User Profile
gcorsini
Copper Contributor
Joined Oct 31, 2021
User Widgets
Recent Discussions
Clarification on Teams Audio Conferencing costs
I'm trying to get some clarification for a customer of mine, who has some concerns about costs incurred for the audio conferencing PTSN lines. I tried checking documentation but couldn't find an explicit answer on this. Is the cost per minute charge for the use of an audio conferencing PTSN done on a Per User basis? Or is it simple when the line is used, regardless of the number of users called into it? For obvious reasons, this is a point that makes our customer wary as they don't want to incur multiplied costs during some of their company-wide meetings if the per minute charge is multiplied for every user utilizing the number. Thanks in advance!446Views0likes0CommentsRe: Microsoft Purview Insider Risk Management
Rhul1545 Take a look at this section from the https://learn.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management-settings?view=o365-worldwide#policy-timeframes I would take a look at the activation window for the policy in question and see if that’s the issue. If not, please respond so we can help get you the right answers. Thanks in advance!665Views0likes0CommentsRe: KQL: Closing an incident if the events do not include entries in a Watchlist
Your pseudocode is a little hard to follow without the full context of what you’re trying to accomplish. Would you mind sharing the actual query, and the original query you’re basing it off of? Obviously obfuscate anything that would be deemed proprietary to your organization (such as the watchlist itself) but I think have both queries would help us determine the source of your errors. Thanks in advance!1.4KViews0likes2CommentsRe: Defender for Endpoint P2 License question
Good morning! I’m trying to find you a direct answer that applies to this license, but I can say definitively that this behavior occurs with other licenses as well. For example, I work with customers who only want to purchase Business Standard or Premium suites of licenses for their users, but they want the full security and compliance protections available with the E5 license. What we typically recommend is that 1 E5 license be purchased for the environment so we can get access to all those features, and then assign the rest of their users the business standard or premium licenses. This gives us, the MSP, the ability to put in place all of the security and compliance features we need to protect the customer, without the customer having to spend a ton of money since the singular E5 unlocks those capabilities by simply existing in the environment. At best guess right now, having just one defender for endpoint p2 is unlocking all the features you’re describing to detect these devices, onboard them, and apply policies. But the per user subscription is likely necessary for other features of the license, the the maximum number of registered devices or something. Here’s a nice table comparing P1 and P2. Hope this helps! https://www.o365cloudexperts.com/defender-for-endpoint-plan-1-2-comparison/6.2KViews1like1CommentLog data for connecting and disconnecting Sentinel Data Connectors
Just wondering if anyone has any knowledge of where log data for connecting and disconnecting Sentinel Data connectors might be stored. We ran into this scenario in my production environment where the Azure Active Directory connectors for AuditLogs and SigninLogs were suddenly disconnected and no one has any record of when or why. I've since turned the connectors back on but I can't isolate the event or actor where the log was turned off. Has anyone had any experience with this, or could point me to a doc where I might generate a query to find this event? I can see roughly when the logs were turned off, and they were off for over a week.Solved
Recent Blog Articles
No content to show