Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyse large volumes of data across your enterprise. It makes it easy to collect security data across your entire hybrid organization from devices, users, apps or servers within the cloud or on-premise.

When linked into all of your domain controller's security logs, it offers simple and powerful queries using the Kusto Query Language to quickly find out events such as who deleted or disabled an active directory user account.

When trying to delete a file from within an Azure File Share that may has been mapped and also locked open you may get the following error when trying to delete the file:

"Failed to delete file path/name'. Error: The specified resource may be in use by an SMB client"
You will see this type of error on Storage v1 and v2 account types possibly in an FSLogix situation with the mapping of VHD and VHDX files. This article shows you how to utilise PowerShell to clear the lock.

When using Azure Sentinel as your security information and event manager (SIEM) platform, you do not always wanting to be having to check the incident dashboard for any incidents or have lots of emails clogging up your inbox.

Fortunately you can now configure a Sentinel Playbook which utilises a Logic App to trigger an alert into a Microsoft Teams channel of your choice.

A simple and costly mistake which can often catch Azure administrators out is the 2 states a VM can be in when powered off, it will either be in a costly Stopped state or Stopped (deallocated) state, the difference is that when a VM is shutdown using the normal operating system method it goes into a Stopped state but although shut down the resources are still allocated to it and therefore the full costs are incurred as if the VM was powered on.

Learn how to initiate a shut down and deallocate from within the guest operating system using a system-assigned managed identity.

A simple and costly mistake which can often catch Azure administrators out is the 2 states a VM can be in when powered off, it will either be in a costly Stopped state or Stopped (deallocated) state, the difference is that when a VM is shutdown using the normal operating system method it goes into a Stopped state but although shut down the resources are still allocated to it and therefore the full costs are incurred as if the VM was powered on.

This guide shows you how to initiate a shutdown and deallocate from within the guest operating system using App registration along with a service principal object.

Learn how to connect to Office365 on port 587 and send a test email using Powershell.

Multi-cloud architectures are an ever-increasing common design in the IT world and there will likely become a point when you want to setup a fast-direct resilient VPN connection between your public cloud providers such as Azure and AWS.

This article shows you how to configure a site to site VPN between AWS and Azure utilising the Internet Key Exchange version 2 (IKEv2) for the tunnel setup.

Azure load balancers act as a highly available single point of contact that evenly distributes traffic to hosts in a backend pool, they can be utilised with health probes to ensure layer 4 traffic (TCP/UDP) is consistently and evenly distributed to healthy VM's.

This article shows you how to build an Azure load balancer then configure Network Address Translation (NAT) and Port Address Translation (PAT) rules for SSH traffic through for support or monitoring purposes, then lock it down through a network security group. This can easily be adapted for many other types of traffic.

Cloud costs can easily spiral out of control with simple administrative mistakes with temporary VM's being left on, misunderstanding storage costs, over provisioning and many more which can present serious problems when the Azure billing is invoiced. Azure budgets can be easily utilised at a subscription level to bring an element of cost control to your Azure estate, they can be scoped so they can be based on subscription, resource groups or a collection of resources and can be configured to trigger numerous types of alerts so you can address a small issue before it becomes a large issue with financial consequences.

This article shows you how to look at your monthly projected forecast, set a budget then setup a trigger to send an email based on a percentage of the budget.