Automating the Transition to Log Ingestion API & Data Collection Rules for your Logs in LogAnalytics

 
English Intermediate Other

This session will give you deep insight to master the transition to the new DCR-formatted Logs and Log Ingestion API in Azure LogAnalytics – so you are ready to deal with the deprecation of MMA and HTTP Log Collector API. You will learn how to automate Data Collection Rules, Data Collection Endpoint, Tables – and handle the challenges with the schema. You will learn about new Powershell functions, which can help you master the automation tasks – developed by the speaker. We will also talk about ways to transform your data as a key new feature. You will see lots of demos - including how to create and update LogAnalytics tables + DCRs based upon any source data structure; how to deal with prohibited column names, transformKql - and how to modify existing DCR and table, when source schema changes.

Speaker

Morten Knudsen

Microsoft MVP Security & Azure Hybrid MVP, MCT, Cloud & Security Architect

Morten is Microsoft MVP Security & Azure Hybrid MVP, MCT and holds +20 active certifications. As a Cloud & Security Architect, he is very passionate about Azure Infrastructure, M365, Automation, Security, Hybrid Cloud - and blogs about these topics on mortenknudsen.net. He loves to travel with his family and is a PADI Dive Master & PADI Master Scuba Diver.

Code of Conduct

We seek to provide a respectful, friendly, professional experience for everyone, regardless of gender, sexual orientation, physical appearance, disability, age, race or religion. We do not tolerate any behavior that is harassing or degrading to any individual, in any form. The Code of Conduct will be enforced.

Who does this Code of Conduct apply to?

All live stream organizers using the Global Azure brand and Global Azure speakers are responsible for knowing and abiding by these standards. Each speaker who wishes to submit through our Call for Presentations needs to read and accept the Code of Conduct. We encourage every organizer and attendee to assist in creating a welcoming and safe environment. Live stream organizers are required to inform and enforce the Code of Conduct if they accept community content to their stream.

Where can I get help?

If you are being harassed, notice that someone else is being harassed, or have any other concerns, report it. Please report any concerns, suspicious or disruptive activity or behavior directly to any of the live stream organizers, or directly to the Global Azure admins at team@globalazure.net. All reports to the Global admin team will remain confidential.

Code of Conduct for local live streams

We expect local organizers to set up and enforce a Code of Conduct for all Global Azure live stream.

A good template can be found at https://confcodeofconduct.com/, including internationalized versions at https://github.com/confcodeofconduct/confcodeofconduct.com. An excellent version of a Code of Conduct, not a template, is built by the DDD Europe conference at https://dddeurope.com/2020/coc/.