Currently Microsoft is in the process of upgrading all OMS Log Analytics workspaces to the new query language (named Kusto). Once your workspace has been upgraded, you will no longer able to invoke search queries using the Get-AzureRmOperationalInsightsSearchResults cmdlet from the AzureRM.OperationalInsights PowerShell module. Kusto comes with a new set of REST APIs, you can find the documentation site here: https://dev.int.loganalytics.io. According to the documentation, this REST API has the following limitations: Queries cannot return more than 500,000 rows Queries cannot return more than 64,000,000 bytes (~61 MiB total data) Quries cannot run longer than 10 minutes by default. FromContinue reading
I needed to find a way to restrict ALL Azure Service Manager (ASM, aka Classic) resources on the subscription level. Azure Resource Policy seems to be a logical choice. So I quickly developed a very simple Policy Definition: View the code on Gist. Once I have deployed the definition and assigned it to the subscription level (using PowerShell commands listed below), I could no longer deploy ASM resources:
#Set the Subscription ID
$subscriptionId = '7c6bd10f-ab0d-4a8b-9c32-548589e1142b'
Select-AzureRmSubscription -Subscription $subscriptionId
$definition = New-AzureRmPolicyDefinition -Name "restrict-all-asm-resources" -DisplayName "Restrict All ASM Resources" -description "This policy enables you to restrict ALL Azure Service Manager (ASM, aka Classic) resources." -Policy '.\Restrict-ALL-ASM-Resources.json' -Mode All
$assignment = New-AzureRMPolicyAssignment -Name 'Restrict All ASM Resources' -PolicyDefinition $definition -Scope "/subscriptions/$subscriptionId"
i.e. when I tried to create a classic VNet, I could not pass the validation:Continue reading
I’m currently working on a project where there has been a lot of discussion on how to use Azure AD Service Principals in Azure Automation and other solutions that involves any automated processes (i.e. VSTS pipelines). When signing in to Azure using a Service Principal, you can use either a key (password) or a certificate associated to the Service Principal. When using the Add-AzureRMAccount cmdlet, you can use one of the following parameter set: Key (password) based: Azure AD Tenant ID Azure Subscription Name or ID PS Credential object User name: Azure AD Application ID Password: Service Principal key CertificateContinue reading
I have updated the AzureTableEntity PowerShell module few days ago. The latest version is 126.96.36.199 and it is published at: PowerShell Gallery: https://www.powershellgallery.com/packages/AzureTableEntity/188.8.131.52 GitHub: https://github.com/tyconsulting/AzureTableEntity-PowerShell-Module/releases What’s changed? New function Merge-AzureTableEntity Merge one or more entities in a Azure table. Please make sure you understand the difference between Azure table merge and update operations: Update: replace entity fields with the the fields specified in the update operation Merge: update the value of existing fields specified in the merge operation If you want to update the value of an existing field and having the rest of the fields unchanged, make sure youContinue reading
Introduction Lately I have been playing with VSTS and its CI/CD capabilities. Since I have been writing a lot of PowerShell modules and I’m using GitHub and MyGet in this kind of projects, I thought a good scenario to build is to use VSTS CI/CD pipeline to automatically deploy the module from GitHub to my MyGet feed whenever I commit to the master branch for the particular PS module. In summary, this is the process: I commit code changes to master branch VSTS starts the build process (CI) fetch the artefact run pester test making sure the module can beContinue reading
Few days ago, the Inside OMS Book version 2 has been released as a free ebook to the TechNet Gallery: http://bit.ly/InsideOMS A lot has changed since the first release of the book and even when we were writing the version 2, I constantly feel that we are shooting a moving target. Now looking back, we have been working very very hard over the last 10 months. Comparing with version 1, the size of the book increased from ~450 pages and 12 chapters to ~750 pages and 17 chapters. This time, other than the authors, we are fortunate that we haveContinue reading
Today I pushed the SCOM 2016 agent to my newly installed SharePoint 2016 server via the SCOM console. My SCOM management group is on 2016 RTM UR 3. Once the SCOM agent was installed, I could not launch SharePoint Central Admin site after a reboot. After turned off the custom error in web.config, I could see the exception: This is caused by the known issue with SCOM 2016 agent APM component (Application Performance Monitoring). My good friend Kevin Greene has already blogged this: http://kevingreeneitblog.blogspot.com.au/2017/03/scom-2016-agent-crashing-legacy-iis.html So to fix my issue, I followed Kevin’s instruction – reinstalled the SCOM agent using MOMAgent.msiContinue reading
Squared Up is releasing a new free management pack that provides several PowerShell related templates that allows SCOM administrators to create the following workflows: Name Type Description Run a PowerShell Script Diagnostic Runs a script as a diagnostic, returning text PowerShell Script Three State Monitor Monitor Runs a script and reports Healthy, Warning, or Critical based on the script output PowerShell Script Two State Monitor Monitor Runs a script and reports Healthy or Warning/Critical based on the script output Run a PowerShell Script Recovery Runs a script as a recovery, returning text PowerShell Script Alert Generating Rule Rule Raises AlertsContinue reading
Back in April this year, Pete Zerger (@pzerger) and I delivered two sessions in Experts Live Australia. One of which is titled “Cloud Automation Overview”. During this session, we have showed off a pretty cool voting demo app that is made up with Azure Functions, Key Vault, Azure SQL DB and Power BI. As shown above, this demo app allows attendees in our session to vote on a topic that we have chosen by scanning QR codes using mobile devices. In this case, since we were delivering the session in Melbourne Australia, we have decided to let people to voteContinue reading
Recently when I was writing an Azure Automation PowerShell runbook, I had an requirement that I need to make sure there should be only one job running at any given time. Since this runbook will be triggered by a webhook from external systems, there was no way for me to control when and how the webhook would be triggered. So I had to add some logic in the runbook that only execute the core code block if there are no other jobs running. The key for this technique is to use the built-in variable that is available in any AzureContinue reading