Some AVD Query
in Uncategorized
let Connections =WVDConnections| project TimeGenerated, CorrelationId, UserName, ClientOS, ClientType, ClientVersion,SessionHostName, TransportType, GatewayRegion, State, ClientIPAddress; let Errors =WVDErrors| project CorrelationId, ErrorTime = TimeGenerated, Code, Message| summarize arg_max(ErrorTime, *) by CorrelationId; let Network =WVDConnectionNetworkData| project CorrelationId, NetTime = TimeGenerated,RTTms = EstRoundTripTimeInMs,BandwidthKBps = EstAvailableBandwidthKBps,PacketLossPct = EstPacketLossPercentage| summarize arg_max(NetTime, *) by CorrelationId; let Graphics =WVDConnectionGraphicsDataPreview| project CorrelationId, GfxTime =
Continue reading
Create Log Analytic Table
in Uncategorized
$tableParams = @’{“properties”: {“schema”: {“name”: “Postgress_Port_Monitor_CL”,“columns”: [{“name”: “TimeGenerated”,“type”: “DateTime”},{“name”: “RawData”,“type”: “String”}]}}}‘@ Invoke-AzRestMethod -Path “/subscriptions/<<ID>>/resourceGroups/ID>>/providers/Microsoft.OperationalInsights/workspaces/<<ID>>/tables/Postgress_Port_Monitor_CL?api-version=2021-12-01-preview” -Method PUT -payload $tableParams
Continue reading
Clean AMA Linux
in Uncategorized
Still to be verified 1) Uninisntall agent2) Remove from data colector Rule 3)On system: sudo systemctl stop azuremonitoragentsudo yum remove azuremonitor-agent -ysudo yum remove azuremonitor -ysudo rm -rf /var/opt/microsoft/azuremonitoragentsudo rm -rf /etc/opt/microsoft/azuremonitoragentsudo rm -rf /var/log/azuremonitorsudo rm -rf /opt/microsoft/azuremonitoragentsudo rm -rf /var/lib/waagent/AzureMonitorLinuxAgentsudo rm -rf /var/lib/waagent/AzureMonitorAgent 4) check if still proxy is presenttail -f /var/opt/microsoft/azuremonitoragent/log/mdsd.info Remove proxy
Continue reading
Clean AMA Agent
in Uncategorized
1) Remove Server from Data collector Rule2) Uninstall Extension 3) Delete : C:\WindowsAzure\Logs\Plugins\Microsoft.Azure.Monitor.AzureMonitorWindowsAgentC:\ProgramData\AzureConnectedMachineAgent\ .confC:\WindowsAzure\Resources\AMADataStore.xxxx 4) Remove Keys:Remove-Item -Recurse -Force “HKLM:\SOFTWARE\Microsoft\AzureMonitorAgent” -ErrorAction SilentlyContinueRemove-Item -Recurse -Force “HKLM:\SOFTWARE\Microsoft\Windows Azure\CurrentVersion\AzureMonitorAgentExtension” -ErrorAction SilentlyContinue 5) Add Server to Data Collector Rule
Continue reading
CPU usage for last month
in Uncategorized
This provides min max and average
Continue reading
Memory usage in MB and % for Azure VM
in Uncategorized
This has a workaround in case you do not have Insight
Continue reading
List All file Share and backup information
in Uncategorized
This PowerShell script is written to connect to Azure, loop through all subscriptions under a specific tenant, and for each storage account in each subscription, list each File Share and information about backup for each of them.
Continue reading
List Containers
in Uncategorized
This PowerShell script is written to connect to Azure, loop through all subscriptions under a specific tenant, and for each storage account in each subscription, list each unique container.
Continue reading
Resource Graph and Log Analytics Join
in Uncategorized
This query correlates Azure Virtual Machines (VMs) with their security protection status, focusing on VMs with a ProtectionStatusRank of 450 (indicating a potential security concern). Key Steps: Purpose: This query helps in identifying security-vulnerable VMs while ensuring only actively monitored resources are included. 🚀
Continue reading
Query Azure Firewall for Traffic
in Uncategorized
This Kusto Query Language (KQL) script is designed to analyze network traffic logs stored in AzureDiagnostics and extract details about connections to a specific destination. Script Breakdown
Continue reading