Select Page

Pigskin Fumbleball

I’ve been using this term to describe football, aka American football, aka gridiron, for many many many years.

I was surprised that there were zero hits on either Google or Bing search for this term.

This is absolutely a blog post to make sure it gets indexed 😀

MySQL PaaS

Today was the end of my experiment with MySQL PaaS in Azure.

To be honest – performance, metrics and security were as described. Private connectivity within the virtual network, horizontal and vertical scaling, great metrics.

I got burned twice.

Once with a “potential bug” that burned $65k of Azure spend in a few hours (that was eventually refunded!), more recently with the Azure portal throwing errors continually.

 image

I’ve exported the data, reimported to an IaaS MySQL/MariaDB instance – and moved on.

Enabling DKIM and DMARC in Office365

This turned out to be really simple; and there are some really good tools and docs at https://dmarcian.com/

  • set up DKIM DNS records
    • CNAME selector1._domainkey –> selector1-{domain}._domainkey.{office365domain}.onmicrosoft.com
    • CNAME selector2._domainkey –> selector2-{domain}._domainkey.{office365domain}.onmicrosoft.com
  • set up DMARC DNS records
    • TXT _dmarc –> correct DMARC policy

Then enable DKIM signing in the Defender portal https://security.microsoft.com

Email and Collaboration –> Policies and Rules –> Threat Policies –> Email Authentication settings

  • select the domain, click on “sign messages for this domain with DKIM signatures”

It might take a while for the DNS records to propagate.

Finally test the DMARC and DKIM settings, I used the DMARC Record Checker https://dmarcian.com/domain-checker

If you end up looking to use DMARC reporting, and sending to a third party/alternate domain – you also need to set up DNS records in the receiving domain:

  • set up External Domain Verification (EDV) records in DNS
    • TXT {domain}._report._dmarc –> v=DMARC1

Azure, Log Analytics Workspace, Kusto

If you’ve worked with Azure for any real length of time, there are limitations to what is stored in the Azure Activity Log – both in terms of content and retention.

The solution is to send Azure logs to a Log Analytics Workspace, and retain that for as long as you needed.

Today I needed to dig into an event that occured back in the summer, featuring Bastion. A simple Kusto query with the date range and searchable text got me results in a few moments. Some display filtering of the correct columns got me to a happy place.

// Log Analyics query
search “BastionHost” // search is case-insensitive
| where TimeGenerated between (datetime(2023-06-01) .. datetime(2023-06-15)) // date ranges
| project TimeGenerated, Caller, CorrelationId, SubscriptionId, ResourceGroup, OperationNameValue, Properties_d.resource, ActivityStatusValue
// just show the columns we care about (comment the entire line if you want all)