Forum Discussion

Copper Contributor

Nov 09, 2020

Day/week/Time based Analytical (scheduled) rule in Azure Sentinel

Hi Community, I am currently working with a client on a certain requirement for detection of an office 365 message activity based on time and date. below business use case in detail Use ca...

GaryBushey

Bronze Contributor

Nov 10, 2020

KrishhnaM You could use a dayofweek function to determine if it is a weekend or not and then and iif statement to handle different hour of the day processing.

CliveWatson

Former Employee

Nov 10, 2020

Some examples: https://techcommunity.microsoft.com/t5/azure-sentinel/how-to-align-your-analytics-with-time-windows-in-azure-sentinel/ba-p/1667574