Forum Discussion
Solved
Creating Sentinel instances with code
I would like to use an infrastructure as code approach to create multiple Azure Sentinel instances consistently. Can anyone point me to some resources that would provide some recommendations about ho...
- Yes, check out these resources: https://techcommunity.microsoft.com/t5/azure-sentinel/deploying-and-managing-azure-sentinel-as-code/ba-p/1131928 and https://medium.com/threat-hunters-forge/azure-sentinel-to-go-b5f6848d3c61 or if you prefer YouTube https://www.youtube.com/watch?v=Iu-zLuC5izg and it appears there is a GitHub repo here to save you a lot of this work https://github.com/javiersoriano/sentinelascode
Thanks for the comprehensive list of resources. Looks like I need to do some reading so that we can make some good decisions
Dean_Gross I would also add: https://github.com/Azure/Azure-Sentinel/tree/master/Tools/Sentinel-All-In-One is it has 90% of what needs to be done already done. There is also a sub-folder, MSSPVersion, that sets up Azure Lighthouse as well.
- Thanks, obviously we already have some things 😀 . I just want to become more knowledgeable about the options
- I think you will be able to get most of the deployment done automatically but some of the data connectors will still need to be done manually.
