How to troubleshoot applications on Windows Containers with the Log Monitor tool
In my previous blog post, I showed how to manually troubleshoot Windows Containers by opening an interactive session to a container, running a PowerShell session, and using the Get-WinEvent cmdlet to view the application logs on the container instance. While ... continue reading
How to manually troubleshoot applications on Windows containers
Developers are more and more creating applications on containers, and guess what? It’s still up to us – ITPros – to troubleshoot anything that happens in production. Containers are not VMs, so where to even start, you might ask. We’ll ... continue reading

Azure Monitor: Audit your Azure and non-Azure SQL Server
Hi everyone, time passed since my last post. Hope you missed me Today I am going to cover an interesting aspect on how to capture security audit events from both Azure and non-Azure SQL Server machines. Most of you probably ... continue reading
Forward On-Premises Windows Security Event Logs to Microsoft Sentinel
Hello, It has been a while since Raven, and I have blogged on security. My little buddy Raven (miniature Schnauzer) has been dealing with genetic back problems that have made it difficult to run or jump, so her days of ... continue reading
SQL Server 2019 PolyBase feature High Availability
One of the most exciting aspects of SQL Server 2019 are the enhanced capabilities around the PolyBase feature that enables access to non-SQL Server external data sources through a process referred to as virtualization. The data remains at the external ... continue reading

New Microsoft Sysmon report in VirusTotal improves security
Today, following the 25th year anniversary of Microsoft Sysinternals, we are announcing the general availability of a new Microsoft Sysmon report in VirusTotal. Whether you’re an IT professional or a developer, you’re probably already using Microsoft Sysinternals utilities to help you ... continue reading

A guide to combatting human-operated ransomware: Part 2
This blog is part two of a two-part series focused on how Microsoft DART helps customers with human-operated ransomware. For more guidance on human-operated ransomware and how to defend against these extortion-based attacks, refer to our human-operated ransomware docs page ... continue reading
Diagnosing Network Isolation Issues
Hi all, Will Aftring here from Windows Networking Support. I wanted to chat about how Network Isolation interacts with Universal Windows Platform (UWP) applications and how / why you may want to alter some of these settings in respect to ... continue reading
Deploying Windows 10 Application Control Policy
Dear IT Pros, Today we discuss about All things about WDAC – Windows Defender Application Control. WDAC was introduced with Windows 10 and could be applied to Windows server 2016 and later, its older name is Configurable Code Integrity (CCI) ... continue reading
PowerShell basics: Query Windows Server Event Logs
One of the most standard server administration tasks is trawling through event logs looking for information about an issue you want to troubleshoot. If you’re interacting with Windows Server through PowerShell, you can interact with those event logs using the ... continue reading