Imaging Made Easy One of the many jobs of taking care of an enterprise environment is taking care of Windows devices. We have to either when its new or just needs a refresh have to re-image the device. The following article will detail out what you need in order to accomplish. MDT is a free… Read more

I was asked by one of my SE’s if Ansible could enable or disable a network port on a switch. My initial thought was, I don’t know, but knowing Ansible, yes it can. Enough of that, lets get into it. The module I ended up using was the IOS_intefaces module. The previous module was called… Read more

Ever need to create multiple users in Active Directory? Ever wished there was a better way than manual? I know there are Powershell scripts or even good old batch scripts that will do this but again, lets focus on one tool to rule them all, Ansible! Enough of that, lets get into it My thought… Read more

Still learning about Terraform and all the great ways it can help me do my job. I just reset my home lab and created my Linux VM template for CentOS. I went through the whole process to set it up as template and kicked off my Terraform file for a VM creation. It created the… Read more

If you have been using VMware long enough, templates are nothing new. When creating VM’s with tools like Terraform or Ansible there are a few few extra steps required in order to get it function correctly during the creation and customization process of a Linux VM. This post will work for both Terraform and Ansible… Read more

If you have not tried Terraform or have not heard of it, look it up. The product is made by the wonderful company called HashiCorp and they also have other programs that can make your life much easier in this new cloud world. Enough of that, lets get into it. Just make sure your box… Read more

Enhanced-Linked Mode enables you to view all your vCenters from one console. I wanted to document how to do this and how simple in 6.7 update 1 and how easy it is. My setup is pretty simple, I have 2 vcenters servers vcenter01.demo.lan and vcenter02.demo.lan. Both are in their own SSO domain called vsphere.local. Enough… Read more

Been working with Ansible for a little time now but needed to update my game. CentOS-8 was not much different to get Ansible running than on CentOS-7 with kerberos working but I could not find a complete guide that detailed out what all you need. I did add in some extra installs not needed but… Read more

I know the title sounds crazy but sometimes you might need to setup a demo environment in Ansible and so here is a quick way to setup Ansible or at least gets most of the way setup. This setup is for Centos7 and does include some extra packages not required for a basic Ansible setup,… Read more

I am currently setting up a new server 2019 in my home lab. I have done this what feels like a million times with older versions of Server and never had an issue. Went through as normal and did my updates, gave it static IP. I have it all setup and just want to change… Read more

One of my hardest things with learning linux is all the tools. VIM with Ansible is essential and the color coding is even more critical. The default enhanced version is sometimes hard to read. In this quick tutorial I will show you how to look at different color schema that you can make it permanent.… Read more

In my job I have many projects I do. One of them is setting up new VMware environments. Goal here is to configure a new esx\vcenter environment with Ansible. I was able to accomplish this with 2 playbooks and a group_vars file. Enough of that, lets get into it. The first playbook will configure DNS,… Read more

I always like to have logs to refer back to when it comes to most things I do. I have been trying to find ways to do this within Ansible and just could not find the solution that I wanted. I did some more research IE GOOGLE and finally found a very easy solution that… Read more

I am a big fan of Nano but trying to learn the best tool for editing files in linux. I am trying to use VI but found that on the CentOS minimal install it does not have highlighting enabled and does not work with basic VI. In order to get syntax highlighting to be enabled… Read more

I will never say that I am an expert. I have always said for everything I know, there is someone else that knows way more than I do. What I ever create is always pretty simple but it works. I like to use the KISS method and it has served me very well in my… Read more

Client Setup and First Playbook In order for Ansible to communicate with a windows device, the device must have some settings changed. The easiest way is to run a powershell script. This script has options you can set during execution, for this example I will run the script as is on my test machine. Run… Read more

Understanding File Structure and Files In order to get ansible to run you need playbooks. I have a basic setup and follow a very simple file structure. Here is what my structure looks like. If you installed from my blog then the some of these files and folders will be under /etc/ansible/ The first file… Read more

My Setup – Basic Install with Kerberos For this posting I will be using Centos 7 and no other additional packages installed other than basic Minimal install with no GUI. For the premise I am going to show you how to setup a control station to run commands against Windows clients joined to a domain.… Read more

Brief History of Me I have been in technology for over 20 years. I started off at a helpdesk and around that time I was told about a up and coming technology that would change the face of tech. That technology was LINUX. I will be the first one to admit that I am not… Read more

Setup Nested Nutanix CE with VMWare 6.7 Update 1 Note: This is a single node cluster The basic setup is this 4 Core CPU(minimal) Expose hardware assisted virtualization to the guest OS 16 Gigs of ram (Minimal CVM will take 12 gigs of that 16, can be adjusted)  VM Option > Advanced > Edit Configuration… Read more