Liongard
Create
Log in
Sign up
Roadmap
Feedback
Metrics Library
970
Boards
Feature Requests
Metrics Library
Powered by Canny
Metrics Library
This is a community-led space where Liongard users can come to teach and learn from one another. Share custom Metrics, get inspired and see what’s trending in the Pride.
Details
Category
Veeam Service Provider Console
Windows Server
Microsoft 365
Cisco Meraki
Amazon Web Services
SonicWall
Internet Domain/DNS
Dark Web Monitoring
Google Workspace
N-able RMM
Hyper-V
Sophos XG
VMware ESXi
Azure Active Directory
SentinelOne
Huntress
Fortinet FortiGate
Azure
Duo Security
Roar
Windows Workstation
Active Directory
N-able Backup
Auvik
Datto RMM
WatchGuard
Ubiquiti UniFi
macOS
ConnectWise Manage
Continuum RMM
TLS/SSL Certificates
ESET Licensing
JumpCloud
Sophos Central
GoDaddy
IT Glue
KnowBe4
ConnectWise Automate
Cisco Small Business Solution (SBS)
Network Discovery
OneLogin
SQL Server
Kaseya BMS
NinjaRMM
Cisco Umbrella
Acronis Cyber Cloud
Cisco ASA
Palo Alto
N-able N-central
Autotask
Bitdefender
Managed Printer
Microsoft OneDrive
Microsoft Teams
VMware vCenter
Linux
Webroot Secure Anywhere GSM
Syncro
3CX
StorageCraft SPX
Cisco IOS
BCDR data
Cloudflare
Veeam Availability Console
Kaseya VSA
Domotz
Adigy
Datto Networking
Uncategorized
Showing
Trending
Sort
Trending
Top
New
Filter
Under Review
Planned
In Progress
Future Consideration
Candidate For Implementing
Under Consideration
Needs Review
Blocked
Under Development
Submitted
Reviewed
Complete
posts in
All Categories
All Categories
Veeam Service Provider Console (3)
Windows Server (80)
Microsoft 365 (127)
Cisco Meraki (18)
Amazon Web Services (7)
SonicWall (31)
Internet Domain/DNS (26)
Dark Web Monitoring (1)
Google Workspace (8)
N-able RMM (5)
Hyper-V (8)
Sophos XG (4)
VMware ESXi (3)
Azure Active Directory (29)
SentinelOne (10)
Huntress (9)
Fortinet FortiGate (20)
Azure (12)
Duo Security (23)
Roar (185)
Windows Workstation (51)
Active Directory (104)
N-able Backup (7)
Auvik (10)
Datto RMM (11)
WatchGuard (3)
Ubiquiti UniFi (10)
macOS (2)
ConnectWise Manage (3)
Continuum RMM (10)
TLS/SSL Certificates (8)
ESET Licensing (3)
JumpCloud (2)
Sophos Central (9)
GoDaddy (3)
IT Glue (10)
KnowBe4 (5)
ConnectWise Automate (5)
Cisco Small Business Solution (SBS) (4)
Network Discovery (9)
OneLogin (3)
SQL Server (4)
Kaseya BMS (1)
NinjaRMM (1)
Cisco Umbrella (8)
Acronis Cyber Cloud (2)
Cisco ASA (8)
Palo Alto (1)
N-able N-central (7)
Autotask (2)
Bitdefender (1)
Managed Printer (6)
Microsoft OneDrive (2)
Microsoft Teams (3)
VMware vCenter (2)
Linux (2)
Webroot Secure Anywhere GSM (11)
Syncro (1)
3CX (1)
StorageCraft SPX (1)
Cisco IOS (4)
BCDR data (15)
Cloudflare (1)
Veeam Availability Console (2)
Kaseya VSA (3)
Domotz (1)
Adigy (1)
Datto Networking (2)
Azure Active Directory: Days Since Last AADC Sync
Counts the number of days since the last Azure Active Directory Connect (AADC) sync. Useful for determining if there is an issue as it should always be <1. SystemInfo.DirectorySync[?DaysSinceLastSync_r > 0 ] | length(@)
6
·
submitted
21
Azure Active Directory: InTune registered devices with Encryption disabled
Detects corporate intune registered devices not encrypted.Outputs into CSV friendly format Devices[?intuneRegistered_r == true && accountEnabled == true && ownership_r == Corporate && isEncrypted == false ].deviceName | join( , , @)
0
·
submitted
1
Azure Active Directory: Excluded Groups From MFA enforcement Policy
You will need to customize the displayName in the query to the string you use to describe your MFA policy. For example if your policy name is Required MFA DUO then your metric would look like this instead Groups[?contains(~.Policies.ConditionalAccess[?displayName == Required MFA DUO ].conditions.users.excludeGroups[], id) ].displayName Groups[?contains(~.Policies.ConditionalAccess[?displayName == MFA Enforcement ].conditions.users.excludeGroups[], id) ].displayName
0
·
submitted
1
Azure Active Directory: Excluded Users from MFA enforcement Policy
You will need to customize the displayName in the query to the string you use to describe your MFA policy. For example if your policy name is Required MFA DUO then your metric would look like this instead Users[?contains(~.Policies.ConditionalAccess[?displayName == Required MFA DUO ].conditions.users.excludeUsers[], id) ].displayName Users[?contains(~.Policies.ConditionalAccess[?displayName == Exchange Online Requires Compliant Device ].conditions.users.excludeUsers[], id) ].displayName
1
·
submitted
1
Azure Active Directory: Computers Details [PowerBI]
Returns the name, os system, os version, and encryption status of the device in Azure AD. Devices[].[displayName, operatingSystem, operatingSystemVersion, isEncrypted]
0
·
submitted
1
Azure Active Directory: Count of Users in Assigned Group
Returns the number of users assigned to group. This is a contains function, so you don't need to be exact. Users[?contains(to_string(assignedGroups[]), 'Group')].displayName | length(@)
0
·
submitted
1
Azure Active Directory: Clients with/without "a service"
This is good to identify clients with a service or services.If looking for 2 services:SecureScore[?contains(enabledServices, HasAaADP1 ) || contains(enabledServices, HasAaADP2 )] && SystemInfo.Overview.CompanyName SecureScore[?contains(enabledServices, HasAADP2 )] && SystemInfo.Overview.CompanyName
0
·
submitted
1
Azure Active Directory: Included Groups in MFA Enforcement Policy
The DisplayName will need to be edited to match the string you use for your MFA enforcement policy, so for Example if yours is called Require DUO MFA the string metric would read Groups[?contains(~.Policies.ConditionalAccess[?displayName == Require DUO MFA ].conditions.users.includeGroups[], id) ].displayName Groups[?contains(~.Policies.ConditionalAccess[?displayName == Enforced MFA ].conditions.users.includeGroups[], id) ].displayName
0
·
submitted
2
Azure Active Directory: Included Users in MFA Enforcement Policy
You will need to customize the displayName in the query to the string you use to describe your MFA policy. For example if your policy name is Required MFA DUO then your metric would look like this instead Users[?contains(~.Policies.ConditionalAccess[?displayName == Required MFA DUO ].conditions.users.includeUsers[], id) ].displayName Users[?contains(~.Policies.ConditionalAccess[?displayName == Required MFA DUO ].conditions.users.includeUsers[], id) ].displayName
0
·
submitted
2
Azure Active Directory: Risk Detections List
Returns a list of Azure Active Directory/Entra ID Risk Detections RiskDetections[].['---'userDisplayName, '-'userPrincipalName,'-' riskEventType ,'-'locationStr, '-'activityDateTime]
0
·
submitted
1
Load More
→
Powered by Canny
