By David O'Brien on June 14, 2018
Right click - deploy.
Copy a file to the server.
Lift and shift your on-premises server to the cloud.
What do these practices usually have in common?
Yes, the lack of production readiness in the cloud. Lack of service logging and metrics collection.
Something as important as this is usually either overlooked, not done at all, or overcomplicated, by using 3rd party tools that are “cloud-ready”, all you need to do is just install this agent here on all your machines so it can forward data to this other server which then forwards all the data to another server. Wow!
Azure makes log and metrics collection super easy on most services, with an almost turnkey solution to forward logs and metrics to an Azure Storage Account, Event Hub or Log Analytics.
All three targets should be an ideal source for any cloud based SIEM tool to ingest data from, if you decided to use a 3rd party.