Let's talk about IT!
posts - 2290, comments - 295, trackbacks - 0

My Links


Post Categories


Wednesday, March 8, 2023

Azure PowerShell Module Az 9.5.0 released

Hi All,

Just a few Hours ago, a new Version of the AZ PowerShell Module has been released to PowerShell Gallery.

Az 9.5.0

Release Notes

Show Installed AZ Module and what's available in the PowerShell Gallery

Get-InstalledModule AZ
Find-Module AZ

#Run Script directly from GitHub
$ScriptFromGitHub = Invoke-WebRequest ""
Invoke-Expression $($ScriptFromGitHub.Content)

The AZ Module is just a Wrapper Module for all AZ* Modules

Get-InstalledModule AZ*

Andres Bohren

posted @ Thursday, March 9, 2023 8:07 AM | Filed Under [ PowerShell Azure ]

M365 Defender for Office 365 User reported Settings

Hi All,

Do you know the User reported Settings in Microsoft 365 Defender for Office 365?
For instance, you can send the Mails that a user reports with the "Report Message" Add-In  to Microsoft also to a reporting Mailbox that you own.

User reported settings

User Reported Settings

I've enabled that a while ago.

As you can see the Reporting Mailbox receives all types:
- Junk
- Phishing
- Not Junk

The Mail contains the Header and the Original Mail as Attachment.

In a past Project the Security Team was only interested in Reported Phishing Messages.

I've created the following Transport Rule to solve that

$AdminEmailaddress = ""
if ($Null -eq (Get-TransportRule -identity "[EOP] Bcc Messages Reported to Microsoft" -ErrorAction SilentlyContinue))
    Write-Host "INFO: Create Transport Rule: [EOP] Bcc Messages Reported to Microsoft"
    New-TransportRule -Name "[EOP] Bcc Messages Reported to Microsoft" -RecipientAddressContainsWords -BlindCopyTo $AdminEmailaddress -Mode Enforce -Comment "Bcc Messages Reported to Microsoft" -Enabled $true

The Transport Rule looks like this

Now i report a Message as Phishing

Now i only receive Mails that are reported as Phishing

You can see in the MessageTrace that the Transport Rule has worked

Get-MessageTrace -StartDate (get-date).AddDays(-1) -EndDate (get-date) -RecipientAddress
Get-MessageTrace -StartDate (get-date).AddDays(-1) -EndDate (get-date) -RecipientAddress | Get-MessageTraceDetail

You can argue, that this is very dependent on the Userbase and how good they understand the diffrence between Junk- and Phishing Emails. You're absolute correct on that. Such a "technical" approach has to be accompanied by a well designed user communication strategy.

Andres Bohren

posted @ Thursday, March 9, 2023 7:30 AM | Filed Under [ Exchange ]

Monitor Website with Azure

Hi All,

I wanted to monitor the Performance of my Blog. I've added Application Insights to my Azure Subscription and under "Availablility" i have added a "Classic test"

Monitor availability with URL ping tests

URL Ping
Add the URL, the Regions where you want to test from, the Response Code and Timeout. In my case i don't need an Alert.

After a few days you can se now the Availability is at 100%

The Average response Time is about 500 ms in Europe less than 300 ms.

You can view the Logs in LogAnalytics Workspace

| where timestamp > datetime("2023-03-07T20:17:00.000Z") and timestamp < datetime("2023-03-08T20:17:00.000Z")
| where true
| where name == "blog-icewolf-ch" and true
| extend durationInSeconds = duration / 1000
// limit samples to work with 'render scatterchart'
| take 5000
| summarize avg(durationInSeconds) by name, timestamp
| render scatterchart with (ycolumns=avg_durationInSeconds, xcolumn=timestamp)

Or figure out the details of each Record

Andres Bohren

posted @ Wednesday, March 8, 2023 9:38 PM | Filed Under [ Azure ]

Powered by:
Powered By Subtext Powered By ASP.NET