Event Archives

22 Feb 2022

Azure Active Directory: Role Changes (ie. Global Administrators) (Auditing and Splunk)

By Michael Yuen @yuenx|2022-12-27T15:40:20-08:00Feb 22, 2022 - Tuesday|Microsoft 365, Security, Technology|

Read: 5 mins. This article covers three ways to audit Azure Active Directory Role changes, such as the Global Administrators: Azure Portal, Microsoft 365 Compliance Center, and Splunk (SIEM).

20 Aug 2021

Active Directory: Account Lockouts – Visualize with Splunk Dashboards

By Michael Yuen @yuenx|2024-04-13T01:43:31-07:00Aug 20, 2021 - Friday|Microsoft 365, Security, Technology|

Read: 26 mins. Splunk is a GREAT tool to aggregate and correlate information from a variety of sources, and its SPL queries can help surface what you may need. In this post, we extend our previous Active Directory Account Lockout Troubleshooting article with Splunk Dashboards. SimpleXML source codes are provided to create visual representations of Windows Security event log data to aid with lockout investigations. They can also help identify data or behavior patterns and how many accounts are failing authentication over a specific time period.

1 May 2020

Active Directory: Group and Membership Changes – Windows Event IDs, Auditing, Splunk (Bonus: Security Events for Investigation, Audit)

By Michael Yuen @yuenx|2023-03-08T11:21:04-08:00May 1, 2020 - Friday|Security, Technology|

Read: 13 mins. How do you find out who made a change to an Active Directory or Builtin Local Group? Which users were added to or removed from a group? When was a group deleted? In this post, we look at Group and Membership change Event IDs, and explore how to use Splunk to find relevant information to aid in your investigations.

5 Feb 2020

Hike: Mt. Zion via Chantry Flats-Winter Creek (Spring)

By Michael Yuen @yuenx|2023-07-07T22:41:24-07:00Feb 5, 2020 - Wednesday|Hikes, Travel|

Read: 4 mins. Here’s one of Michael’s favorite, challenging, but fairly short hikes… Mt. Zion (with SPRING schedule)! It is JUST challenging enough to feel you have had a tough workout, but not as strenuous as hiking to the Mt. Wilson Observatory. It is also only a half-day hike. This somewhat tough hike is open to ANYONE.

2 Dec 2019

Hike: Mt. Zion via Chantry Flats-Winter Creek (Winter)

By Michael Yuen @yuenx|2023-07-07T22:41:37-07:00Dec 2, 2019 - Monday|Hikes, Travel|

Read: 4 mins. Here’s one of Michael’s favorite, challenging, but fairly short hikes… Mt. Zion (with WINTER schedule)! It is JUST challenging enough to feel you have had a tough workout, but not as strenuous as hiking to the Mt. Wilson Observatory. It is also only a half-day hike. This somewhat tough hike is open to ANYONE.

26 Sep 2019

Active Directory: Account Lockouts – Find Source/Cause (Bonus: Account Modifications)

By Michael Yuen @yuenx|2024-04-13T00:28:08-07:00Sep 26, 2019 - Thursday|Security, Technology|

Read: 22 mins. A Windows account keeps getting locked out and breaks a business-critical application that is responsible for a large volume of revenue. Angry customers have called into customer service to complain, and your manager has asked you for help. How do you find the source for the lockouts? Here is a comprehensive guide to aid you with resolving the issue. BONUS: Look up when an account was modified, disabled, enabled, unlocked, or had its password reset -- and by whom

12 Next