Category: Microsoft
Category Archives: Microsoft
What is the order of operations for nested IF & AND statements over a range of cells
Asking my question will make more sense if I just show you what I’m trying to do. In the picture below you can see the different categories for classes. What I want is just a box (offscreen) that lists every category that has no grades BUT is still being used to calculate the final grade. For example, column K, the one labeled Final should be listed because row 4 has 0 in it but row 6 has a non zero value. Columns #06-#09 have nothing in row 4, BUT since they all have zero in row 6 they should be ignored.
If I use nested IF and AND functions, the logic test looks like this:
IF(AND(B4:K4=0, B6:K6<>0), true, false)
The problem is, it doesn’t work. I think it reads the whole range of B through K (row 4) checks if they’re all equal to zero, and then it reads the entire range of B through K (row 6), K6 returns false and it’s done. The outer IF statement only runs a single time, checking every box in both rows simultaneously.
Is there a way for me to get the if/and statement to check B4 and B6 together, then C4 and C6 together, then D4 and D6…
Also, I do not want to individually select every cell, I would much rather use ranges.
Thanks, if you’re not sure you understand what I’m saying let me know and I will try to explain differently or show more of my excel logic.
Asking my question will make more sense if I just show you what I’m trying to do. In the picture below you can see the different categories for classes. What I want is just a box (offscreen) that lists every category that has no grades BUT is still being used to calculate the final grade. For example, column K, the one labeled Final should be listed because row 4 has 0 in it but row 6 has a non zero value. Columns #06-#09 have nothing in row 4, BUT since they all have zero in row 6 they should be ignored.If I use nested IF and AND functions, the logic test looks like this:IF(AND(B4:K4=0, B6:K6<>0), true, false) The problem is, it doesn’t work. I think it reads the whole range of B through K (row 4) checks if they’re all equal to zero, and then it reads the entire range of B through K (row 6), K6 returns false and it’s done. The outer IF statement only runs a single time, checking every box in both rows simultaneously.Is there a way for me to get the if/and statement to check B4 and B6 together, then C4 and C6 together, then D4 and D6…Also, I do not want to individually select every cell, I would much rather use ranges. Thanks, if you’re not sure you understand what I’m saying let me know and I will try to explain differently or show more of my excel logic. Read More
Outlook Archive versus Google All
I use IMAP to pull a copy of Gmail over to Outlook. In the new Outlook, unlike the old, a folder labeled Archive appears showing 225,000 messages. Is this derived my Google All Mail folder? And, if so, will deleting the contents of the Archive folder delete contents in the All mail folder? Thanks,
I use IMAP to pull a copy of Gmail over to Outlook. In the new Outlook, unlike the old, a folder labeled Archive appears showing 225,000 messages. Is this derived my Google All Mail folder? And, if so, will deleting the contents of the Archive folder delete contents in the All mail folder? Thanks, Read More
Teams UPDATES App: Create, Collect, and Review Staff Updates in Teams
The Teams UPDATES App feature has been available to subscribers since 2022, but I recently stumbled across it in Microsoft Teams and want to share it with you.
I believe the app’s confusing name, UPDATES, keeps users from trying it. With the Microsoft Teams UPDATES app, you’re not updating the Teams app. You’re efficiently requesting and collecting the following updates from your team members via an easy-to-create form.
→ daily, weekly, or working hours updates
→ incident reports
→ shift handoffs
→ 1:1 prep
→ more UPDATES templates available
Really, in ten minutes, a busy business owner or manager, who may be intimidated by setting up and using the To-Do Task App or Planner, can create a simple form and receive responses from the team in Teams.
This feature is ideal for frontline, manufacturing, and medical industries, to name a few. Also, there are hidden functionality gems that benefit the staff. Staff members will be automatically reminded in Teams to complete and submit the update by the specified due date without the initiator sending an email. Everyone can manage their updates from a dashboard in Teams.
A simple and fast solution to staying on top of what’s going on with your team.
Watch the video for the UPDATES App overview and demonstration.
https://youtu.be/Y6rCtYg85m0
/Teresa #mvp #traccreations4e 5/5/2024
The Teams UPDATES App feature has been available to subscribers since 2022, but I recently stumbled across it in Microsoft Teams and want to share it with you. I believe the app’s confusing name, UPDATES, keeps users from trying it. With the Microsoft Teams UPDATES app, you’re not updating the Teams app. You’re efficiently requesting and collecting the following updates from your team members via an easy-to-create form.
→ daily, weekly, or working hours updates→ incident reports→ shift handoffs→ 1:1 prep→ more UPDATES templates available Really, in ten minutes, a busy business owner or manager, who may be intimidated by setting up and using the To-Do Task App or Planner, can create a simple form and receive responses from the team in Teams.
This feature is ideal for frontline, manufacturing, and medical industries, to name a few. Also, there are hidden functionality gems that benefit the staff. Staff members will be automatically reminded in Teams to complete and submit the update by the specified due date without the initiator sending an email. Everyone can manage their updates from a dashboard in Teams.
A simple and fast solution to staying on top of what’s going on with your team.Watch the video for the UPDATES App overview and demonstration. https://youtu.be/Y6rCtYg85m0/Teresa #mvp #traccreations4e 5/5/2024 Read More
Having Trouble Saving PDFs, Webpages, and Excel Files Correctly
For the past week, I’ve been encountering an issue where all my PDF documents and downloaded files, whether from Outlook or Google Chrome, are being saved as .24 files with Internet Explorer as the default program. Previously, I had set all PDFs to open in Edge, and they still do when opened directly from my files. However, nothing seems to save properly anymore unless I manually add .pdf or .xls to the end of the file name as I save.
I managed to revert the default settings for .mht and .mhtml files back to Edge, but for .24 files, my only options are Internet Explorer and Notepad. Even after selecting Internet Explorer as the default program, files still fail to save correctly without the added file extension.
This issue became particularly problematic when I almost lost a large Excel file yesterday. It saved as a .24 file in Internet Explorer, leaving me with no way to open it. I ended up having to rebuild the entire spreadsheet from scratch. It’s not a major catastrophe, but it’s definitely an annoying inconvenience.
Does anyone have any ideas or suggestions on how to resolve this issue? Any help would be greatly appreciated!
For the past week, I’ve been encountering an issue where all my PDF documents and downloaded files, whether from Outlook or Google Chrome, are being saved as .24 files with Internet Explorer as the default program. Previously, I had set all PDFs to open in Edge, and they still do when opened directly from my files. However, nothing seems to save properly anymore unless I manually add .pdf or .xls to the end of the file name as I save.I managed to revert the default settings for .mht and .mhtml files back to Edge, but for .24 files, my only options are Internet Explorer and Notepad. Even after selecting Internet Explorer as the default program, files still fail to save correctly without the added file extension.This issue became particularly problematic when I almost lost a large Excel file yesterday. It saved as a .24 file in Internet Explorer, leaving me with no way to open it. I ended up having to rebuild the entire spreadsheet from scratch. It’s not a major catastrophe, but it’s definitely an annoying inconvenience.Does anyone have any ideas or suggestions on how to resolve this issue? Any help would be greatly appreciated! Read More
Auto-adjustment of finish date
Hi,
I am completely new to MS Project, I am supposed to set it up at work and I am struggling with something hopefully you will be able to help me with.
First of all, bear in mind that what i need is reverse planning : i am given a project end date and, ultimately, i need to know (based on task duration and predecessors) when i need to start it.
For this purpose, I set the “Schedule From Finish Date” option (here, finish date = 24/05/2024) and I created a new project with just two tasks (Task 1 and Task 2 – Task 2 having Task 1 as a predecessor).
If i complete Task 1 earlier :
– Why doesn’t it start Task 2 at an earlier date ?
– Shouldn’t it make my project finish earlier as well ? I mean, i know i set May 24th as the finish date but if my previous tasks are completed ahead of schedule, Isn’t MS Project smart enough to consider that my project can finish sooner ? If not, what changes can i operate so it can do it ?
Thanks a lot for your help !
Hi, I am completely new to MS Project, I am supposed to set it up at work and I am struggling with something hopefully you will be able to help me with. First of all, bear in mind that what i need is reverse planning : i am given a project end date and, ultimately, i need to know (based on task duration and predecessors) when i need to start it. For this purpose, I set the “Schedule From Finish Date” option (here, finish date = 24/05/2024) and I created a new project with just two tasks (Task 1 and Task 2 – Task 2 having Task 1 as a predecessor). If i complete Task 1 earlier :- Why doesn’t it start Task 2 at an earlier date ? – Shouldn’t it make my project finish earlier as well ? I mean, i know i set May 24th as the finish date but if my previous tasks are completed ahead of schedule, Isn’t MS Project smart enough to consider that my project can finish sooner ? If not, what changes can i operate so it can do it ? Thanks a lot for your help ! Read More
Can Edge “save” windows along with the groups/tabs and reopen them as they were when last closed?
Short Version:
My workflow involves keeping 5 named windows each containing constantly updated groups/tabs. Edge is set to reopen everything at restart. But I’m afraid of accidently closing a window and losing all. Can Edge with or without an extension automatically save each window with its current tabs/groups when I close it, so Edge doesn’t have to have all five windows open when I need to work in just one?
Longer Version:
My work flow demands I generally operate with 5 named windows open. In my Microsoft Edge each window has 3-7 tab groups with a total of about 70-100 tabs open across the 5 windows at any given time. I’m constantly updating the sites in these groups/tabs, and I need to be able to pick up where I left off when relaunch Edge. It is set to do this, so each time I open Edge it opens with 5 windows and approximately 100 tabs. But at times I only need to work in one window, but in order to keep it and the other four current, I have to keep all 5 windows and all 100 tabs open. I find this an obnoxious waste of resources.
I would like to be able to open the one window in which I need to work, have all my groups/tabs restored from the last session, and pick up where I left off. If I need to open a second, third, etc. window, I want it to load all the groups/tabs it had open the last time it was used. Currently I must have all 5 windows and all 100 tabs open all the time even if I only need to work within one because there is no way to “save” a window’s state.
Paranoid that I might accidentally close a window and lose all of its groups and tabs, I regularly save each tab as a collection, but this does not preserve the window setup/structure or the current updated state of each tab. So, the million-dollar question – is there a feature of combination of features in macOS compatible Edge or extension that supports tabs groups and will save a window with all of its groups and tabs in their current state… either automatically or manually?
Thanks!
Short Version:My workflow involves keeping 5 named windows each containing constantly updated groups/tabs. Edge is set to reopen everything at restart. But I’m afraid of accidently closing a window and losing all. Can Edge with or without an extension automatically save each window with its current tabs/groups when I close it, so Edge doesn’t have to have all five windows open when I need to work in just one?Longer Version:My work flow demands I generally operate with 5 named windows open. In my Microsoft Edge each window has 3-7 tab groups with a total of about 70-100 tabs open across the 5 windows at any given time. I’m constantly updating the sites in these groups/tabs, and I need to be able to pick up where I left off when relaunch Edge. It is set to do this, so each time I open Edge it opens with 5 windows and approximately 100 tabs. But at times I only need to work in one window, but in order to keep it and the other four current, I have to keep all 5 windows and all 100 tabs open. I find this an obnoxious waste of resources.I would like to be able to open the one window in which I need to work, have all my groups/tabs restored from the last session, and pick up where I left off. If I need to open a second, third, etc. window, I want it to load all the groups/tabs it had open the last time it was used. Currently I must have all 5 windows and all 100 tabs open all the time even if I only need to work within one because there is no way to “save” a window’s state.Paranoid that I might accidentally close a window and lose all of its groups and tabs, I regularly save each tab as a collection, but this does not preserve the window setup/structure or the current updated state of each tab. So, the million-dollar question – is there a feature of combination of features in macOS compatible Edge or extension that supports tabs groups and will save a window with all of its groups and tabs in their current state… either automatically or manually?Thanks! Read More
KQL how to save query as functions witch parameters ?
Hi
I have written this query, and I saved it as a function and entered the parameters as shown in the figure. I need to understand where I am going wrong. If I call the function and input the parameters, the result is an error.
let login = (startDate: datetime, endDate: datetime, accountNameFilter: string = “”, groupName: string = “”) {
SigninLogs
| where TimeGenerated between (startDate .. endDate)
| extend user_1 = tolower(UserPrincipalName)
| join kind=inner (
IdentityInfo
| extend user_2 = tolower(AccountUPN)
)
on $left.user_1 == $right.user_2
| where (ResultType == “0” or ConditionalAccessStatus has “success”)
| mv-expand GroupMembership
| where GroupMembership has groupName
| project-away user_1, user_2
| distinct AccountDisplayName, TimeGenerated, AppDisplayName
| extend Day = startofday(TimeGenerated)
| extend TimeBin = bin(TimeGenerated, 1h)
| summarize last_login = max(TimeGenerated), first_login = min(TimeGenerated), day = dcount(Day) by AccountDisplayName
| where (accountNameFilter == “” or AccountDisplayName has accountNameFilter)
| order by last_login desc
| render barchart kind=unstacked
};
login
Hi I have written this query, and I saved it as a function and entered the parameters as shown in the figure. I need to understand where I am going wrong. If I call the function and input the parameters, the result is an error. let login = (startDate: datetime, endDate: datetime, accountNameFilter: string = “”, groupName: string = “”) {
SigninLogs
| where TimeGenerated between (startDate .. endDate)
| extend user_1 = tolower(UserPrincipalName)
| join kind=inner (
IdentityInfo
| extend user_2 = tolower(AccountUPN)
)
on $left.user_1 == $right.user_2
| where (ResultType == “0” or ConditionalAccessStatus has “success”)
| mv-expand GroupMembership
| where GroupMembership has groupName
| project-away user_1, user_2
| distinct AccountDisplayName, TimeGenerated, AppDisplayName
| extend Day = startofday(TimeGenerated)
| extend TimeBin = bin(TimeGenerated, 1h)
| summarize last_login = max(TimeGenerated), first_login = min(TimeGenerated), day = dcount(Day) by AccountDisplayName
| where (accountNameFilter == “” or AccountDisplayName has accountNameFilter)
| order by last_login desc
| render barchart kind=unstacked
};
login Read More
Cannot run the Macro. The macro may not be available in this workbook or all macros may be disabled
This is so bizarre, getting an error indicating that the macro is not available.
Here is my error message:
The macro I want to run is ZipAllSubfoldersinFolder. All of the other macros work except this macro and just one other one. The rest connect to the buttons just fine.
When I assign a button to this Zip macro it gives me this error…
But look the code is in the file name…how is it not in there or how can it not locate it and run it through this macro?
Can someone please help me with this or offer suggestions? I tried changing the macro name…I tried compiling it…I tried changing the code..nothing…I have to pass this on to a team member and I dont want them in the code editor to run this…please help.
Thank you kindly.
This is so bizarre, getting an error indicating that the macro is not available. Here is my error message:The macro I want to run is ZipAllSubfoldersinFolder. All of the other macros work except this macro and just one other one. The rest connect to the buttons just fine.When I assign a button to this Zip macro it gives me this error… But look the code is in the file name…how is it not in there or how can it not locate it and run it through this macro? Can someone please help me with this or offer suggestions? I tried changing the macro name…I tried compiling it…I tried changing the code..nothing…I have to pass this on to a team member and I dont want them in the code editor to run this…please help. Thank you kindly. Read More
Sentitivity label discrepency between outlook inherited and legacy versions on Mac OS
Hi there,
We have set sensitivity labels in our organization. One of them is a “Public Label” for sending email outside of our organization.
On outlook legacy for Mac this Public Label is not visible
but it is Outlook Inherited for Mac
Any idea on how to troubleshoot this issue?
Thanks in advance,
Olivier
Hi there, We have set sensitivity labels in our organization. One of them is a “Public Label” for sending email outside of our organization. On outlook legacy for Mac this Public Label is not visible but it is Outlook Inherited for Mac Any idea on how to troubleshoot this issue? Thanks in advance, Olivier Read More
ACPI EC OpRegion location
Hello,
the ACPI specification defines OpRegions for ACPI bytecode to interact with devices, on suche device being the Embedded Controller. After looking at some example ACPI tables, it seems that Embedded Controller OpRegions can be defined anywhere inside the ACPI namespace, and not just inside the Embeeded Controller device scope.
What is the Windows kernel policy for such OpRegions? Which Embedded Controller will be used to handle them (if any)?
Thanks,
Armin Wolf
Hello, the ACPI specification defines OpRegions for ACPI bytecode to interact with devices, on suche device being the Embedded Controller. After looking at some example ACPI tables, it seems that Embedded Controller OpRegions can be defined anywhere inside the ACPI namespace, and not just inside the Embeeded Controller device scope. What is the Windows kernel policy for such OpRegions? Which Embedded Controller will be used to handle them (if any)? Thanks,Armin Wolf Read More
Teams Live Streaming and Speaker Attribution Options
Have you tried the FREE Live Streaming available in Microsoft Teams? What about enrollment of voice and/or video profiles in New Teams? These are both settings that an admin needs to turn on. We will have a special discussion about this in the Modern Work Learning Room this week! Come to learn about the settings and the use cases!
Have you tried the FREE Live Streaming available in Microsoft Teams? What about enrollment of voice and/or video profiles in New Teams? These are both settings that an admin needs to turn on. We will have a special discussion about this in the Modern Work Learning Room this week! Come to learn about the settings and the use cases! Read More
Monitor your data using Azure Monitor log search alerts and the Azure Data Explorer (ADX) Database
Azure Data Explorer (ADX) is a fast and scalable data analytics service that lets you query and analyze large volumes of data from various sources.
Have you ever thought of how to keep track of the health and performance of your workloads and business?
Have you ever encountered an issue where you wanted to get notified once something went wrong or needed your attention?
That’s where alerts come in handy.
allow you to create rules that automatically trigger actions when certain conditions are met.
In this blog post, we’ll show you how to create alert rules that query an ADX database and trigger actions based on the results. This way, you can monitor the data that is important to you and get notified when something happens that needs your attention. Some example scenarios:
You can create an alert rule to track your wind turbines yield and output. In case the output goes up to a level that risks the health of the facility an alert will be fired to allow you to take immediate action.
You can create an alert rule that tracks the pollution metrics of your car fleet. If the pollution level goes above a certain threshold, an alert is fired and triggers a webhook that calls a custom function to notify operations managers and call cars to service.
Create an Azure Monitor alert rule
An Azure Monitor log search alert rule consists of three components:
Make sure you properly define the properties below when creating an alert rule:
You need to specify the scope of the log search alert rule as the ADX cluster. You can do this in one of two ways:
If you are creating the alert rule from the Alerts page of the Azure portal, in the pane to select the resource, select the ADX cluster as the scope for your alert rule . You can filter by subscription, resource type (“Azure data explorer cluster”), or resource location.
If you are creating the alert rule directly from the ADX cluster blade, the scope is defined automatically as the ADX cluster.
You need to define the ADX cluster as part of the query definition. 
Log Analytics can’t automatically identify the column with the event timestamp. We recommend that if you’re querying an ADX cluster, make sure that you add a time range filter to the query. For example: “adx(‘https://help.kusto.windows.net/Samples’).table | where MyTS >= ago(5m) and MyTS <= now()”
In the Managed Identity section, select which managed identity is used by the log search alert rule to send the log query. This managed identity is used for authentication when the alert rule executes the log query. If you are querying an ADX database you must add Reader role for all workspaces (or specific data) accessed by the query. As a part of the log search alert rule you will need to define one of the following options for the identity used by the alert rule (more details here):
System assigned managed identity: Azure creates a new, dedicated identity for this alert rule. This identity has no permissions and is automatically deleted when the rule is deleted. After creating the rule, you must assign permissions to this identity to access the workspace and data sources needed for the query. For more information about assigning permissions, see Assign Azure roles using the Azure portal.
User assigned managed identity: Before you create the alert rule, you create an identity and assign it appropriate permissions for the log query. When you select this type of identity, a pane opens for you to select the associated identity for the rule.
Conclusion
With ADX alerts, you can easily monitor your data and get notified when something important happens. You can also use ADX alerts to automate your workflows, such as triggering a remediation action, sending a report, or updating a dashboard. Click here to learn more about Azure Monitor log search alerts that query ADX.
Microsoft Tech Community – Latest Blogs –Read More
Verification After Windows Server Update
What kind of verification steps do you typically perform after updating Windows Servers to ensure that things are working as expected? For example, are there any specific services/processes you check to make sure they’re up and running?
What kind of verification steps do you typically perform after updating Windows Servers to ensure that things are working as expected? For example, are there any specific services/processes you check to make sure they’re up and running? Read More
SQL Server Test Data Automation Tool Looking for Beta Testers
Anonomatic is nearing beta for our new Test Data Automation solution, and we are looking for people who are willing to test it out in their own environment. The first DBMS we support is SQL Server and where better for find experts to run it through its paces?
In summary, our containerized solution will let you easily automate the masking of all sensitive data in your SQL Server database so you may safely use production data for non-production uses such as testing and development.
The one-time configuration is quick and easy. Then depending on the size of your database, the entire fully automated process can easily take less than an hour.
Please post a response or contact Anonomatic if you are interested.
Thank you all.
Note: This post seems to be ok according to the discussion rules. If I read them wrong, I apologize. Please let me know and I will take this down and never post like this again here again.
Anonomatic is nearing beta for our new Test Data Automation solution, and we are looking for people who are willing to test it out in their own environment. The first DBMS we support is SQL Server and where better for find experts to run it through its paces?In summary, our containerized solution will let you easily automate the masking of all sensitive data in your SQL Server database so you may safely use production data for non-production uses such as testing and development. The one-time configuration is quick and easy. Then depending on the size of your database, the entire fully automated process can easily take less than an hour. Please post a response or contact Anonomatic if you are interested. Thank you all. Note: This post seems to be ok according to the discussion rules. If I read them wrong, I apologize. Please let me know and I will take this down and never post like this again here again. Read More
Uploading a Spreadsheet to One Drive
I’m having difficulty storing a spread sheet in One Drive.
The drop down says to simply “Upload the Spread Sheet”. But it doesn’t say how….
Thanks in advance!
I’m having difficulty storing a spread sheet in One Drive.The drop down says to simply “Upload the Spread Sheet”. But it doesn’t say how…. Thanks in advance! Read More
Turning off an Excel feature accidentally activated
I accidentally activated an Excel feature which causes the following result: When I move my cursor from the activated cell to another location on the page, the feature creates a large grey square the stretches from the original activated cell to the new location of the cursor. How do I turn this feature off?
(Because my files are automatically saved to OneDrive, I cannot get rid of this feature.)
Jimbo2024
I accidentally activated an Excel feature which causes the following result: When I move my cursor from the activated cell to another location on the page, the feature creates a large grey square the stretches from the original activated cell to the new location of the cursor. How do I turn this feature off? (Because my files are automatically saved to OneDrive, I cannot get rid of this feature.) Jimbo2024 Read More
mailto goes to old version of Outlook instead of new Outlook
After reinstalling a new computer, I installed Office 365 with the new Outlook. In Apps, mail, the mailto is default to “new Outlook”. If I open Paint and make a small drawing, and click on “send” it opens the older version of Outlook 2016 (or the old version of Oulook 365) instead of the new Outlook. I can see that there is the “File” option on the upper left, and there is no button (to choose). on the top right indicating that it’s the new Outlook. If I open the new Outlook directly, everything is OK. But If I try to send an email directly from any app (even Excel 365 or Word 465), it will go to the older version. The older version was never installed on the C: drive, but it exist on a D: backup drive, but was never installed as such. I deleted the Microsoft Office folder on the backup drive and I still have the same issue. Any Idea?
After reinstalling a new computer, I installed Office 365 with the new Outlook. In Apps, mail, the mailto is default to “new Outlook”. If I open Paint and make a small drawing, and click on “send” it opens the older version of Outlook 2016 (or the old version of Oulook 365) instead of the new Outlook. I can see that there is the “File” option on the upper left, and there is no button (to choose). on the top right indicating that it’s the new Outlook. If I open the new Outlook directly, everything is OK. But If I try to send an email directly from any app (even Excel 365 or Word 465), it will go to the older version. The older version was never installed on the C: drive, but it exist on a D: backup drive, but was never installed as such. I deleted the Microsoft Office folder on the backup drive and I still have the same issue. Any Idea? Read More
Alert Correlation and Linking
Hey team,
As a context, I haven’t been around Sentinel in about 1.5 years.I am trying to see how I can end up correlating different alerts/incidents in Sentinel based on entities. Eg. assume a scenario where, based upon some custom logs, I have 3 different scheduled rules popping. Between those 3 rules triggered, there is some commonality. Eg. all came from the same user / same IP, whatever.I am trying to see what is the way in Sentinel to show this correlation/story and going from individual alert triage to something cohesive that correlates everything.
I am seeing the Fusion rule theoretically supports custom scheduled rules in Sentinel for correlation.Any idea on how I could test fire that to show-case it? I’ve tried with 2 custom alerts, entities mapped, mitre, etc but it didn’t trigger.Is there any other way to achieve what I was mentioning? Is there some notebook or something that performs this kind of correlation between alerts that I am not aware of?
Thank you.
Hey team,As a context, I haven’t been around Sentinel in about 1.5 years.I am trying to see how I can end up correlating different alerts/incidents in Sentinel based on entities. Eg. assume a scenario where, based upon some custom logs, I have 3 different scheduled rules popping. Between those 3 rules triggered, there is some commonality. Eg. all came from the same user / same IP, whatever.I am trying to see what is the way in Sentinel to show this correlation/story and going from individual alert triage to something cohesive that correlates everything. I am seeing the Fusion rule theoretically supports custom scheduled rules in Sentinel for correlation.Any idea on how I could test fire that to show-case it? I’ve tried with 2 custom alerts, entities mapped, mitre, etc but it didn’t trigger.Is there any other way to achieve what I was mentioning? Is there some notebook or something that performs this kind of correlation between alerts that I am not aware of? Thank you. Read More
Kql query
I am trying to explore file creation events where the query should check for file creation events in a folder. The query should catch if there are two files created in the same folder and files names starts with same name before first dot and one filename endswith .exe and other one endswith .exe.config
I am trying to explore file creation events where the query should check for file creation events in a folder. The query should catch if there are two files created in the same folder and files names starts with same name before first dot and one filename endswith .exe and other one endswith .exe.config Read More
Excel what-if Price sensitivity table not working
I am trying to conduct a price sensitivity analysis in excel. The project is to calculate how much do I need to save to repay student loan. So my sensitivity table consists of 2 variables: (i) future salary and (ii) my saving ratio after deducting necessary expenses, and the output was my monthly net repayment to student debt.
However, the monthly net repayment to student loan in the sensitivty table is negative, and I clearly don’t figure out where I go wrong after checking tons of youtube videos.
Do someone know how to solve this? Thank you very much!
Financial planning – student loan.xlsx
I am trying to conduct a price sensitivity analysis in excel. The project is to calculate how much do I need to save to repay student loan. So my sensitivity table consists of 2 variables: (i) future salary and (ii) my saving ratio after deducting necessary expenses, and the output was my monthly net repayment to student debt. However, the monthly net repayment to student loan in the sensitivty table is negative, and I clearly don’t figure out where I go wrong after checking tons of youtube videos. Do someone know how to solve this? Thank you very much! Financial planning – student loan.xlsx Read More