Azure Insights: Sentinel alerts; Kubernetes dashboard; Azure Stack storage; Functions alerts; DNS security; Azure AD Connect object scope

November 3 2019

Microsoft Azure pros share their insights on Azure Sentinel alerts, managing the Kubernetes Service dashboard, extending Azure Stack storage and more.

The ins and outs of Azure Sentinel alerts

In part 10 of his multi-part explanation of Azure alerts on Cloud Administrator in Azure World, Stanislav Zhelyazkov highlighted Azure Sentinel alerts. Because Sentinel is new, its API hasn't been publicly announced yet. Some resources do exist and for these Zhelyazkov recommends keeping them separate to enable an alert across multiple workspaces. Currently, there are four alert subtypes, including Fusion, Microsoft Security, machine learning behavioral analytics and scheduled, Kusto-based alerts.

Scheduled alerts have similarities to Log Analytics alerts, but have differently defined timing, frequency and severity and are tied to specific resources. Logic Apps is the only way to perform integrations and offers limited functionality.

Shutting off the Kubernetes Service dashboard

Richard Hooper, writing on Pixel Robots shared a way to disable the Azure Kubernetes Service dashboard with CLI. He shared a command, which for now only works with the in-preview extension. Users will need to alter the command with their resource group and AKS name. Running the command disables the dashboard, while a different similar command retrieves the dashboard. "I think this is a cool new feature that is coming to AKS. And can be a good way to help you manage kubernetes addons like the Azure monitoring agent," Hooper wrote.

Extending storage for Azure Stack

About MSDW Editorial Team

More about MSDW Editorial Team