DRAFT: Httpaccess logging into Azure Sentinel on Citrix Netscaler

Tested on: 12.0
There is a lot clout about the Citrix vulnerability Citrixmash cve-2019-19781 (Citrix netscaler issue) and the thread is seriously going over the news daily now.

If you have Citrix Netscaler / ADC running you might want to get more visibility the traffic of your nodes.

To help you collect httpaccess log and gain insight, in this blog I will cover how you can send the httpaccess logs to your Log Analytics agent. From there youso you can monitor it from Log Analytics and Sentinel.

To deploy this solution you do not have to reboot your Netscaler. You just have to restart Apache which will happen in a split second. You can remove the changes the same way without a reboot.

Continue reading “DRAFT: Httpaccess logging into Azure Sentinel on Citrix Netscaler” →

How to authenticate Python interactively to Microsoft Azure

This time I would like to explain how we can authenticate interactively to Azure resources from interactive Python code execution like Jupyter notebooks.

Continue reading “How to authenticate Python interactively to Microsoft Azure” →

Adhoc deploy Sysmon on Azure Virtual Machine

If you ever need to deploy an executable like Sysmon on one or more VMs on Azure and don’t have any configuration management in place…

These Powershell Script snippets will come to rescue! Continue reading “Adhoc deploy Sysmon on Azure Virtual Machine” →