

Morten Knudsen
Microsoft MVP Security & Azure Hybrid MVP, MCT, Cloud & Security Architect
Kolding, Denmark
Morten is Microsoft MVP Security & Azure Hybrid MVP, MCT and holds +20 active certifications. As a Cloud & Security Architect, he is very passionate about Azure Infrastructure, M365, Automation, Security, Hybrid Cloud - and blogs about these topics on mortenknudsen.net. He loves to travel with his family and is a PADI Dive Master & PADI Master Scuba Diver.
Links
Area of Expertise
Topics
Mastering Your Logging Ninja Skills with LogAnalytics v2
Are you prepared for the deprecation of Azure LogAnalytics (v1) with Microsoft Monitoring Agent and HTTP Data Collector API? If not, this session is designed to provide you with comprehensive insights on navigating the transition smoothly to DCR-formatted logs, Azure Monitor Agent, and Log Ingestion API (LogAnalytics v2).
Get ready to delve into understanding Data Collection Rules, the Data Collection Endpoint, Table management, and mastering schema management. Additionally, learn effective methods to transform your data to address cost optimizations or comply with regulatory requirements.
For those new to LogAnalytics, this session offers inspiration on how leveraging custom log data can provide significant value for desired state reporting, monitoring, and troubleshooting.
By the session's conclusion, you'll also have learned about a Powershell module, AzLogDcrIngestPS, which is recommended by Microsoft in the official Learn documentation and has surpassed 1 million downloads within its first year. During this session, you'll have the opportunity to hear from the module's creator, empowering you to become proficient in logging like a ninja.
Level 300-400.
Duration of 45-60 min.
Objectives:
1) Get everyone ready before deprecation of MMA and HTTP Log Collector API
2) Understand the pitfalls and how to navigate around this using the provided PS module and guides
3) Learn the power of Data Collection Rules including data transformation (cost, compliance, normalization)
Previous sessions (pictures):
https://mortenknudsen.net/?page_id=112
Unleash the Power of Azure Resource Graph
In this session, you'll gain profound insights into effectively querying the status of your Azure resources on a large scale, almost in real-time. This will encompass utilizing various tools such as the portal, Azure CLI, Powershell, .NET, Go, Java, JavaScript, Python, Ruby, and REST.
Expect an engaging demo-packed session that will showcase numerous samples illustrating use-cases such as automation, change tracking, health monitoring, resource inventory, and security and compliance audits.
Furthermore, by the session's conclusion, you'll have learned about an helpful (and free) Powershell module known as AzResourceGraphPS. This module offers over 100 pre-built KQL queries for Azure Resource Graph, and you'll have the opportunity to hear from the module's creator during this session.
Level 300. Duration of 45-60 min
Objectives:
1) Learn the power of Azure Resource Graph to query the state of Azure Resources at scale in near real time
2) Show real-life examples of how to query the data from lots of use-cases
3) Introduce participants to repository with +100 queries ready to use in their own environment
Privileged Access Strategy: Best Practices and Common Mistakes when Tiering Cloud and AD
Gain insights from real-life experiences on how to craft an effective privileged access strategy that supports "Just Enough, Just In Time" access while maintaining control and avoiding potential security breaches.
Explore the various use-cases, potential pitfalls, and limitations inherent in implementing privileged access using the Microsoft Enterprise Access Model, tailored to scale across multi-cloud environments and on-premise Active Directory setups.
Discover how to manage delegations to IT personnel and end-users using Entra Privileged Identity Management. This session will showcase specific examples of privileged access designs for platforms like Power BI, Azure Landing Zones, Intune, and more.
Still using legacy Active Directory, but would like to get PIM for AD, then come to this session to see it - based on PIM for Entra ID combined with AD TTL group membership.
By the session's conclusion, you'll also have learned about various useful (and free) community add-ons developed by the speaker, including tools like PIM Assignment Revoker, PIM Assignment Wizard, PIM Assignment Exporter, and PIM Baseline Automation.
Time 45-60 min.
Objectives:
1) Lessons learned of how to design privileged access strategy to scale to on-prem and multi-scale
2) Show real-life examples (templates) of how to support well-known workloads like Power BI, Azure landing zones, Intune, Exchange, etc.
3) Introduce participants to extra (free) add-ons to support advanced needs in PIM
European Cloud Summit 2023 Upcoming
Automating the Transition to Log Ingestion API & Data Collection Rules for your Logs in LogAnalytics
Azure Back to School 2023

Morten Knudsen
Microsoft MVP Security & Azure Hybrid MVP, MCT, Cloud & Security Architect
Kolding, Denmark