Log Analytics / Sentinel - Dictionary of Solutions, Schemas and Variables

Question

Hi Team, does anyone know of a good centralised repository (like a dictionary) of Azure Solutions mapped to their Log Schemas, and a definition of the fields within each?

For example, if you take a look at the following LA workspace logs:

We'd like the full list of potentially available sources, with a mapping to which component provides / feeds into each one of these logs, and a clear explanation of the fields within each of these.

Thanks

fedecharosky · Answer

stijsselingone of my analysts is starting to pull together a repository that we plan to open-source to the community - I'll tell them to share the github repo here.

clivewatson · Answer

fedecharosky&nbsp;
&nbsp;
Does this help?&nbsp;https://github.com/Azure/Azure-Sentinel/wiki/DataSource-Schema-Reference

stijsseling · Answer

I am looking for the same. This would be extremely helpful.

fedecharosky · Answer

CliveWatsonsuper helpful; do you know if there are plans to include all other schemas?

Forum Discussion

Log Analytics / Sentinel - Dictionary of Solutions, Schemas and Variables

4 Replies

Resources