Welcome to Practical Sentinel! In the introductory blog of this series, we review how Microsoft positions Sentinel, what capabilities the product includes, and what it does well.
In this article, Jaap Wesselius discusses PowerShell serialization, what PowerShell serialization payload signing is, why this is important, and how to manage it.
The unified audit log is the source of a lot of information about a Microsoft 365 tenant. The Search-UnifiedAuditLog cmdlet is available to search the audit log and now we have the AuditLog Graph API. This article explains how to use the new API to query and retrieve audit records from the log.
When you're new to Graph API requests, you might not know pagination and end up retrieving less data from queries than is available. In this article, we explain how to use pagination to retrieve data using Graph queries and SDK cmdlets.
Anyone who learned PowerShell to manage Exchange has probably written a script to report Exchange mailbox statistics, which means that many scripts have been written since 2006. This article describes a new take on the topic that produces a nice HTML report and two lists that can be used for other reporting.
In the past, we've described how to use PowerShell to report tasks in Planner plans. This article completes the circle by discussing how to create Planner tasks. The scenario used is synchronizing Microsoft 365 message center notifications to create tasks in a target plan. There are some interesting issues to discuss, like how to assign a label to a task.
A question asked about the best way to remove channel messages from Teams. Microsoft 365 retention policies are an option, but you'll have to wait for retention processing to complete. PowerShell helps because you can create a script to remove all messages and replies from a channel. Everything works, but processing is slow, as we discover when we plunge into the details of writing code.
This article describes how to include user license costs in a Microsoft 365 tenant licensing report created with the Microsoft Graph PowerShell SDK. The report includes annual costs for all licenses assigned to each user plus an overall licensing summary for the tenant. It even reports how effective the tenant is at assigning licenses!