Posts

Showing posts with the label User Audit

Top 10 Azure Policy

Enforce like pattern for naming conventions Allowed region locations Allowed resource types Enforce a naming policy on Office 365 groups in Azure Active Directory Audit Key Vault vaults with no virtual network endpoints Audit diagnostic setting Use approved subnet for VM network interfaces Use approved vNet for VM network interfaces No network peering to Express Route network Allowed application gateway SKU

Monitoring User Activities

With the maturity of cloud, usages of the Cloud Computing is rocketing as they are offering enrich services at affordable price. It's normal that an organization having multiple subscriptions and multiple users' managing it. Azure logs every user's activities that are performed against its resources including the action performed by pre-defined code using Runbook. What so ever the error collection domain the Microsoft gives, I prefer to group this into two. Logs auto-generated by System/Application or User Activates Log, which will trigger the previous logs. In this blog, I will discuss how user activities can be traced down to the various events so that anomalies (defined by the organizational norms) can be detected. User Login User's identity could be cloud only, federated or hybrid. Depending on their identity model, Azure Active directory will handle the authentication or will forward to the identity handler. For example, if ADFS is in place, then it will re