Forum Discussion
smhasn
Nov 08, 2019Copper Contributor
Logs Size and Total Data Received in Azure Sentinel
Hello, I need to find a way how to check for the logs size in total that is been received from data connectors and the total number of data that is been received? Regards, Mazhar
- Nov 08, 2019
There are few ways to collect data from Azure Sentinel:
- Visualize data using the Azure Data Explorer (including excel report)
- Using Workbook inside Azure Sentinel to gain extensive insight
- Create a PowerBI report (need to create connector and few customizations)
- With KQL you can pull out any data, example general command:
// Billable performance data over the last 30 days
Usage| where TimeGenerated > ago(30d)| where IsBillable == true| summarize TotalVolumeGB = sum(Quantity) / 1024
Clive_Watson
Sep 21, 2023Bronze Contributor
resources is a table in in "Azure Resource Graph" (ARG) type: "resource graph" into the search in the Azure Portal. As of last week you can access ARG from the logs blade as well: Query Azure Resource Graph from Azure Monitor - Microsoft Community Hub
You are right its not showing in the Content Hub, its still in Github, so you can get it here: raw.githubusercontent.com/Azure/Azure-Sentinel/master/Workbooks/SentinelCentral.json
[Ctrl-C] the workbook file content (these are JSON files),
To install into Sentinel, create a New Workbook: Add-Workbook --> Edit --> then use Advanced Edit (press the </> icon) then [paste] over any json that exists.
Press Apply
Then Save it
smhasn
Sep 22, 2023Copper Contributor
Thanks for the detailed help. Appreciated.
I was able to reproduce these using ARG and Sentinel Workbook. Thanks
I was able to reproduce these using ARG and Sentinel Workbook. Thanks