HowTo - Cloud Business & Technology

M365 Log-Size Calculation for Sentinel

29. May 202428. May 2024 by Yannic Graber

Microsoft Sentinel is ideal for extending the functions of Microsoft Defender XDR and other Defender products. I have already explained this in more detail in the blog entry https://www.graber.cloud/microsoft-sentinel-for-microsoft-365-a-must-have/. But what does Microsoft Sentinel for Microsoft 365 actually cost? There is no clear answer to this question, which is due to the difficulty of calculating the M365 log size for Microsoft Sentinel. This blog deals with precisely this question. It is intended to serve as a guide for cost estimation and shed some light on the darkness of log size and Sentinel costs. M365 Log-Size Calculation for Sentinel - a guide to cost estimation.

AADSTS50131: Device is not in required device state

17. August 2023 by Yannic Graber

Banner for blogpost on how to resolve aadsts50131 error

The error "AADSTS50131: Device is not in required device state" is not encountered every day. But when it does occur, many are often at a loss. Not least because this error and its cause is hardly documented or difficult to find. You can find out how to fix the AADSTS50131 error here.

Application Gateway WAF v2 Custom Rules

20. July 202219. July 2022 by Yannic Graber

The Application Gateway WAF v2 has brought some new features compared to v1, including the ability to create "WAF Custom Rules". In this short article I would like to discuss these "Custom Rules" and show how you can successfully create them. I have added some hints to the article that are difficult or impossible to find in the Microsoft documentation.

Accelerate Azure VM network performance

19. July 202231. March 2022 by Yannic Graber

You come across them more often than you would hope. Non-redundant infrastructure solutions based on a few virtual machines (VM). In this article, I'll go over some little tricks you can use to speed up network performance for your Azure VM in such a scenario.

Certificate-based Point to Site Azure VPN through Intune

26. December 202124. November 2021 by Yannic Graber

As the business world becomes increasingly mobile, cloud services are becoming even more attractive. But what if, as is often the case, there are still dependencies on an enterprise network - on Azure, for example? The solution is obvious: a point-to-site VPN ensures communication for mobile workers. In this how-to post, I discuss how a certificate-based point-to-site VPN to an Azure VPN gateway can be automatically rolled out to mobile clients through Intune. I also discuss how certificates can be automatically issued and renewed by a Certificate Authority in combination with Intune.

App Service PHP-Version Update

8. April 2021 by Yannic Graber

Von Zeit zu Zeit benötigt jede Webseite ein Update. Sei das inhaltlich, oder das System im Hintergrund. Beispielsweise solltest du, wenn immer möglich die aktuelle PHP-Version verwenden. In diesem Blogpost zeige ich auf, wie du ein App Service PHP-Version Update auf Azure ganz einfach und schnell durchführen kannst, per GUI oder CLI.

Restore Azure App Service MySQL In-App Database

16. March 2021 by Yannic Graber

The Azure App Service offers the possibility to have backups created automatically by Azure. This backup also includes the MySQL in-app database, which is often used for a simple WordPress site. But when testing the restore, the surprise that WordPress needs to be reinstalled. This is because the database is not restored during the restore, only the backed up file structure. But more about that later. The following tutorial shows how you can test what problem occurs and how restoring the Azure App Service MySQL in-app database works anyway.

Automatically audit and deploy Azure Resource Locks with Azure Policies

13. February 202113. February 2021 by Yannic Graber

Banner - Auto Azure RG Lock with policies

You can create resources very easily on the Azure platform. This is great, but it also provides a few risks. For example, you can delete resources or entire environments just as easily. What is very helpful for tests and demos can be very dangerous for integration and production environments. So you don't have to manage this manually, I wrote an Azure Policy code. This defines the automatic auditing and provisioning of Azure Resource Locks with Azure Policies.

ARM template deployment – Hub and Spoke with Bastion

9. January 2021 by Yannic Graber

With an Azure Resource Manager (ARM) template, you can create a specific infrastructure on Azure with the click of a button. The template defines the infrastructure as code and Azure is thereby told the target state of the resources. I have created such a template and published it via Github. The ARM template deployment includes a hub and spoke network topology with a central Azure bastion for secure access to VMs. This post shows you step by step how to use the template for yourself.

Azure Bastion Planning and Implementation

14. September 202014. September 2020 by Yannic Graber

Plan and Implement Azure Bastion - Banner

Azure Bastion is an Azure service that allows you to access your Azure VMs securely and centrally via the web portal. This allows you to enable your system administrators and system specialists to "work anywhere" without any security concerns. In this article I will not focus on the service itself, but rather on the steps necessary to plan and implement Azure Bastion.