Tag Archives: event

Microsoft Hackathon 2018 winning team: ‘Think bigger – and believe you can change the world’ – Stories

The Hackathon, a company-wide event in its fifth year, had more than 23,500 global participants this year – twice the number from the first Hackathon in 2014. Hackers teamed up on more than 5,850 projects this year, up from 4,760 projects last year.

Winning projects have led to successes, including Seeing AI, the Xbox Adaptive Controller and Learning Tools, just a sampling of the projects initially driven by a team’s spark of passion. Motivation to participate in what is now the world’s largest private hackathon often comes from employees with family members or friends who are coping with various physical hardships, and who can be helped by technology.

The Hackathon began – and has continued – as a way to engage employees worldwide in both a learning culture and in a growth mindset, and to encourage great ideas from people in all roles  across the company.

“We’re getting better at hacking as a company, and we’re seeing a higher percentage of the projects that come out of the Hackathon that have potential business value to our company, which is exciting,” Ramos says.

While many people think hackathons are “just for dreaming up flying cars or smart toasters,” he says, many of the hackers say having fun is the No. 1 reason why they participate.

The winning team’s project “is a product that is a natural for Microsoft,” Ramos says. “It leverages our commitment as a platform and productivity company, and it capitalizes on something that we feel is unique to us.”

It’s “also an idea that this team has a passion for,” he says. “There are a lot of great ideas in the Hackathon – and so, when a great idea also meets up with a great team of people, that’s a nice combination as well.”

Empowering literacy for everyone with free Microsoft Stores workshops |

America has a literacy crisis.

Students, parents and teachers attended a recent literacy kick-off event at Microsoft to see how Learning Tools improve reading.

More than 36 million adults in the United States cannot read, write, or do basic math above a third grade level. And children whose parents have low literacy levels have a 72 percent chance of being at the lowest reading levels themselves. These kids are more likely to get poor grades, display behavioral problems, have high absentee rates, repeat school years, or drop out1.

In a majority of classrooms today, teachers have students reading at up to four different grade levels, trying to keep the same pace on curriculum2.

That’s why Microsoft Store and Microsoft Education are teaming up to offer free workshops this fall, using Microsoft Learning Tools to create dedicated curriculum for those with literacy challenges.

Workshops will be offered at different times throughout the year at all Microsoft Stores in the US, Canada and Puerto Rico, so be sure to check out the local Store programming near you to find the right workshop for your needs. Workshops will be catered to students’ age range, including:

Empowering students affected by Dyslexia

Educators and parents/caregivers working with students of any age; and children in 8th grade or above who are accompanied by an adult, will get hands-on experience with Microsoft applications and tools – including Learning Tools, the Ease of Access menu and accessibility and productivity features of Office 365. Teachers will be empowered to create inclusive classrooms that support students of all abilities, while parents/caregivers will gain skills to support learners outside of the classroom.

The workshop covers why it’s important to create an inclusive classroom, tools to empower different learning styles and abilities, and tools to support students with disabilities.

Boost your reading confidence and literacy skills ages 8-12

This workshop introduces students, with foundational literacy skills, to the Immersive Reader in the OneNote app. Participants will build confidence and improve their reading comprehension through grade-level–appropriate activities with Immersive Reader features. Activities include demonstrations, playing “Mad-Lib” style games, and building and reading stories in pairs to gain hands-on experience using the tools.

Literacy skills for emerging readers ages 6-8

This workshop introduces emerging readers to Learning Tools for OneNote via age–appropriate activities with Immersive Reader features. Activities include discussions, demonstrations, and playing word and story games to gain hands-on experience using the tools. At the end, participants will share what they learned with their parent or caregiver. Throughout the workshop, participants will learn how to build confidence and improve their reading comprehension, and should leave prepared to continue using Learning Tools to further develop reading skills at home and at school.

Two students celebrate during the literacy kickoff event at Microsoft.

With free software like Microsoft Learning Tools and heroic educators like Merlyne Graves, we are encouraged by the progress that’s happening every day. More than 13 million teachers and students are already using Microsoft Learning Tools for free as part of Office 365 Education, including tools like Immersive Reader, Picture Dictionary and Dictation. These are proving to increase reading and writing skill successfully, as evidenced by the recent 3rd party study from RTI International, Leveling the Playing Field with Microsoft Learning Tools.

Through these workshops, we hope to give anyone who may have challenges with reading and writing skills the tools they need to feel empowered and to personalize their learning experience, especially those in underserved communities, or with learning differences like ADHD, Dyslexia, Dysgraphia or Autism.

Decoding Dyslexia, a parent-led movement to raise awareness around Dyslexia, is partnering with Microsoft on these workshops. “We need to get technology like Learning Tools into the hands of more students with Dyslexia and other learning differences before they fall behind,” said Rachel Berger, CEO of Decoding Dyslexia, “so I’m excited about the reach Microsoft Stores will have this fall. It’s truly empowering software that can make any classroom more inclusive.”

To kick off the program, Microsoft recently hosted more than 400 students, parents and teachers from across Washington and Oregon to be the first to try the new workshops. The event also included a keynote from former NFL cornerback Robert Tate, who shared his experience with dyslexia at a young age. “My friends didn’t know I had dyslexia,” Robert said. “I would hide within myself and make sure I wasn’t the one putting my hand up to ask questions or the one reading in class. You just have to keep moving forward and never go backwards.”

Ales Holecek, corporate vice president at Microsoft who helped spark discussions that led to Learning Tools, also spoke to the group, telling the audience of parents, teachers and students about his reading comprehension issues that started at a young age and continue today. “I take a long time to read anything and hate emails. I tell my team to send short emails; or better still, come speak to me in person,” said Holecek. For Ales, the turning point came in coding, which he felt operated on a simpler vocabulary.

To learn more and find the right workshop for you or your student, check out your local Store programming.

1 National Bureau of Economic Research (NBER)

2 https://files.eric.ed.gov/fulltext/ED562664.pdf

SIEM evaluation criteria: Choosing the right SIEM products

Security information and event management products and services collect, analyze and report on security log data from a large number of enterprise security controls, host operating systems, enterprise applications and other software used by an organization. Some SIEMs also attempt to stop attacks in progress that they detect, potentially preventing compromises or limiting the damage that successful compromises could cause.

There are many SIEM systems available today, including light SIEM products designed for organizations that cannot afford or do not feel they need a fully featured SIEM added to their current security operations.

Because light SIEM products offer few capabilities and are much easier to evaluate, they are out of the scope of this article. Instead, this feature points out the capabilities of regular SIEMs and can serve as a guide for creating SIEM evaluation criteria, which merit particularly close attention compared to other security technologies.

It can be quite a challenge to figure out which products to evaluate, let alone to choose the one that’s best for a particular organization or team. Part of the evaluation process involves creating a list of SIEM evaluation criteria potential buyers can use to highlight important capabilities.

1. How much native support does the SIEM provide for relevant log sources?

A SIEM’s value is diminished if it cannot receive and understand log data from all of the log-generating sources in the organization. Most obvious is the organization’s enterprise security controls, such as firewalls, virtual private networks, intrusion prevention systems, email and web security gateways, and antimalware products.

It is reasonable to expect a SIEM to natively understand log files created by any major product or cloud-based service in these categories. If the tool does not, it should have no role in your security operations.

There are many SIEM systems available today, including light SIEM products designed for organizations that cannot afford or do not feel they need a fully featured SIEM added to their current security operations.

In addition, a SIEM should provide native support for log files from the organization’s operating systems. An exception is mobile device operating systems, which often do not provide any security logging capabilities.

SIEMs should also natively support the organization’s major database platforms, as well as any enterprise applications that enable users to interact with sensitive data. Native SIEM support for other software is generally nice to have, but it is not mandatory.

If a SIEM does not natively support a log source, then the organization can either develop customized code to provide the necessary support or use the SIEM without the log source’s data.

2. Can the SIEM supplement existing logging capabilities?

An organization’s particular applications and software may lack robust logging capabilities. Some SIEM systems and services can supplement these by performing their own monitoring in addition to their regular job of log management.

In essence, this extends the SIEM from being strictly a centralized log collection, analysis and reporting tool to also generating raw log data on behalf of other hosts.

3. How effectively can the SIEM make use of threat intelligence?

Most SIEMs are capable of ingesting threat intelligence feeds. These feeds, which are often acquired from separate subscriptions, contain up-to-date information on threat activity observed all over the world, including which hosts are being used to stage or launch attacks and what the characteristics of these attacks are. The greatest value in using these feeds is enabling the SIEM to identify attacks more accurately and to make more informed decisions, often automatically, about which attacks need to be stopped and what the best method is to stop them.

Of course, the quality of threat intelligence varies between vendors. Factors to consider when evaluating threat intelligence should include how often the threat intelligence updates and how the threat intelligence vendor indicates its confidence in the malicious nature of each threat.

4. What forensic capabilities can SIEM products provide?

Forensics capabilities are an evolving SIEM evaluation criteria. Traditionally, SIEMs have only collected data provided by other log sources.

However, recently some SIEM systems have added various forensic capabilities that can collect their own data regarding suspicious activity. A common example is the ability to do full packet captures for a network connection associated with malicious activity. Assuming that these packets are unencrypted, a SIEM analyst can then review their contents more closely to better understand the nature of the packets.

Another aspect of forensics is host activity logging; the SIEM product can perform such logging at all times, or the logging could be triggered when the SIEM tool suspects suspicious activity involving a particular host.

5. What features do SIEM products provide to assist with performing data analysis?

SIEM products that are used for incident detection and handling should provide features that help users to review and analyze the log data for themselves, as well as the SIEM’s own alerts and other findings. One reason for this is that even a highly accurate SIEM will occasionally misinterpret events and generate false positives, so people need to have a way to validate the SIEM’s results.

Another reason for this is that the users involved in security analytics need helpful interfaces to facilitate their investigations. Examples of such interfaces include sophisticated search capabilities and data visualization capabilities.

6. How timely, secure and effective are the SIEM’s automated response capabilities?

Another SIEM evaluation criteria is the product’s automated response capabilities. This is often an organization-specific endeavor because it is highly dependent on the organization’s network architecture, network security controls and other aspects of security management.

For example, a particular SIEM product may not have the ability to direct an organization’s firewall or other network security controls to terminate a malicious connection.

Besides ensuring the SIEM product can communicate its needs to the organization’s other major security controls, it is also important to consider the following characteristics:

  • How long does it take the SIEM to detect an attack and direct the appropriate security controls to stop it?
  • How are the communications between the SIEM and the other security controls protected so as to prevent eavesdropping and alteration?
  • How effective is the SIEM product at stopping attacks before damage occurs?

7. Which security compliance initiatives does the SIEM support with built-in reporting?

Most SIEMs offer highly customizable reporting capabilities. Many of these products also offer built-in support to generate reports that meet the requirements of various security compliance initiatives. Each organization should identify which initiatives are applicable and then ensure that the SIEM product supports as many of these initiatives as possible.

For any initiatives that the SIEM does not support, make sure that the SIEM product supports the proper customizable reporting options to meet your requirements.

Do your homework and evaluate

SIEMs are complex technologies that require extensive integration with enterprise security controls and numerous hosts throughout an organization. To evaluate which tool is best for your organization, it may be helpful to define basic SIEM evaluation criteria. There is not a single SIEM product that is the best system for all organizations; every environment has its own combination of IT characteristics and security needs.

Even the main reason for having a SIEM, such as meeting compliance reporting requirements or aiding in incident detection and handling, may vary widely between organizations. Therefore, each organization should do its own evaluation before acquiring a SIEM product or service. Examine the offerings from several SIEM vendors before even considering deployment.

This article presents several SIEM evaluation criteria that organizations should consider, but other criteria may also be necessary. Think of these as a starting point for the organization to customize and build upon to develop its own list of SIEM evaluation criteria. This will help ensure the organization chooses the best possible SIEM product.

Chief data officer skills tested by AI ad blitz

If they’re watching a sporting event such as the PGA Championship, the summer afternoon isn’t totally restful for chief data officers. As the players chase the golf ball around the course, the IT pros at home must keep one eye on the leaderboard and one on the advertisements, and anticipate honing their chief data officer skills.

The ad spots often tout new technology. They use quick-cut imagery of futuristic cities and data centers and feature notables ranging from rapper Common to troubadour Bob Dylan. The technology for sale could be cognitive computing, blockchain technology, IoT or other trendy tech. The result is the exec in the C-suite who has a Monday morning question to test chief data officer (CDO) skills to the max.

These days that question is often, “What’s our plan for AI?”

Because AI can encompass almost anything magical, it can be a tough question for the chief data officer (CDO) to field. A look at a reporter’s notebook from last month’s MIT Chief Data Officer and Information Quality Symposium (MIT CDOIQ) in Cambridge, Mass., may provide a clue or two.

Kaizen and AI

At an MIT CDOIQ symposium panel sponsored by data platform vendor AtScale, the topic of BI on the data lake turned to a discussion of the imp called AI. Chris Crotts, group manager for enterprise data at Toyota North America, said business users tend to bring up questions on AI — questions that can test data strategy and chief data officer skills.

“Someone will call and say, ‘I need to do AI tomorrow.’ We look into it and find that what they are doing is reporting,” he said. In these cases, he said he asks the line-of-business user to describe the actual problem they are trying to solve. His teams then show them ways of analyzing the data to find answers.

“Part of going digital is to have data competency,” Crotts said. That means users have to be prepared to successfully employ something like AI. If people aren’t ready to analyze the data, Crotts said, it is not worthwhile to spin up a host of new tools.

So, his enterprise data group endeavors to prepare users to understand “how data consumption works.”

For their part, Crotts said, users become increasingly helpful in digging in and discovering issues in the data, such as the complex data that has begun to populate Toyota’s data lakes.

He said Toyota’s lineage in continuous improvement — the company is regarded as the birthplace of Kaizen, a work culture philosophy that focuses on understanding problems firsthand — infuses his and colleagues’ approaches to realizing the kind of change that AI can bring.

Stonebraker’s take

Michael Stonebraker, professor, MITMichael Stonebraker

In a separate presentation at the MIT conference, database veteran and MIT professor Michael Stonebraker also touched on the interest AI is garnering these days.

The guiding technical founder behind such database companies as Ingres, Illustra and Vertica, Stonebraker spoke under the auspices of one of his more recent foundlings, Tamr, a maker of advanced data preparation software.

Stonebraker, like others of late, highlighted the issues influencing chief data officer skills that stand between big data and AI-style analytics. These include the difficulty involved in getting varied data ready to ply for AI insights.

Getting training data is always a problem. Deep learning needs way too much training data.
Michael Stonebrakeradjunct professor at MIT and Tamr co-founder

“The hot button now is to talk about AI, machine learning and the data scientist,” Stonebraker said. “But if you are saying data scientists are going to save your butt, you are going to have this problem: They get 10 minutes a week for doing the job they were hired for.” Preparing data for the new engines, in short, is the first step toward AI.

On deep learning for the enterprise — the hallmark of what is new in AI today — Stonebraker was not optimistic. There, a lack of data volume, rather than a surplus of data, can become a determining issue.

“Getting training data is always a problem,” he lamented. For traditional business enterprises, as opposed to web juggernauts like Google and Facebook, “deep learning needs way too much training data,” he said.

Deep learning “works fine if you are doing image data, natural language [processing] or machine translation,” Stonebraker said.

It is not an entirely bleak outlook, however. He indicated that Tamr customers are seeing success with “conventional machine learning using random forest techniques at scale.”

The AI landscape

The admonitions of Stonebraker and Crotts suggest CDOs need to know their way around enterprise data. That is true whether the technology is AI or BI.

Sure, a good understanding of one’s data is a useful club to have in the golf bag of chief data officer skills. But things do change; an organization’s data must be seen in new contexts, as technology progresses and big data, AI or whatever comes next makes inroads.

A symposium takeaway: CDOs must focus on the people side of data and analytics, and be doubly sure to understand the nature of their data and how malleable it is for newer AI techniques.

SIEM benefits include efficient incident response, compliance

Security information and event management systems collect security log events from numerous hosts within an enterprise and store their relevant data centrally. By bringing this log data together, these SIEM products enable centralized analysis and reporting on an organization’s security events.

SIEM benefits include detecting attacks that other systems missed. Some SIEM tools also attempt to stop attacks — assuming the attacks are still in progress.

SIEM products have been available for many years, but initial security information and event management (SIEM) tools were targeted at large organizations with sophisticated security capabilities and ample security analyst staffing. It is only relatively recently that SIEM systems have emerged that are well-suited to meet the needs of small and medium-sized organizations.

SIEM architectures available today include SIEM software installed on a local server, a local hardware or virtual appliance dedicated to SIEM, and a public cloud-based SIEM service.

Different organizations use SIEM systems for different purposes, so SIEM benefits vary across organizations. This article looks at the three top SIEM benefits, which are:

  • streamlining compliance reporting;
  • detecting incidents that would otherwise not be detected; and
  • improving the efficiency of incident handling

1. Streamline compliance reporting

Many organizations deploy the tools for these SIEM benefits alone, including streamlining enterprise compliance reporting efforts through a centralized logging solution. Each host that needs to have its logged security events included in reporting regularly transfers its log data to a SIEM server. A single SIEM server receives log data from many hosts and can generate one report that addresses all of the relevant logged security events among these hosts.

An organization without a SIEM system is unlikely to have robust centralized logging capabilities that can create rich customized reports, such as those necessary for most compliance reporting efforts. In such an environment, it may be necessary to generate individual reports for each host or to manually retrieve data from each host periodically and reassemble it at a centralized point to generate a single report.

Many organizations deploy the tools for these SIEM benefits alone, including streamlining enterprise compliance reporting efforts through a centralized logging solution.

The latter can be incredibly difficult, in no small part because different operating systems, applications and other pieces of software are likely to log their security events in various proprietary ways, making correlation a challenge. Converting all of this information into a single format may require extensive code development and customization.

Another reason why SIEM tools are so useful is that they often have built-in support for most common compliance efforts. Their reporting capabilities are compliant with the requirements mandated by standards such as the Health Insurance Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS) and the Sarbanes-Oxley Act.

By using SIEM logs, an organization can save considerable time and resources when meeting its security compliance reporting requirements, especially if it is subject to more than one such compliance initiative.

2. Detect the undetected

SIEM systems are able to detect otherwise undetected incidents.

Many hosts that log security breaches do not have built-in incident detection capabilities. Although these hosts can observe events and generate audit log entries for them, they lack the ability to analyze the log entries to identify signs of malicious activity. At best, these hosts, such as end-user laptops and desktops, might be able to alert someone when a particular type of event occurs.

SIEM tools offer increased detection capabilities by correlating events across hosts. By gathering events from hosts across the enterprise, a SIEM system can see attacks that have different parts on different hosts and then reconstruct the series of events to determine what the nature of the attack was and whether or not it succeeded.

In other words, while a network intrusion prevention system might see part of an attack and a laptop’s operating system might see another part of the attack, a SIEM system can correlate the log data for all of these events. A SIEM tool can determine if, for example, a laptop was infected with malware which then caused it to join a botnet and start attacking other hosts.

It is important to understand that while SIEM tools have many benefits, they should not replace enterprise security controls for attack detection, such as intrusion prevention systems, firewalls and antivirus technologies. A SIEM tool on its own is useless because it has no ability to monitor raw security events as they happen throughout the enterprise in real time. SIEM systems use log data as recorded by other software.

Many SIEM products also have the ability to stop attacks while they are still in progress. The SIEM tool itself doesn’t directly stop an attack; rather, it communicates with other enterprise security controls, such as firewalls, and directs them to block the malicious activity. This incident response capability enables the SIEM system to prevent security breaches that other systems might not have noticed elsewhere in the enterprise.

To take this a step further, an organization can choose to have its SIEM tool ingest threat intelligence data from trusted external sources. If the SIEM tool detects any activity involving known malicious hosts, it can then terminate those connections or otherwise disrupt the malicious hosts’ interactions with the organization’s hosts. This surpasses detection and enters the realm of prevention.

3. Improve the efficiency of incident handling activities

Another of the many SIEM benefits is that SIEM tools significantly increase the efficiency of incident handling, which in turn saves time and resources for incident handlers. More efficient incident handling ultimately speeds incident containment, thus reducing the amount of damage that many security breaches and incidents cause.

A SIEM tool can improve efficiency primarily by providing a single interface to view all the security log data from many hosts. Examples of how this can expedite incident handling include:

  • it enables an incident handler to quickly identify an attack’s route through the enterprise;
  • it enables rapid identification of all the hosts that were affected by a particular attack; and
  • it provides automated mechanisms to stop attacks that are still in progress and to contain compromised hosts.

The benefits of SIEM products make them a necessity

The benefits of SIEM tools enable an organization to get a big-picture view of its security events throughout the enterprise. By bringing together security log data from enterprise security controls, host operating systems, applications and other software components, a SIEM tool can analyze large volumes of security log data to identify attacks, security threats and compromises. This correlation enables the SIEM tool to identify malicious activity that no other single host could because the SIEM tool is the only security control with true enterprise-wide visibility.      

Businesses turn to SIEM tools, meanwhile, for a few different purposes. One of the most common SIEM benefits is streamlined reporting for security compliance initiatives — such as HIPAA, PCI DSS and Sarbanes-Oxley — by centralizing the log data and providing built-in support to meet the reporting requirements of each initiative.

Another common use for SIEM tools is detecting incidents that would otherwise be missed and, when possible, automatically stopping attacks that are in progress to limit the damage.

Finally, SIEM products can also be invaluable to improve the efficiency of incident handling activities, both by reducing resource utilization and allowing real-time incident response, which also helps to limit the damage.

Today’s SIEM tools are available for a variety of architectures, including public cloud-based services, which makes them suitable for use in organizations of all sizes. Considering their support for automating compliance reporting, incident detection and incident handling activities, SIEM tools have become a necessity for virtually every organization.

4 steps to engage employees with new live events in Microsoft 365 – Microsoft 365 Blog

Earlier this month, we announced new intelligent event capabilities in Microsoft 365 that enable anyone to create live and on-demand events for teams and across the organization. Today, we invite you to use the public preview of live events in Microsoft 365 and discover new ways to foster connection and engagement between leaders and employees at every level in your organization.

More than ever before, employees in the modern workplace seek work environments that unlock creativity, make their lives more productive and fulfilling, and foster a sense of connection with their organization’s mission and purpose.

A critical first step for your organization to thrive in this new culture of work is to drive alignment of your people around shared purpose and goals. Leaders realize that organizations who do this well have an advantage in attracting and retaining an engaged workforce.

Here are four ways your organization can enable leaders and employees to connect with new live events in Microsoft 365:

1—Use live events to kickstart interactive discussions across your organization

Today, executives at Microsoft—including CEO Satya Nadella—use Microsoft 365 to connect and communicate with employees around the globe. Now, any company or organization with Microsoft 365 can create these moments of high engagement, where people are focused on leaders and their messages and ask questions to clarify or reinforce conversations in the community.

Using Microsoft Stream, Teams, or Yammer, you can create a live event wherever your audience, team, or community resides. Attendees receive notifications and can participate in real-time, with high-definition video and interactive discussion using web, mobile, or desktop.

Following an event, it’s easy to make the recording available on an event page, allowing you to watch the event on your own schedule and catch up quickly with powerful AI features that unlock the content of the event recording. The recording is automatically transcribed and detects changes in speakers—making it simple to search for content later.

For employees who are in different time zones or unable to attend live, the conversation keeps going, so they still feel connected to leaders and peers—helping to overcome geographical or organizational boundaries.

The event and recordings are powered by Microsoft Stream, the intelligent video service in Office 365.

Image of a laptop open to display a live event in Microsoft 365.

2—Foster sustained dialogue in open communities

Give everyone a voice—before, during, and after a live event in Microsoft 365—with Yammer communities that span functions or the entire organization. Providing a forum for employees to be heard is an important piece of transforming a culture. These communities are where people can come any time to raise ideas, concerns, or questions, and where leaders can reply in an authentic way.

An active Yammer community builds trust and a sense of connection and belonging. And it provides a forum where employees who might not feel comfortable speaking out during a live event can connect directly with leaders.

With inline message translation, live events in Microsoft 365 empowers people to express themselves in their own language.

3—Create an intranet site for leaders to share events, blogs, video, news, and resources

Communicate at scale as a leader with a continuous, online presence using content, conversation, and video channels within a SharePoint communications site. You can optimize for news distribution and blogs, and deepen engagement with related content, polls and surveys, and readership analytics.

This is also a great spot to share recorded events for later viewing. Simply create a dedicated page for each event where employees can submit questions and comments in advance. Leaders and organizers can then use this input to craft the messaging and content of the events.

4—Plan corporate communications and measure impact

Executive and internal communications may be managed by a team of one or a team of many—but it takes careful planning and execution to ensure success. Microsoft Teams—the hub for teamwork in Office 365—is ideally suited to work together in the creation and production of events and other executive communications. It provides an effective backstage for your live event, giving you a shared space to work with speakers and approve content before sharing with a broader audience.

Once you have begun engaging your audience, every message within a Yammer community has a visible count of how many people your post has reached. This helps both community organizers and employees understand what is being read. Group insights demonstrate how the knowledge and information created in the community benefit people—regardless of their membership status in the group. For example, passive visitors may gain value from group conversations and apply the information elsewhere in their daily work. You can also see the number of views for an event recording and across a channel, and how many people liked the video. Pages and news articles also have statistics to understand readership.

Empowering all leaders across an organization

Leadership, of course, does not just refer to organizational leaders. Leaders of communities may be subject matter experts, functional managers, or passionate individuals who are leading areas of expertise, practices, or interest groups. These same capabilities in Microsoft 365 can enable leaders at any level to create and sustain connection with their communities.

Patrick Yates, manager of Diversity and Inclusion at TDS Telecom, considers community connections and engagement an important part of the employee experience, and a boon to recruiting talent. “Younger generations entering the workforce especially want a modern, inclusive environment—to be part of something that’s larger than themselves.”

Connect your employees and leaders today

Experience the public preview of live events in Microsoft 365, and get started on connecting your leaders and employees today. We will be adding additional features and functionality based on your feedback in the Tech Community.

To create a live event, you will need an Office 365 E3 or E5 license and your admin must give you permission to do so. To attend a live event, you need an Office 365 license for authenticated users. Public (anonymous) access is possible in specific configurations.

For more information on the intelligent event capabilities, visit the Microsoft 365 live events post on Tech Community.

What is Windows event log? – Definition from WhatIs.com

The Windows event log is a detailed record of system, security and application notifications stored by the Windows operating system that is used by administrators to diagnose system problems and predict future issues.

Applications and the operating system (OS) use these event logs to record important hardware and software actions that the administrator can use to troubleshoot issues with the operating system. The Windows operating system tracks specific events in its log files, such as application installations, security management, system setup operations on initial startup, and problems or errors.

The elements of a Windows event log

Each event in a log entry contains the following information:

Date: The date the event occurred.

Time: The time the event occurred.

User: The username of the user logged onto the machine when the event occurred.

Computer: The name of the computer.

Event ID: A Windows identification number that specifies the event type.

Source: The program or component that caused the event.

Type: The type of event, including information, warning, error, security success audit or security failure audit.

For example, an information event might appear as:

Information        5/16/2018 8:41:15 AM    Service Control Manager              7036       None

A warning event might look like:

Warning               5/11/2018 10:29:47 AM  Kernel-Event Tracing      1              Logging

By comparison, an error event might appear as:

Error                      5/16/2018 8:41:15 AM    Service Control Manager              7001       None

A critical event might resemble:

Critical   5/11/2018 8:55:02 AM    Kernel-Power    41           (63)

The type of information stored in Windows event logs

The Windows operating system records events in five areas: application, security, setup, system and forwarded events. Windows stores event logs in the C:WINDOWSsystem32config folder.

Application events relate to incidents with the software installed on the local computer. If an application such as Microsoft Word crashes, then the Windows event log will create a log entry about the issue, the application name and why it crashed.

[embedded content]

Configure a centralized Windows Server 2016
event log subscription.

Security events store information based on the Windows system’s audit policies, and the typical events stored include login attempts and resource access. For example, the security log stores a record when the computer attempts to verify account credentials when a user tries to log on to a machine.

Setup events include enterprise-focused events relating to the control of domains, such as the location of logs after a disk configuration.

System events relate to incidents on Windows-specific systems, such as the status of device drivers.

Forwarded events arrive from other machines on the same network when an administrator wants to use a computer that gathers multiple logs.

Using the Event Viewer

Microsoft includes the Event Viewer in its Windows Server and client operating system to view Windows event logs. Users access the Event Viewer by clicking the Start button and entering Event Viewer into the search field. Users can then select and inspect the desired log.

Windows Event Viewer
The Event Viewer application in the Windows operating system

Windows categorizes every event with a severity level. The levels in order of severity are information, warning, error and critical.

Most logs consist of information-based events. Logs with this entry usually mean the event occurred without incident or issue. An example of a system-based information event is Event 42, Kernel-Power which indicates the system is entering sleep mode.

Warning level events are based on particular events, such as a lack of storage space. Warning messages can bring attention to potential issues that might not require immediate action. Event 51, Disk is an example of a system-based warning related to a paging error on the machine’s drive.

An error level indicates a device may have failed to load or operate expectedly. Event 5719, NETLOGON is an example of a system error when a computer cannot configure a secure session with a domain controller.

Critical level events indicate the most severe problems. Event ID 41, Kernel-Power is an example of a critical system event when a machine reboots without a clean shutdown.

Other tools to view Windows event logs

Microsoft also provides the wevtutil command-line utility in the System32 folder that retrieves event logs, runs queries, exports logs, archives logs and clear logs.

Third-party utilities that also work with Windows event logs include SolarWinds Log & Event Manager, which provides real-time event correlation and remediation; file integrity monitoring; USB device monitoring; and threat detection. Log & Event Manager automatically collects logs from servers, applications and network devices.

ManageEngine EventLog Analyzer builds custom reports from log data and sends real-time text message and email alerts based on specific events.

Using PowerShell to query events

Microsoft builds Windows event logs in extensible markup language (XML) format with an EVTX extension. XML provides more granular information and a consistent format for structured data.

Administrators can build complicated XML queries with the Get-WinEvent PowerShell cmdlet to add or exclude events from a query.