Microsoft Sentinel Project Deployment Tracker

A noted pain point in the current OOB workbook is the need for manual updates to the watchlist to monitor migration or deployment status. In contrast, this workbook will automatically populate the completion percentage based on the selected parameter scope. 

Microsoft Sentinel Project Deployment Tracker workbook offers a comprehensive, centralized view of critical deployment components, including: 

• Workspaces and their configurations 

• Data connectors and their activation status 

• Reporting metrics for progress tracking 

• Automation workflows for operational efficiency 

• Incident monitoring  

Outcome of the workbook: 

Microsoft Sentinel Workbook automatically tracks the completion status of deployments within the defined project scope and displays the completion percentage for each major deliverable, including Workspaces, Data Connectors, Use Cases, and Automation, alongside the data enablement status. By establishing the scope through workbook parameters, it allows you to monitor your deployment progress and detect incident threats within your environment effectively. 

This provides a comprehensive overview of the data that has started reporting along with a holistic view of workspaces, data connectors, reporting, threat intelligence integrations, automation, and incidents, all consolidated in a single interface. 

Workflow: 

Below are the steps that explains how to use the execute the workbook: 

Microsoft Sentinel: 

• Create a new workbook. 

• Deploy the template. 

• Save the workbook. 

Set Parameters based on scope to view the details: 

• Workspace: 

• • Select the workspace count. 

• Data connector: 

• • Set the scope of data connectors. 

• Table Name: 

• • Choose the respective table names. 

• Analytical Rules: 

• • Set the count of analytical rules to be part of workspaces. 

• Workbook: 

• • Set the count of workbooks. 

• Logic Apps: 

• • Set the count of logic apps. 

Detailed View: 

• Deployment Score Tab: 

• • Displays the completed percentage score below key overview. 

• • Key Overview: Connectors, Analytics Rules, Workbooks, Logic Apps. 

• Enablement Data Tab: 

• • Reflects info on datasets that are reporting as part of workspaces. 

• Additional Tabs: 

• • Displays additional workspace info. 

• • Projects the logs enabled in workspaces. 

• • Detailed info on enabled rules/workbooks/logic apps. 

• Incidents Tab: 

• • View incidents detected in the environment. 

 

Below is the Flowchart on how to execute the workbook and follow this GitHub link to view the code: