Exchange Online & Splunk – Automating the solution

13th of November, 2017 / / No Comments

NOTES FROM THE FIELD:

I have recently been consulting on, what I think is a pretty cool engagement to integrate some Office365 mailbox data into the Splunk reporting platform.
I initially thought about using a .csv export methodology however through trial & error (more error than trial if I’m being honest), and realising that this method still required some manual interaction, I decided to embark on finding a fully automated solution.
The final solution comprises the below components:

  • Splunk HTTP event collector
    • Splunk hostname
    • Token from HTTP event collector config page
  • Azure automation account
    • Azure Run As Account
    • Azure Runbook
    • Exchange Online credentials (registered to Azure automation account

I’m not going to run through the creation of the automation account, or required credentials as these had already been created, however there is a great guide to configuring the solution I have used for this customer at  https://www.splunk.com/blog/2017/10/05/splunking-microsoft-cloud-data-part-3.html[Keep reading] “Exchange Online & Splunk – Automating the solution”

'Generic' LDAP Connector for Azure AD Connect

3rd of November, 2017 / / 7 Comments

I’m working for a large corporate who has a large user account store in Oracle Unified Directory (LDAP).   They want to use these existing accounts and synchronise them to Azure Active Directory for Azure application services (such as future Office 365 services).
Microsoft state here that Azure Active Directory Connect (AAD Connect) will, in a ‘Future Release’ version, provide native LDAP support (“Connect to single on-premises LDAP directory”), so timing wise I’m in a tricky position – do I guide my customer to attempt to use the current version? … [Keep reading] “'Generic' LDAP Connector for Azure AD Connect”

Automatically Provision Azure AD B2B Guest Accounts

19th of September, 2017 / / 4 Comments

Azure ‘Business to Business’ (or the catchy acronym ‘B2B’) has been an area of significant development in the last 12 months when it comes to providing access to Azure based applications and services to identities outside an organisation’s tenancy.
Recently, Ryan Murphy (who has contributed to this blog) and I have been tasked to provide an identity based architecture to share Dynamics 365 services within a large organisation, but across two ‘internal’ Azure AD tenancies.
Dynamics 365 takes its identity store from Azure AD; if you’re assigned a license for Dynamics 365 in the Azure Portal, including in a ‘B2B’ scenario, you’re granted access to the Dynamics 365 application (as outlined here).  … [Keep reading] “Automatically Provision Azure AD B2B Guest Accounts”

Ok Google Email me the status of all vms – Part 2

10th of September, 2017 / / No Comments

First published at https://nivleshc.wordpress.com
In my last blog, we configured the backend systems necessary for accomplishing the task of asking Google Home “OK Google Email me the status of all vms” and it sending us an email to that effect. If you haven’t finished doing that, please refer back to my last blog and get that done before continuing.
In this blog, we will configure Google Home.
Google Home uses Google Assistant to do all the smarts.… [Keep reading] “Ok Google Email me the status of all vms – Part 2”

Ok Google Email me the status of all vms – Part 1

10th of September, 2017 / / No Comments

First published at https://nivleshc.wordpress.com
Technology is evolving at a breathtaking pace. For instance, the phone in your pocket has more grunt than the desktop computers of 10 years ago!
One of the upcoming areas in Computing Science is Artificial Intelligence. What seemed science fiction in the days of Isaac Asimov, when he penned I, Robot seems closer to reality now.
Lately the market is popping up with virtual assistants from the likes of Apple, Amazon and Google.… [Keep reading] “Ok Google Email me the status of all vms – Part 1”

Monitoring Azure Storage Queues with Application Insights and Azure Monitor

7th of September, 2017 / / 9 Comments

Azure Queues provides an easy queuing system for cloud-based applications. Queues allow for loose coupling between application components, and applications that use queues can take advantage of features like peek-locking and multiple retry attempts to enable application resiliency and high availability. Additionally, when Azure Queues are used with Azure Functions or Azure WebJobs, the built-in poison queue support allows for messages that repeatedly fail processing attempts to be moved to a dedicated queue for later inspection.… [Keep reading] “Monitoring Azure Storage Queues with Application Insights and Azure Monitor”

Static Security Analysis of Container Images with CoreOS Clair

21st of August, 2017 / / No Comments

Container security is (or should be) a concern to anyone running software on Docker Containers. Gone are the days when running random Images found on the internet was common place. Security guides for Containers are common now: examples from Microsoft and others can be found easily online.
The two leading Container Orchestrators also offer their own security guides: Kubernetes Security Best Practices and Docker security.

Container Image Origin

One of the single biggest factors in Container security is determined by the origin of container Images:

  1. It is recommended to run your own private Registry to distribute Images
  2. It is recommended to scan these Images against known vulnerabilities.
[Keep reading] “Static Security Analysis of Container Images with CoreOS Clair”