TheCloudScout’s gists

TheCloudScout / sentinel-arm-dynamic-variables

Last active February 2, 2022 15:18

	"variables": {
	"sku": "[
	if(
	equals(toLower(parameters('pricingTier')), 'capacityreservation'),
	json(concat('{\"name\":\"', parameters('pricingTier'), '\",\"capacityReservationLevel\":', parameters('loganalyticsCapacityReservationLevel'), '}')),
	json(concat('{\"name\":\"', parameters('pricingTier'), '\"}'))
	)
	]",
	"sentinelSku": "[
	if(

TheCloudScout / sentinel-arm-dynamic-sku

Created February 2, 2022 08:51

	"resources": [
	{
	"type": "microsoft.operationalinsights/workspaces",
	"apiVersion": "2021-06-01",
	"name": "[parameters('logAnalyticsName')]",
	"location": "[parameters('location')]",
	"properties": {
	"sku": "[variables('sku')]",
	"retentionInDays": "[parameters('retentionInDays')]",
	"workspaceCapping": {

TheCloudScout / kennisdag-ioc-list

Created March 7, 2022 17:37

TheCloudScout / querypack-arm-template

Created July 13, 2022 20:21

	"resources": [
	{
	"type": "microsoft.operationalInsights/querypacks",
	"apiVersion": "2019-09-01-preview",
	"name": "[parameters('queryPackName')]",
	"location": "[resourceGroup().location]",
	"properties": {}
	},
	{
	"type": "microsoft.operationalInsights/querypacks/queries",

TheCloudScout / querypack-arm-parameters

Created July 13, 2022 20:33

	{
	"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
	"contentVersion": "1.0.0.0",
	"parameters": {
	"queryPackName": {
	"value": "InvestigationsPack"
	},
	"queryPackQueries": {
	"value": [
	{

TheCloudScout / customRole-TagReader

Created August 2, 2022 16:09

	{
	"properties": {
	"roleName": "Tag Reader",
	"description": "Lets you read tags on entities, without providing access to the entities themselves.",
	"permissions": [
	{
	"actions": [
	"Microsoft.Resources/tags/read",
	"Microsoft.Resources/subscriptions/tagNames/read"
	],

TheCloudScout / pr-template

Created November 17, 2022 22:13

pr-template

	# Automated Code Pull Request

	Before submitting this Pull Request, please make sure and check the list below.

	## General

	* [x] Change purpose checkboxe(s) are updated
	* [x] Change has been described

	## Purpose for change

TheCloudScout / sentinel-pricing-auto-scale-workflow

Created November 17, 2022 22:15

sentinel-pricing-auto-scale-workflow

	name: SentinelPricingTierAutoScale
	on:
	schedule:
	- cron: '0 1 8 * *' # At 08:00 on every 1st day of the month

	permissions:
	id-token: write
	contents: write
	pull-requests: write

TheCloudScout / rot8r-parameters.csv

Created January 26, 2023 15:20

Parameter	isRequired?	Description
secretAddDays	false	The number of days the new application secret will be valid. Default is for 31 days.
tenantId	true	The Tenant ID of the Azure Active Directory in which the application resides.
applicationId	true	The app id of the application on which the secret needs to be rotated.
logstashConfigLocation	false	Path to logstash pipeline configuration file i.e. '/etc/logstash/conf.d/syslog-to-dcr-based-sentinel.conf'.
logstashKeystoreKey	false	Name of the key in the keystore container the app secret referenced inside the Logstash configuration file.
printOutput	false	Add -printOutput to for easier troubleshooting external Logstash-specific command like update keystore key and restarting service.

TheCloudScout / Gat-AdxCommands.ps1

Created August 11, 2023 12:13

Automatically generate ADX commands for table and table mapping creating based on json formatted log sample

	<#
	.DESCRIPTION
	This script will generate ADX commands based on sample files to determine their schema.
	These sample files should be in a proper JSON format and contain a single object.

	.PARAMETER TemplateFolder <String>
	Location which contains the sample files


	#>

Koos Goossens TheCloudScout