Extend sentinel/LAW table schema

Hi, we are working on migrating from a SIEM solution to sentinel and for users to migrate easily, we want to have some custom fields to LAW/Sentinel tables (eg) a filed named brand_CF needs to be add...

apis

automation

migration

siem

ManiAnna
Apr 27, 2025
Thanks, I was able to get it working with API.. on Terraform I used and tested the AZAPI and created the _CL tables and _CF fields successfully.

https://learn.microsoft.com/en-us/rest/api/loganalytics/tables/create-or-update?view=rest-loganalytics-2025-02-01&tabs=HTTP

Clive_Watson

Bronze Contributor

Apr 24, 2025

Hi, please take a look at Transformations or the API

Custom data ingestion and transformation in Microsoft Sentinel | Microsoft Learn

ManiAnna

Copper Contributor

Apr 27, 2025

Thanks, I was able to get it working with API.. on Terraform I used and tested the AZAPI and created the _CL tables and _CF fields successfully.

https://learn.microsoft.com/en-us/rest/api/loganalytics/tables/create-or-update?view=rest-loganalytics-2025-02-01&tabs=HTTP

Forum Discussion

Extend sentinel/LAW table schema

Resources