ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-102 All Questions

View all questions & answers for the MD-102 exam
Go to Exam

Exam MD-102 topic 1 question 186 discussion

Actual exam question from Microsoft's MD-102
Question #: 186
Topic #: 1
[All MD-102 Questions]

HOTSPOT
-

You have 1,000 computers that run Windows 10 and are members of an Active Directory domain.

You need to capture the event logs from the computers to Azure.

What should you do? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by h38jhd38k at Oct. 22, 2023, 11:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Merrybob
Highly Voted 1 year, 5 months ago
Log Analytics Workspaces - This is a table or DB that captures (ingests) logs and stores them so that queries can be run against them. Install the Azure Monitor Agent (previously known as the Log Analytics Agent) - This is the agent that runs on any Windows machine (on-prem or cloud) and reports back. The configuration in between the Azure Monitor Agent and a Log Analytics Workspace is defined in Data Collection Rules (DCRs). DCRs instruct the Azure Monitor Agent to push selected logs and performance counter data to a Log Analytics Workspace.
upvoted 5 times
...
h38jhd38k
Highly Voted 1 year, 9 months ago
https://learn.microsoft.com/en-us/azure/azure-monitor/agents/data-sources-windows-events
upvoted 5 times
...
chafe
Most Recent 1 year ago
https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-windows-client#prerequisites You must join Azure in order to install the monitor agent.
upvoted 1 times
...
dkkddkdkddkdkdk
1 year, 3 months ago
Is it not storage account which is needed to store the logs before used for consumption?
upvoted 1 times
...
Murad01
1 year, 5 months ago
can someone explain why not second option is: Enroll Microsoft Intune
upvoted 2 times
Merrybob
1 year, 5 months ago
Azure Monitor and Log Analytics make up the monitoring solution used by various Azure related services. To be able to extract event logs from a VM or on-prem machine, you need to install the Azure Monitor agent. The agent will report back to the Log Analytics workspace that is configured in a Data Collection Rule (DCR). From Azure Monitor you can use pre-curated 'Workbooks' to run queries again the Log Analytics Workspaces and produce results. Those results can be visualized in Azure Monitor Insights which is available within most Azure services. The pre-curated workbooks are simple to use and can be edited to create your own custom dashboard if required. You can also write your own queries using Kusto Query Language (KQL) if desired. Workflow: Virtual Machine <---> Azure Monitor Agent <---> DCR <---> Log Analytics Workspace.
upvoted 3 times
...
...
NoursBear
1 year, 5 months ago
Is this actually possible for AD clients ? https://learn.microsoft.com/en-us/entra/identity/monitoring-health/howto-integrate-activity-logs-with-azure-monitor-logs I thought they would need licenses and a Azure AD Registration. If someone could confirm
upvoted 1 times
CheMetto
1 month, 3 weeks ago
https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-windows-client As stated there, you need to have device hybrid join or join. However neither Registration nor enroll in intune accomplish that. So that's why the only reasonable option is to install the agent
upvoted 1 times
...
RomanV
10 months ago
Yes, it is. Microsoft says the following: " Log Analytics workspace is a data store into which you can collect any type of log data from all of your Azure and non-Azure resources and applications." https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-workspace-overview So the answers are correct.
upvoted 1 times
...
ClaudiuR2023
1 year, 5 months ago
hi, this exactly what I was wondering. found this article: https://www.sharepointeurope.com/audit-windows-ad-security-group-changes-azure-log-analytics/ it stands: Azure Log Analytics can help you to audit security breaches not only in the cloud but also in onprem Windows Active Directory environments. With this article I give you an idea on how custom views in Azure Log Analytics can help you to see changes at a glance. therefore: Q2 - install Azure Monitoring Agent seems correct
upvoted 2 times
...
...
yosry
1 year, 7 months ago
SEEMS CORRECT
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel