Forum Discussion
export rules from analytics
Hi All
I am sure this is a simple issue - I am just wanting to export all the rules from the analytics workspace in Sentinel (disabled / Enabled) into a platform to enable me to monitor the rules, update and amend accordingly. is there a way to export the rules in analytics. I have seen a few examples of exporting a rule from logs but essentially this isnt going to work for me. tks in advance
3 Replies
- Rod_Trent
Microsoft
wootts There's also a PowerShell module:
https://github.com/wortell/AZSentinel/tree/master/AzSentinel
- Rod_Trent does these modules import all kind of rules apart from scheduled one like NRT , Fusion , ML , MS Security rules as well ?
wootts You can do so using the Azure Sentinel REST API. I wrote some blog posts about how to do that at https://www.garybushey.com
