Blog Post

Microsoft Sentinel Blog
2 MIN READ

Microsoft Sentinel Project Deployment Tracker

Nivetha_Muthukrishnan's avatar
Mar 27, 2025

This article describes the workbook on “Microsoft Sentinel Project Deployment Tracker” used to track the completion status of Microsoft sentinel deployment and the comprehensive overview of the data that has begun reporting.

A noted pain point in the current OOB workbook is the need for manual updates to the watchlist to monitor migration or deployment status. In contrast, this workbook will automatically populate the completion percentage based on the selected parameter scope. 

Microsoft Sentinel Project Deployment Tracker workbook offers a comprehensive, centralized view of critical deployment components, including: 

  • Workspaces and their configurations 
  • Data connectors and their activation status 
  • Reporting metrics for progress tracking 
  • Automation workflows for operational efficiency 
  • Incident monitoring  
Outcome of the workbook: 

Microsoft Sentinel Workbookautomatically tracks the completion status of deployments within the defined project scope and displays the completion percentage for each major deliverable, including Workspaces, Data Connectors, Use Cases, and Automation, alongside the data enablement status. By establishing the scope through workbook parameters, it allows you to monitor your deployment progress and detect incident threats within your environment effectively. 

This provides a comprehensive overview of the data that has started reporting along with a holistic view of workspaces, data connectors, reporting, threat intelligence integrations, automation, and incidents, all consolidated in a single interface. 

Workflow: 

Below are the steps that explains how to use the execute the workbook: 

Microsoft Sentinel: 

  • Create a new workbook. 
  • Deploy the template. 
  • Save the workbook. 


Set Parameters based on scope to view the details
: 

  • Workspace: 
    • Select the workspace count. 
  • Data connector: 
    • Set the scope of data connectors. 
  • Table Name: 
    • Choose the respective table names. 
  • Analytical Rules: 
    • Set the count of analytical rules to be part of workspaces. 
  • Workbook: 
    • Set the count of workbooks. 
  • Logic Apps: 
    • Set the count of logic apps. 


Detailed View
: 

  • Deployment Score Tab: 
    • Displays the completed percentage score below key overview. 
    • Key Overview: Connectors, Analytics Rules, Workbooks, Logic Apps. 
  • Enablement Data Tab: 
    • Reflects info on datasets that are reporting as part of workspaces. 
  • Additional Tabs: 
    • Displays additional workspace info. 
    • Projects the logs enabled in workspaces. 
    • Detailed info on enabled rules/workbooks/logic apps. 
  • Incidents Tab: 
    • View incidents detected in the environment. 

 

Below is the Flowchart on how to execute the workbook and follow this GitHub link to view the code:

Updated Apr 02, 2025
Version 7.0
  • lasse_selsing's avatar
    lasse_selsing
    Copper Contributor

    i would love to test our your workbook, but the PDF formatting just makes it impossible to deploy.
    can you share as just the pure arm template or upload it to a public github?

    • Nivetha_Muthukrishnan's avatar
      Nivetha_Muthukrishnan
      Icon for Microsoft rankMicrosoft

      Hi Lasse_selsing, Thanks for your feedback. please find the updated GitHub link in the post now.