Forum Discussion
Conversion of Existing SIEM(QRadar, Arcsight) rule to Sentinel
The key challenge which we are facing is to migrate existing SIEM(QRadar, ArcSight) solution use cases to Sentinel Use cases. We tried uncoder.io but even that is not helpful to 1%. Please support if...
erdem-erdogan
Microsoft
MicrosoftThis article covers the related best practices comprehensively.
Best practices for migrating detection rules from ArcSight, Splunk and QRadar to Azure Sentinel
https://techcommunity.microsoft.com/t5/azure-sentinel/best-practices-for-migrating-detection-rules-from-arcsight/ba-p/2216417
Best practices for migrating detection rules from ArcSight, Splunk and QRadar to Azure Sentinel
https://techcommunity.microsoft.com/t5/azure-sentinel/best-practices-for-migrating-detection-rules-from-arcsight/ba-p/2216417