MS Ai Insider

Exploring Ways to Collect Specific Event IDs from Internet-Based Machines with Azure Monitor Agent: Insights from Intune’s CSA Bindusar

Posted by

ailona

Bindusar, a CSA at Intune, discusses how to collect specific event IDs from internet-based client machines using Azure Monitor Agent. He explores several options, including running a local script on client machines and using “Send-OMSAPIIngestionFile” for uploading to Log Analytics Workspace.

Introducing Azure Monitor Agent: A New Way to Collect Event IDs

Microsoft is constantly innovating and enhancing its tech offerings. One such recent development is the Azure Monitor Agent, a tool designed to collect specific event IDs from internet-based client machines.

What’s New?

The Azure Monitor Agent offers a fresh approach to collecting logs from client machines. It allows for the collection of specific event IDs from internet-based client machines, either with Microsoft Entra ID or Hybrid Joined, and uploads them to Log Analytics Workspace for further use cases.

Major Updates

Previously, collecting logs required running a local script on client machines and then using “Send-OMSAPIIngestionFile” to upload the required information to Log Analytics Workspace. This method presented a significant challenge: allowing client machines to authenticate directly in Log Analytics Workspace.

“The biggest challenge with this API is to allow client machines to authenticate directly in Log Analytics Workspace.”

However, the Azure Monitor Agent simplifies this process, making it easier for tech-savvy users to collect and analyze data.

Why is it Important to Know?

Understanding how to use the Azure Monitor Agent is crucial for anyone working in the tech industry, especially those who regularly work with Microsoft’s suite of products. It’s a powerful tool that can significantly streamline the process of collecting and analyzing data, making it an essential skill for tech professionals.

“I have received multiple requests from customers asking to collect specific event IDs from internet-based client machines.”

With the Azure Monitor Agent, Microsoft continues to innovate and improve its offerings, making it easier for tech professionals to do their jobs effectively.

  • Bindusar is a CSA working with Intune.
  • He received multiple requests to collect specific event IDs from internet-based client machines.
  • One of the options discussed is running a local script on client machines.
  • Another option is using “Send-OMSAPIIngestionFile” to upload required information to Log Analytics Workspace.
  • Challenges include allowing client machines to authenticate directly in Log Analytics Workspace.

    • From the Core Infrastructure and Security Blog


    , , , , , , , , , , , , , , , , , , , ,

    ailona

    Follow Us

    [adinserter name=”Block 4″]

    Recent Posts

    Categories

    Tags

    365 and Azure build community copilot core developer enhanced exploring features for guide infrastructure insider Intune latest microsoft microsoft’s new power preview Security stories: Teams the unlock Windows with your