Forum Discussion

Copper Contributor

Nov 04, 2019

Does port enumeration attack make sentinel create incident?

I am testing Azure Sentinel. I have a data connector,windows firewall.The windows firewall agent is on a window machine. I scanned windows machine with nmap. I get logs from firewall and show in sent...

akhilnz

Copper Contributor

Nov 04, 2019

Hi KoKyi, If you think you need to treat particular event as a case. You can create an alert for it, by going to Configuration-> Analytics. There are lots of alert rule template to pick from.

KoKyi
Copper Contributor
Nov 04, 2019
Hi akhilnx, I see now. Thanks for your help.