Forum Discussion
Conversion of Existing SIEM(QRadar, Arcsight) rule to Sentinel
The key challenge which we are facing is to migrate existing SIEM(QRadar, ArcSight) solution use cases to Sentinel Use cases. We tried uncoder.io but even that is not helpful to 1%. Please support if...
You can convert only the queries. Use cases in ArcSight ESM or QRadar has to be rebuilt on Sentinel manually.
mergene but I am unable to convert query also. You mean using undecoder.io or there is other way available.
