Microsoft Sentinel Deployment & Log Ingestion: Ingesting Platform Logs via Diagnostic Settings
Hello Immersive Labs community, I’ve been working through the lab tasks and successfully completed tasks 1 through 6. However, I’m stuck on task 7, which asks: "A storage account has been deleted. What would be the data type of the generated log?" The task seems oddly described, and I can’t find any clear hints in the lab briefing or online resources. I’ve tried querying various data types like AzureActivity, AuditLogs, StorageBlobLogs, StorageFileLogs, and others, but none seem to fit correctly. Could anyone provide guidance or confirm which data type is actually relevant for this scenario? Are there any specific tips or resources I might be missing? Thanks in advance for your help!insufficient permissions for the lab "IAM and EC2: Instance Profiles"
I am working on the lab "IAM and EC2: Instance Profiles" and in section 4 it requires launching an EC2 instance. The problem is that following all the steps, it returns the following error: Instance launch failed You are not authorized to perform this operation. User: arn:aws:iam::250176780079:user/aBCbsrMbk6Um5GQlxs7G is not authorized to perform: ec2:RunInstances on resource: arn:aws:ec2:us-east-1:250176780079:volume/* with an explicit deny in an identity-based policy. Encoded authorization failure message: ktHE_tnENT_yEI9xSX3pGA8Rv36ZXZirDZ_QIdV4cyWE9UtT_w-drjPxlGAyZIXfOUOKRgN42SjowCSdb5GLXvXfzYF0VLxOAtrmhyJcQOVwkXSuRrRVJ5-Bov1rX_uAt4E-VWR07oGDsl1LnJvKoNxgyVRV0fDUMgvzFcnskDDn_toD2yrFQeaQZLeVEA8dnk0IvNVtsXRp_KB3Mbc6kIkpbkCDzrAZMswqUI92w04__Hm2GATKTNr4Ok7ryj3fX9pqNmL4GxWxnamQitqaWyuQo45WD-4IMqu1OPVfxixHJ9OcDYFFWlFkc6w8-lXwwLzk5O5SvAhHbMPjM8JYpE9ECvZL1UDnTy8L39hOB8QS-p2YIayS4AbcUK4GXCzVqUrUYL5p5Jid9DrboEgXgMhgRg87YQX_H_4fiiGibLN_3N7-64hKyGPgKTsfXv1Yq7Zl-wJ0ckgo4QfQyxNNdb6iqRUm8WFtShWidZujtE3GdMXsqeSUKYsx2rDVEaX2qlFF7M6EDErOvhVa2Ify8X9VKkkgcEP6kkwiO-WLz7nHEnnNj8lCzNadkkc6tXsBWTerF6Q7kdO0lqczi3-c3nUSAH7q79GCX49IfvTHU6AOT59VWJCCKw7XjAYReMHXpeH9yUDQee6JlnAQ2qeuX09TTpC9LcZWMbgtr_cDd7rTJmhwdUTLkN3sSyzw0KuU3n9kgu0bHZWkm0P7X4y7E0mOXSZ2BGOni9OyEy_D8DYV9Y8f3JJ8XBT5_jzNInxSo0hogSginKSnH9xZUq_wuyxCPu1L2znbcM7KFrW1wkivq8OoGek Am I doing something wrong or is there actually a lack of permissions to complete it? Thank you very much for your help.
Guardduty: configuration and understanding findings lab not generating findings
I am working on this lab Guardduty: configuration and understanding findings lab, finished all the first 8 steps successfully. For the last two steps, it was mentioned in step 8 "Note: This lab is generating findings live. If you don't immediately see the findings referenced in the questions below, wait a couple of minutes for them to generate." I waited more than 15 minutes and the number of findings stayed at 0. I tried the lab yesterday and then this morning, same thing.
Microsoft Sentinel: SOAR Demonstrate your skills
Hello all, I am struggling on question 6 where I feel like I have the Condition portion setup correctly but it won't say that it is completed. The condition is supposed to be within the For Each loop correct? The Condition parameters is: AND - Body Risk = High
Google Cloud Basics: Ep.7 – Demonstrate Your Skills - Task 10
Hi Team, I have been stuck on this lab for like 24hrs and I am pretty sure I am doing the right thing as per knowledge. Is there a chance this lab is broken as the lab doesn't auto-complete at all ? I assign and grant the storage object viewer permissions on IAM for the new Service Account but it doesn't apply at all .
