Get Azure Scheduled Events with IMDS

Get Azure Scheduled Events with IMDS

In this video, we go over how to get scheduled events for an Azure virtual machine by querying the Instance Metadata service API endpoint with a PowerShell Scheduled Task.  That data is then sent to a Log Analytics Workspace to be queried or alerted on.

Sample query to get all events:

IMDSScheduledEvents_CL 
| sort by DateTime_t desc

Sample query to get all events that are not blank: 

IMDSScheduledEvents_CL 
| where Events_s != "[]"
| sort by DateTime_t desc

Links:

Udemy course, Zero to Hero with Windows Virtual Desktop
https://www.udemy.com/course/zero-to-hero-with-windows-virtual-desktop/

Two IP’s you should know:
https://www.ciraltos.com/two-azure-ip-addresses-you-need-to-know-about/

Script on GitHub:
https://github.com/tsrob50/WVD-Public/blob/master/Get-ScheduledEvents.ps1

Leave a Comment

Your email address will not be published. Required fields are marked *

Twitter Youtube
November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  
Meta
Tags

About Auther

Travis Roberts is a Cloud Infrastructure Architect, author, and speaker based in Minneapolis, Minnesota.

Contact Info

© copyright 2022. All Rights Reserved.

Scroll to Top