This article describes the workbook on “Microsoft Sentinel Project Deployment Tracker” used to track the completion status of Microsoft sentinel deployment and the comprehensive overview of the data that has begun reporting.
A noted pain point in the current OOB workbook is the need for manual updates to the watchlist to monitor migration or deployment status. In contrast, this workbook will automatically populate the completion percentage based on the selected parameter scope.
Microsoft Sentinel Project Deployment Tracker workbook offers a comprehensive, centralized view of critical deployment components, including:
- Workspaces and their configurations
- Data connectors and their activation status
- Reporting metrics for progress tracking
- Automation workflows for operational efficiency
- Incident monitoring
Outcome of the workbook:
Microsoft Sentinel Workbook automatically tracks the completion status of deployments within the defined project scope and displays the completion percentage for each major deliverable, including Workspaces, Data Connectors, Use Cases, and Automation, alongside the data enablement status. By establishing the scope through workbook parameters, it allows you to monitor your deployment progress and detect incident threats within your environment effectively.
This provides a comprehensive overview of the data that has started reporting along with a holistic view of workspaces, data connectors, reporting, threat intelligence integrations, automation, and incidents, all consolidated in a single interface.
Workflow:
Below are the steps that explains how to use the execute the workbook:
Microsoft Sentinel:
- Create a new workbook.
- Deploy the template.
- Save the workbook.
Set Parameters based on scope to view the details:
- Workspace:
-
- Select the workspace count.
- Data connector:
-
- Set the scope of data connectors.
- Table Name:
-
- Choose the respective table names.
- Analytical Rules:
-
- Set the count of analytical rules to be part of workspaces.
- Workbook:
-
- Set the count of workbooks.
- Logic Apps:
-
- Set the count of logic apps.
Detailed View:
- Deployment Score Tab:
-
- Displays the completed percentage score below key overview.
-
- Key Overview: Connectors, Analytics Rules, Workbooks, Logic Apps.
- Enablement Data Tab:
-
- Reflects info on datasets that are reporting as part of workspaces.
- Additional Tabs:
-
- Displays additional workspace info.
-
- Projects the logs enabled in workspaces.
-
- Detailed info on enabled rules/workbooks/logic apps.
- Incidents Tab:
-
- View incidents detected in the environment.
Below is the Flowchart on how to execute the workbook and follow this GitHub link to view the code:
Updated Apr 02, 2025
Version 7.0Nivetha_Muthukrishnan
Microsoft
Joined May 24, 2023
Microsoft Sentinel Blog
Microsoft Sentinel is a cloud-native SIEM, enriched with AI and automation to provide expansive visibility across your digital environment.
When evaluating various solutions, your peers value hearing from people like you who’ve used the product. Review Microsoft Sentinel by filling out a Gartner Peer Insights survey and receive a $25 USD gift card (for customers only). Here are the Privacy/Guideline links: Microsoft Privacy Statement, Gartner’s Community Guidelines & Gartner Peer Insights Review Guide.