Microsoft Azure Operational Insights Preview Series – Malware Assessment (Part 2)

Article, Azure, Azure Operational Insights Preview, Hybrid Security, Log Analytics, Microsoft, Operational Insights, Operational Insights, Operations Management Suite, Software, System Center, System Center Advisor, System Center Endpoint Protection, System Center Operations Manager, Windows, Windows 8/Server 2012, Windows Servers 2012 R2 1 Minute

After taking look at System Update Assessment Intelligence Pack next on the table is Malware Assessment:

image

As with the others Intelligence Packs you have a tie on the Overview page where you can see short information about the Malware status of your server. Clicking on the tile will give you some more information:

image

Notice that in the upper right corner we have option to set date timeframe. If for example we change the time frame from 7 days to 1 day different results will be shown:

image

This time frame option is important because you will probably monitor your day to day status from other consoles/tools on premise but with this Intelligence Pack in Advisor you can see the Malware status in your environment over certain period of time. Such information is helpful if you want to find some patterns in your environment related to Malware.

Again if you click on one of the results:

image

You will be redirected to the search page:

image

Here may be the most interesting option is to play with the time bar on right to get more interesting results. I couldn’t think of any other scenarios as honestly this is not my favorite topic but I guess if you are in environment that have threats detected you can think of more interesting queries.

I should mention also that the current version of this Intelligence Pack supports only Windows Defender and System Center Endpoint Protection.

Hope this was helpful for you.

Published by Stanislav Zhelyazkov

Stanislav Zhelyazkov has been working in IT since 2007. Stanislav has started his IT career as a Help Desk Specialist in 2007 while studying Informatics in the University of Ruse. He also worked in HP Enterprise Services (now known as DXC), maintaining large corporate IT infrastructures for clients in Holland, Switzerland and Germany and was involved in a Private Cloud project based on MS Hyper-V and System Center. He was also in the role of Principal Consultant in Lumagate developing and consulting companies on Azure, OMS, management and Private clouds. Currently he is Cloud Infrastructure Engineer at Sentia Denmark. Stanislav is active community member at MSDN forums providing answers on Azure. His blogposts can be found at www.cloudadministrator.net or www.systemcentercentral.com.

Published

14 thoughts on “Microsoft Azure Operational Insights Preview Series – Malware Assessment (Part 2)

  1. Pingback: System Center Advisor Restarted – Log Management (Part 3) | Cloud Administrator
  2. Pingback: System Center Advisor Restarted – Capacity Planning (Part 4) | Cloud Administrator
  3. Pingback: Microsoft Azure Operational Insights Preview Series – SQL Assessment (Part 7) | Cloud Administrator
  4. Pingback: Microsoft Azure Operational Insights Preview Series – Connecting Directly with Microsoft Monitoring Agent (Part 8) | Cloud Administrator
  5. Pingback: Microsoft Azure Operational Insights Preview Series – Usability Improvements (Part 11) | Cloud Administrator
  6. Pingback: Microsoft Azure Operational Insights Preview Series – AD Assessment (Part 12) | Cloud Administrator
  7. Pingback: Microsoft Azure Operational Insights Preview Series – Removing Legacy Configuration Assessment (Part 13) | Cloud Administrator
  8. Pingback: Microsoft Azure Operational Insights Preview Series – New Onboarding User Experience (Part 14) | Cloud Administrator
  9. Pingback: Microsoft Azure Operational Insights Preview Series – Plans and Retention (Part 15) | Cloud Administrator
  10. Pingback: Microsoft Azure Operational Insights Preview Series – Collecting Logs from Azure Diagnostics (Part 16) | Cloud Administrator
  11. Pingback: Microsoft Azure Operational Insights Preview Series – Security and Audit (Part 17) | Cloud Administrator
  12. Pingback: Microsoft Azure Operational Insights Preview Series – General Availability (Part 18) | Cloud Administrator
  13. Pingback: Microsoft Azure Operational Insights Preview Series – The Azure Portal Experience (Part 10) | Cloud Administrator
  14. Pingback: Microsoft Azure Operational Insights Preview Series – Alert Management (Part 9) | Cloud Administrator

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.