Category Archives : Monitoring

14

Jan

Learning from cryptocurrency mining attack scripts on Linux

Cryptocurrency mining attacks continue to represent a threat to many of our Azure Linux customers. In the past, we’ve talked about how some attackers use brute force techniques to guess account names and passwords and use those to gain access to machines. Today, we’re talking about an attack that a few of our customers have seen where a service is exploited to run the attackers code directly on the machine hosting the service.

This attack is interesting for several reasons. The attacker echoes in their scripts so we can see what they want to do, not just what executes on the machine. The scripts cover a wide range of possible services to exploit so they demonstrate how far the campaign can reach. Finally, because we have the scripts themselves, we can pull out good examples from the Lateral Movement, Defense Evasion, Persistence, and Objectives sections of the Linux MITRE ATT&CK Matrix and use those to talk about hunting on your own data.

Initial vector

For this attack, the first indication something is wrong in the audited logs is an echo command piping a base64 encoded command into base64 for decoding then piping into bash. Across our users, this first command

Share

06

Jan

Azure Cost Management 2019 year in review
Azure Cost Management 2019 year in review

When we talk about cost management, we focus on three core tenets:

Ensuring cost visibility so everyone is aware of the financial impact their solutions have. Driving accountability throughout the organization to stop bad spending patterns. Continuous cost optimization as your usage changes over time to do more with less.

These were the driving forces in 2019 as we set out to build a strong foundation that pulls together all costs across all account types and ensures everyone in the organization has a means to report on, control, and optimize costs. Our ultimate goal is to empower you to lead a healthier, more financially responsible organization.

All costs behind a single pane of glass

On the heels of the Azure Cost Management preview, 2019 started off strong with the general availability of Enterprise Agreement (EA) accounts in February and pay-as-you-go (PAYG) in April. At the same time, Microsoft as a whole embarked on a journey to modernize the entire commerce platform with the new Microsoft Customer Agreement (MCA), which started rolling out for enterprises in March, pay-as-you-go subscriptions in July, and Cloud Solution Providers (CSP) using Azure plan in November. Whether you get Azure through the Microsoft field, directly from

Share

18

Dec

New features in Azure Monitor Metrics Explorer based on your feedback

A few months ago, we posted a survey to gather feedback on your experience with metrics in Azure Portal. Thank you for participation and for providing valuable suggestions!

We want to share some of the insights we gained from the survey and highlight some of the features that we delivered based on your feedback. These features include:

Resource picker that supports multi-resource scoping. Splitting by dimension allows limiting the number of time series and specifying sort order. Charts can show a large number of datapoints. Improved chart legends. Resource picker with multi-resource scoping

One of the key pieces of feedback we heard was about the resource picker panel. You said that being able to select only one resource at a time when choosing a scope is too limiting. Now you can select multiple resources across resource groups in a subscription.

Ability to limit the number of timeseries and change sort order when splitting by dimension

Many of you asked for the ability to configure the sort order based on dimension values, and for control over the maximum number of timeseries shown on the chart. Those who asked explained that for some metrics, including available memory and remaining disk space,

Share

13

Dec

New features in Azure Monitor metrics explorer based on your feedback

A few months ago, we posted a survey to gather feedback on your experience with metrics in Azure Portal. Thank you for participation and providing valuable suggestions! We appreciate your input, whether you are working on a hobby project, in a governmental organization, or any size company—small to huge.

We want to share some of the insights we gained from the survey and highlight some of the features that we delivered based on your feedback. These features include:

Resource picker that supports multi-resource scoping.Splitting by dimension allows limiting the number of time series and specifying sort order.Charts can show large number of datapoints.Improved chart legends.
Resource picker with multi-resource scoping

One of the key pieces of feedback we heard was about the resource picker panel. You said that being able to select only one resource at a time when choosing a scope is too limiting. Now you can select multiple resources across resources groups in a subscription.

 Ability to limit the number of timeseries and change sort order when splitting by dimension

Many of you asked for ability to configure the sort order based on dimension values, and for control over the maximum number of timeseries shown on the chart. Those who asked, explained

Share

02

Dec

Azure Cost Management updates – November 2019
Azure Cost Management updates – November 2019

Whether you’re a new student, thriving startup, or the largest enterprise, you have financial constraints and you need to know what you’re spending, where, and how to plan for the future. Nobody wants a surprise when it comes to the bill, and this is where Microsoft Azure Cost Management comes in.

We’re always looking for ways to learn more about your challenges and how Cost Management can help you better understand where you’re accruing costs in the cloud, identify and prevent bad spending patterns, and optimize costs to empower you to do more with less. Here are a few of the latest improvements and updates based on your feedback:

Cost Management now available for Cloud Solution Providers What’s new in Cost Management Labs Customizing the name on dashboard tiles Upcoming changes to Azure usage data Save up to 72% with Azure reservations–now available for 16 services New videos Documentation updates

Let’s dig into the details.

Cost Management now available for Cloud Solution Providers

In case you missed it, as of November 1, Cloud Solution Provider (CSP) partners can now see and manage costs for their customers using Azure Cost Management in the Azure portal by transitioning them to Azure plan

Share

13

Nov

Improving observability of your Kubernetes deployments with Azure Monitor for containers

https://azure.microsoft.com/blog/improving-observability-of-your-kubernetes-deployments-with-azure-monitor-for-containers/Over the past few years, we’ve seen significant changes in how an application is thought of and developed, especially with the adoption of containers and the move from traditional monolithic applications to microservices applications. This shift also affects how we READ MORE

Share

07

Nov

What’s new with Azure Monitor
What’s new with Azure Monitor

At Microsoft Ignite 2018, we shared our vision to bring together infrastructure, application, and network monitoring into one unified offering, and provide full-stack monitoring for your applications. We have since made rapid strides towards delivering that reality to our customers. From consolidating our logs, metrics and alerts platforms, and integrating existing capabilities such as Application Insights and Log Analytics, to adding new monitoring capability containers and virtual machines, and contributing back to the community through open-source projects such as OpenTelemetry. In this blog, I’ll share the newest enhancements from Azure Monitor at Microsoft Ignite, including four examples of how we continue to build seamless, and integrated monitoring solution that works well for cloud-native and legacy workloads and is cost-effective. Be sure to read the full blog post to get a list of all the exciting enhancements.

Monitor containers anywhere

Customers love the convenience of the out of the box monitoring that Azure Monitor for containers provides for all their Azure Kubernetes Service (AKS) clusters. But, you also have Kubernetes clusters running outside AKS. For customers who have hybrid environments, we are now launching the ability to monitor Kubernetes clusters on-premises and on Azure Stack (with AKS Engine) in preview. Just

Share

17

Oct

SAP on Azure–Designing for Efficiency and Operations

This is the final blog in our four-part series on Designing A Great SAP on Azure Architecture.

Robust SAP on Azure Architectures are built on the pillars of Security, Performance and Scalability, Availability and Recoverability, and Efficiency and Operations.

Within this blog we will a cover a range of Azure services and a new GitHub repository which can support operational efficiencies for your SAP applications running on Azure.

Let’s get started.

Simplifying SAP Shared Storage architecture with Azure NetApp Files

Azure NetApp Files (ANF) can be used to simplify your SAP on Azure deployment architecture, providing an excellent use case for high availability (HA) of your SAP shared files based on Enterprise NFS.

SAP Shared Files are critical for SAP systems with high availability requirements and more than one application server. Additionally, SAP HANA scale-out systems also require a common set of shared files i.e.

 /sapmnt which stores SAP kernel files, profiles and job logs.  /hana/shared, which houses binaries, configuration files and traces for SAP HANA scale-out.

Prior to Azure NetApp Files, SAP on Azure customers running Linux with high availability requirements had to protect the SAP Shared Files using Pacemaker clusters and block replication devices. These setups were

Share

14

Oct

Azure Monitor adds Worker Service SDK, new ASP.NET core metrics

Application Insights from Azure Monitor empowers developers and IT professionals to observe, debug, diagnose, and improve their distributed services hosted on the cloud, on-premises, and through hybrid solutions.

The release of the Application Insights for ASP.NET Core 2.8.0 for web applications and the Application Insights for .NET Core Worker Service 2.8.0 for non-web applications delivers new value to developers including:

Support for more applications types. New alertable metrics. Support for ASP.NET Core 3.0. Cross-vendor distributed tracing. Support for more application types

The Application Insights Worker Service SDK supports the new ASP.NET Core 3.0 Worker Service template, and customer engagement on GitHub helped us prioritize this work. Beyond .NET Core Worker Service Applications, this SDK brings the full power of Application Insights to other non-web applications including Console Applications, Queue Processing, and Background Jobs. Get started with our step-by-step onboarding guide.

New alertable metrics

Event Counters allow you to observe and alert on new metrics including Time in Garbage Collection, Allocation Rate, and Thread Pool Queue Length. Event Counters expand the historical Windows Performance Counters to be cross-platform—Linux, MacOS, and Windows. Application Insights now collects these metrics out-of-the-box, making them easily observable and alertable.

Additionally, you can now observe CPU usage on Linux, MacOS, and Windows

Share

03

Sep

Azure Cost Management updates – August 2019

https://azure.microsoft.com/blog/azure-cost-management-updates-august-2019/Whether you’re a new student, thriving startup, or the largest enterprise, you have financial constraints and you need to know what you’re spending, where, and how to plan for the future. Nobody wants a surprise when it comes to the READ MORE

Share