 Good morning, everyone. Hello. Great. Hello, Pierre For our audience we have the pleasure of Mathism by fire We have Amy Fully here. Do I pronounce that? Callie, okay, because I know I mispronounced it last week when I was making fun of people that couldn't mispronounce That couldn't pronounce people's name. Pierre Roma. Yeah So yeah, I had to tease you about that Oh, so welcome board. Um, thanks It's good to be back. I mean technically I was at Microsoft a few years back and getting that blue badge is exciting Just as exciting the second time around so Really excited to be on this team and a bunch of goofy characters like you Are fun to work with and we get to talk about cool stuff. So I'm really happy life is good I'm looking at the feed is our we are a little Something wrong Well, as we seem to be a little on the Blurry side So we'll see if our Audience will tell us or if it's just me. Yeah, I look I see us clearly Okay, so you see us clearly. Hopefully they see us clearly as well Okay All right But you're not the only new person on the team Starting this week. We've had two new team members added Yeah, or we we've Integrated the azure advocates or the cloud advocates security team to our own team So we had rod Trent I have to make sure to not say rob my tongue normally goes that way so rod Trent And joy lin kiri I know and they didn't pronounce that properly Rod is from the us and joy lin is from africa. So joining us from africa So I say you have not figured out this malarkey just yet I'm not sure they I think it's um, maybe you need the stream yard stream yard is having a little problem at our end but Sure blame the technology We'll blame in the technology because at our end it looks fine. I'm not quite sure what the broadcast is doing We are live and there's nothing I can do until we close the broadcast that's uh, that's great So in the chat room right now, we have some of our regulars andrew mccallum Rabbit jr. Paul jensen j gordon j is not hosting. So he decided to hang out and heckle us. So that's great Our boss our boss is online. Oh, no, don't make one of them No, I'm always gonna make fun of him techie last Anthony Bartolo Oh, it is here as well. Uh, but he's having espresso Oh And that's about it from what I can see the people that are logged in in our youtube's Um, how about we get started with the news? Sounds good. So I think you're up All right our first easy update that we thought was no, that's yours It's a morning So yes, um now ga is deployment enhancements for sql server and azure virtual machines Which I think is pretty cool because when I was on the customer side, um, deploying from the template, you know DBAs have like they want the t drive to be temp db in a certain space So now before deployment, you can configure The the ram allocation to the server the you know the drives for the log so I was actually walking through it and um, as long as you click, um, configure settings right before deploying You can change and not accept the default. So it's pretty Not accepting the defaults Yeah, because the template, you know, they just have like a standard sql template But here you can change it to what your company standards are Before deployment before you had to configure it after the fact and this is for sql on Vm so not to be confused with like a managed instance or just azure sql So it's sql for virtual machines. So you pick your flavor of sql And then once you get to the advanced settings. Yeah, there you go sql server settings And then when you scroll down, um Let's see Oh, you can enable sql authentication or uh windows authentication. That's kind of cool Your key vault integration for your, uh encryption keys and so on. Yeah, the the other thing too that I was thinking is Uh considering that now you can configure all of your You can configure all of your sql that's running on a vm Through the portal We also have the ability to configure that through arm template or bicep So if you're doing your cicd pipeline or some kind of deployment script you can Built in the sql configuration right into your code So when you're deploying for dev or test or prod or pre-prod or whatever Environments you have that you're managing for your dev team um You can have that directly into it as opposed to have to deploy the vm install sql And then go in and fine tune. So which disc you put your temp db on which disc you put your logs on Which disc you put your data on so that's kind of cool. It is cool. Yeah now once you deploy Yeah, you can save it as an arm template and Deploy away deploy away. So uh Really cool little uh improvements in the way we deploy our um or configure our sql on a vm great Our second item this week Is generally available power shell on linux os in azure function. So when we talk about azure function That's kind of part of the serverless Area, but it's really not serverless There is a server in the background that gets spun up that runs your code and then that disappears It's just not a server that you have to manage Up to now when you were using power shell in an azure function. There was always A version of power shell that was running on windows Hmm With this update now, uh, you now have power shell running on the linux in your um In your function. So if you've got if you've developed your script using uh on a linux server or linux desktop, uh, or Or a mac, uh, which kind of like a linux ish, uh Language that's in there If you've developed it on uh in those platforms, you've tested it on that platform and you're comfortable and you're and uh What you're going to be doing with that power shell is maybe uh affecting linux vm's or any other workloads that are running on top of linux you can now define Your os in your azure function as running on linux. So you can Keep the same flavor of os uh all the way through the development process of your script For that function. So it makes it really really easy to test and easy to uh to deploy So that was it for this one, um Like I said, it's not a huge one, but it also helps with When you're doing it in visual studio You can test them in the bash shell. Uh, that's that comes into it built into it And uh, that's about it. Uh, do you want to jump into the next one because we I think we're We're trying to catch up a little bit from the time that we had Uh, let's say okay, this is the yeah my favorite because the title is really I had to read it like three times to even understand what it meant. So ga the azure monitor agent extension support for automatic upgrade extension feature Which basically means that azure monitor agent can automatically upgrade your extensions It's a mouthful, isn't it? So I definitely had to read up on this one because I don't know what does this even mean but you can Enable opt-in to have your um extents your automatic extensions upgrade So when someone publishes something Like an extension you have it in a vm already It'll roll it out Check the vm's healthy for like about five minutes and if everything looks cool, all right It's great. If it's not it'll roll back automatically. So it's pretty cool. Um You definitely have to be using the azure monitor agent. I know it's it's so Has some like functionality restrictions. So if you're rolling over to it versus like log analytics, but um Yeah, sounds pretty cool. If you want to stay up to date and keep you know security features into your vm and well, I find that the Azure I'm everybody knows I'm a big fan of azure monitor. Um Mostly it underpins every other service that we have But it does give us great tools in terms of like monitoring but also logging and alerting and using some crystal queries rod actually has a series on learning to Use the the the query language We shall put the link at some point down here when I have it. I didn't think about it Oh, yeah before the show But the agents the new agent is so much more versatile in In in terms of where you actually upload the data What kind of data you have? um You define your data collection rules or your dcrs in azure monitor logs And then it goes out. So if you you can have multiple dcr for a single agent So if you have a machine that is managed by a department Uh in a larger corporation you could have the departmental staff Get the data in a log analytics workspace that they have but you could also Have it come to like a centralized the uh log analytics workspace Always careful to do that because then you end up with ingesting the cost uh of the data twice so Gotcha. Yeah, but it it does kind of give you some flexibility as to what you want or you could have your Your performance log go to this location and you can have your application log go to another location All depends on on what you're trying to do. So it's very flexible that way But as you mentioned, it's still not quite up to par. It's getting there, but it's going to take a while To the actual the the log analytics agent that we've had For a while now Right and there is a process for migrating to that we have on our documentation. So If you think you're ready, there's a bunch of you know, make sure you're ready before you do it. So Oh, yeah, but the nice thing is Because the way log analytics agent or the the new azure monitor agent works You can deploy it on a Azure arc server you can deploy it on a physical server you can deploy it on a server that's in aws or GPC you can deploy it basically anywhere on any machine linux or or windows So if you now have to keep track of all of the machines that you've deployed the agent to so that when the next Revisioned of the agent comes up And you have to go and manually update it or figure out a way to program programmatically updated Now it's it's done. It's i'm finished Um, and i'm alone in the house. So I can't just yell out. Give me another espresso So anthony anthony if you're listening, um, could you uh run to the store get me an expresso and drive it over? Yeah, yeah, that'd be nice Yeah, so Having that when now the agent can basically self update or upgrade Makes it a lot more in my opinion Um Easier to manage going forward Definitely, but as you mentioned Uh, make sure to read the documentation because it's not quite at at par with the other one Exactly. Yeah, there's Definitely some restrictions Yeah, uh, what else do we have? Oh, yes another monitor Yeah, so it was the week for azure monitor. Yeah So azure monitor diagnostic settings for azure storage In effect what this means is our customers in the past have been asking So when you have blob storage or file storage azure files When you kind of storage uh in the cloud where you people access files or data In some cases for compliance or for security you want to be able to log When the file was open was read was written and all of those types of activities to it now through the Azure that the configuration of the diagnostic settings you can actually collect That long and send that to azure event hub So that your your sem or other tools or other queries, whatever Can actually Pick up those things. So if you've got files that are restricted and you want to manage or monitor What's happening to them and who's accessing them and what's all of the items like that? You can easily do that now With azure monitor with diagnostic setting for azure storage Yeah, it's pretty cool. You just create the diagnostic setting and then you collect, you know You select which resource logs you want and then you can tell it where to go You know, you just pick some blob storage or you know, like you said about log analytics Yeah, I make especially like that that one was brought up to us by rod When we were meeting yesterday to review the the items that we had saying On the security side of things it's been something that's been in demand or or missing for a long time. So We're glad that we can actually Accommodate and anthony is replying to me saying that It's gonna take him six hours. I gotta fed the sled dogs first. Yes, it is snowing here We got we got almost five centimeters yesterday. We're expecting another 10. I think today or something like that Weird It's gonna be a white christmas. I know a white weekend And it is cold Yeah, it's minus 20. I think again No, thank you No, thank you We have a also a little bit of a treat this week rod provided us with an update on Microsoft I keep saying I keep saying azure sentinel. It's microsoft sentinel. So how about we Bring him in and let him tell us about it. Yeah, sounds good. All right. There we go Thank you. Thank you so much I'm rod trend cloud security advocate and this is what's new and exciting in security While there's always a bunch of important product enhancements and feature announcements each week There's one in particular this week. I think worth highlighting Microsoft sentinel now supports mitre techniques Microsoft sentinel customers have been expecting this update and now it's finally arrived Mitre techniques are now available for selection in the microsoft sentinel analytics rule creation process Up to now microsoft sentinel has supported the primary mitre attack tactics Which allows for the categorization of alerts and incidents based on the type of recognized threat tactic While these new techniques will be assigned automatically for the microsoft created rules customers can use this new capability To categorize their own rules When you select a primary tactic in the analytics rule creation process The techniques will display as selections. The techniques chosen will display in the actual incident When the incident or alert is generated the mitre techniques are also supported throughout Microsoft sentinel including things like automation And hunting with this new feature in place new and updated techniques can be delivered continuously So when mitre updates its tactics and techniques The microsoft sentinel environment can reflect that again. I'm rod trend Hope your day is super wonderful Talk soon So that was cool. Yeah Yeah, so we we we met with rod yesterday and we said hey, so you what's what's going on with uh Microsoft sentinel and you're like, oh, there's a bunch of things and uh, so no one knows about him. So, hey Exactly like okay instead of you telling us what they are and us trying to Articulate, uh, why don't you just uh send us a little uh remote reporting? Uh, so there we go. Uh, hopefully in the future we'll have more rod and joy lin are going to be uh our Very own security experts. So hopefully we'll we'll get a lot more of that content to you Coming soon on all of our platforms Uh We deploy the spring arm template that was pretty funny for the spring arm template. Yeah Well, not just quite yet not quite yet It's okay. No, I've got January's a year then February is another year then I got two more weeks before my trip. Um A bunch of guys were taken we've rented some uh expeditions kadoos or snowmobiles and uh Where we have something six five to 600 mile uh trip uh in northern kebek through the woods and from one lodging Hunting lodge to another and so yeah, I need a lot of snow for that. Uh cold. Maybe not but snow A lot of layers. Yes, but we're canadians. We're built for it. So frozen beard and Um considering we're at the point of this week where we're talking about um Events and community events and so far this week we didn't have any Other than uh testing and production later today on the patch and switch twitch channel But in terms of like regular, uh, we don't there was no events that we were notified of Microsoft is pretty quiet because I think we're uh in process of Organizing build. Uh, I haven't seen any real Um, I haven't seen any updates or updates on that end. I believe mr. Claus are illustrious, uh boss is set to Speak at the glass gal glass go uh user group and yes techie lass. I am mangling that name of your of your town On meetups so Reach out to uh techie lass. She'll give you all the info or it's on meetups.com And uh, I'm not quite sure what he's going to talk about but he's not, uh Um He was a little late on his abstract. I assume he sent it in already, but uh Tallin on him already too. Oh, well, you know It's our platform to make fun of the boss I'm too new. I don't know. Yeah, you're too new for that. Yeah Awesome like, oh, who's that? Oh rick. Yeah yes But also we have our learn module of the week Do you want to cover that one since you talked about the actual topic? Sure since we covered that sequel update we figured why don't you deploy sequels or ruin virtual machine? So this will walk you through and step by step a little click through guide Um, the plain sequel server on a vm so an eyes version And so this is really how to like go through configuring sequel on on a vm Which is something a lot a lot of people are still doing. Uh, it's really a step a stop gap Point in between uh on prem and cloud native, but it is very useful Um, at least the capabilities have caught up I remember that would hold us back a lot like we'd stay on prem because sequel in the cloud didn't have all the ssis said, you know, you couldn't set up all the right parameters, but now I mean, you can always go eyes and have all the functionality that you need Yeah, so that I think there are still some portions like, um In azure sequel something like the reporting server and some of the integration Parts that are not available on azure sequel. So if this is something that you absolutely need, uh, you'll need Microsoft sequel on a vm But this uh learn module will take you through it. So the basics of the infrastructure setting that up Versus the the the sass offering And i'll to deploy uh your sequel environment Sometimes So amy, what did you think? Not bad You're not bad, eh? Yeah Yeah, I don't think you're scary and grumpy and I was you know, like what's he gonna tell No, that's that's my off-camera persona You're bright and bubbly That's right Put my best side forward when we're on camera I gotta I gotta configure nvidia, uh broadcast so that it smooths my wrinkles and For me like yeah, yeah Thank you very much for joining us this week, uh on your inaugural az update Next week, we will our host will be none other than a rod trend So i'm expecting all of the noobs on our team to take turn At some point we'll get veneceus Air quotes for off-camera persona. Yes, mr. Bartolo I do have an off-camera persona I am getting But that's okay. I expect it from anthony All right. Well with that being said, thank you very much. I hope that all of you have a great weekend What do you uh got plans for this weekend? Me after my second week at microsoft. I am decompressing and have a nice glass wine by the fire, you know very Just relax My brain is on over on board and then learning and then oh you're gonna present with pier. Oh great. Thanks pier Rick said, you know, take it easy and ease in and you're like that was week one This is a week two. Okay. You're like no no into the fire. Yep No, I appreciate it though. That's great. All right, perfect. Well everybody have a good weekend and we'll see you next week in on az update