Forum Discussion
rpargman
Nov 19, 2020Copper Contributor
Export and Import Saved Queries and Functions from one Sentinel Workspace to Another
I have been getting so much value out of Azure Sentinel, custom log types, and custom functions to parse logs and make them easy to query in KQL (I have Sysmon, Suricata and Zeek among others). I've ...
- Nov 19, 2020
rpargman You need to use the Log Analytics REST API to get access to those. Take a look at: https://docs.microsoft.com/en-us/rest/api/loganalytics/savedsearches to get started
Ofer_Shezaf
Microsoft
Nov 30, 2020rpargman , GaryBushey : the powershell cmdlets might be an easier start than the API: create, remove, get
rpargman
Nov 30, 2020Copper Contributor
Oh thank you! I'll check those out, too. I appreciate the tip.