Mitigate speculative execution side-channel vulnerabilities

Seems the new year bring us some bad surprises in terms of security. There has been some rumors and now turned out to be truth that certain processors are vulnerable to certain attacks. Yes processors. That means that affects a wide variety of Operating Systems. As Microsoft puts it:

Microsoft is aware of a new publicly disclosed class of vulnerabilities referred to as “speculative execution side-channel attacks” that affect many modern processors and operating systems including Intel, AMD, and ARM. Note: this issue will affect other systems such as Android, Chrome, iOS, MacOS, so we advise customers to seek out guidance from those vendors.

Source: ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities

Continue reading “Mitigate speculative execution side-channel vulnerabilities” →

OMS Analytics Portal Can Now Display Results In Your Local Time Zone

As you are familiar currently OMS has two search portals – the legacy one located in OMS classic Portal and the Analytics one. The Analytics Portal is slowly getting some of the cool features from the legacy Search Portal. One feature that was very handy in it was that TimeGenerated was displayed in the time zone you are accessing it. This is very handy when you have to investigate as it helps you track the events, logs and metrics at your local time. This was missing in the Analytics portal but now it is there and even enhanced.

Continue reading “OMS Analytics Portal Can Now Display Results In Your Local Time Zone” →

Free E-book: Inside #MSOMS v2 now available

It took us some time but we’ve managed to update the one and only free OMS book. We had plans to release it earlier but unforeseen things has happened which prevented us to do it earlier. I hope you will understand but you will still enjoy it. The other authors and me put a lot of effort to get it out along with the reviewers.

The new query language of Log Analytics is not included in the book but that should not discourage you as the content is still relevant.

Go grab Inside the Microsoft Operations Management Suite for free. Let us know if you have any feedback.

I mostly would like to thank my fiancée for being patient with me and supporting me while I was writing my chapters.

[Cross-Post] How To Detect And Protect Yourself From WannaCry

Make sure to check out this blog post that I’ve wrote on my company’s web site.

How To Detect And Protect Yourself From WannaCry

Reserved Common Fields in Log Analytics

I’ve recently been playing with some solution development and I’ve noticed something interesting.

When we are using the OMS Data Collector API we send data by creating json file. That json file is in simple format like this:

{
"property1": "value1",
"property2": "value2"
"property3": "value3",
"property4": "value4"
}

In this pseudo code property is the name of our fields. So when the data is uploaded to OMS the name for field property1 will turn to property1_s. Basically OMS adds suffix to the name of each field and this suffix represents the data type of the value for the field.

There are some exception though. For example if our property is called Computer that will not turn into Computer_s in Log Analytics. Basically the Computer field is a special one. Turned out there are more such fields actually and they are called Reserved Common Fields.

Continue reading “Reserved Common Fields in Log Analytics” →

Spread the word:

Like this:

Spread the word:

Like this:

Spread the word:

Like this:

How To Detect And Protect Yourself From WannaCry

Spread the word:

Like this:

Spread the word:

Like this: