InTrust Knowledge Pack for Azure Technical Preview

InTrust Knowledge Pack for Azure Technical Preview

R&D is proud to release a piece of InTrust technology which is currently in the making.

Cloud IaaS becoming a more prominent part of the everyday life of IT admins nowadays, so we are working on the capability to collect event data from that infrastructure.

In the technical preview, we’ve added log collection for Azure IaaS and Azure IaaS VMs. Namely, this preview can collect the following:

  • Windows OS Native Event Logs from Guest OS – the agent is begin deployed automatically, events are being streamed via Azure Blob Storage
  • Azure Activity Log streamed into the Azure Event Hub (the name of the hub will be insights-operational-logs)
  • Azure Resource/Diagnostic Log streamed into the Azure Event Hub (name of the hub will be defined by your diagnostic logging configuration)

You can download the Technical Preview from the support site 

Please, do not install this in production, this preview is not ready for production use and may not work as expected, also keep in mind that the exact look and feel of the feature may change in the final version. If you want this technology in production – please get in touch with us and provide feedback – you have a real opportunity to affect how this technology is going to be developed and look in the core release.

Please submit your feedback and ask for help here in the forum, support department is trained and prepared to handle your questions, but with this Forum space, you have an opportunity to get a direct channel into R&D for faster help and direct feedback.

You can find installation instructions here 

  • You will need to install an update for the InTrust Server and InTrust Deployment Manager, this will add:
    • Two new IDM collection types (Azure VM, Azure Diagnostic Log)
    • Repository Viewer searches

Also, make sure you read the configuration steps in the Auditing Azure Infrastructure document

Feel free to ask questions about this technical preview and provide feedback - we would appreciate it