SOLVED
Home

Join Our Azure Sentinel Community

%3CLINGO-SUB%20id%3D%22lingo-sub-376302%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-376302%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F44888%22%20target%3D%22_blank%22%3E%40Ryan%20Heffernan%3C%2FA%3E%26nbsp%3BPreview%20not%20working%20for%20us.%20The%20setup%20process%20wants%20to%20create%20a%20'Resource%20Group'.%20This%20is%20not%20allowed%20to%20us%20because%20it%20costs%20money%20without%20the%20ability%20to%20limit%20the%20spending.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-370401%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-370401%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F656%22%20target%3D%22_blank%22%3E%40Chris%20Shalda%3C%2FA%3E%20We'll%20have%20a%20specific%20User%20Voice%20channel%20for%20Azure%20Sentinel%20soon.%20Please%20stay%20tuned.%20%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-362623%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-362623%22%20slang%3D%22en-US%22%3EFYI%2C%20there%20is%20not%20a%20specific%20topic%20group%20on%20the%20referenced%20User%20Voice%20for%20Azure%20Sentinel.%20I%20would%20suspect%20this%20would%20be%20desired%2C%20not%20sure%20how%20to%20make%20that%20happen%20besides%20me%20posting%20a%20feedback%20item%20under%20the%20general%20topic%20group%20(which%20I%20have%20already%20done).%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-359937%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-359937%22%20slang%3D%22en-US%22%3EClick%20the%20link%20above%20at%20the%20end%20of%20the%20second%20paragraph%20to%20join%20the%20public%20preview.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-359733%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-359733%22%20slang%3D%22en-US%22%3E%3CP%3EEnabled%20in%20out%20Test%20Azure%20Tenant%2C%20looks%20fine%2C%20but%20I'm%20missing%20the%20possibility%20to%20get%20to%20the%20specific%20Events%20for%20more%20Details%20from%20the%20Dashboard.%20Hope%20it%20will%20be%20added%20in%20the%20future.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-358972%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-358972%22%20slang%3D%22en-US%22%3E%3CP%3Ehow%20we%20can%20enable%20in%20our%20tenant%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-358952%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-358952%22%20slang%3D%22en-US%22%3E%3CP%3EEnabled%20this%20in%20our%20tenant%20today%2C%20can't%20wait%20to%20start%20exploring!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-358699%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-358699%22%20slang%3D%22en-US%22%3E%3CP%3EStarted%20playing%20with%20this%20today...%20looking%20very%20promising%20indeed%20%3B)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-389328%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-389328%22%20slang%3D%22en-US%22%3ECan%20you%20please%20let%20me%20know%20the%20best%20place%20to%20provide%20feedback%20and%20discuss%20issues%20for%20the%20Sentinel%20SIEM%20please%3F%20is%20that%20here%20or%20in%20Yammer%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390164%22%20slang%3D%22en-US%22%3ERE%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390164%22%20slang%3D%22en-US%22%3EWhen%20will%20the%20cost%20be%20announced%20for%20sentinel%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390181%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390181%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F149429%22%20target%3D%22_blank%22%3E%40David%20Delorge%3C%2FA%3E%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20might%20be%20wrong%2C%20but%20I%20think%20the%20cost%20comes%20from%20your%20ALA%20(Azure%20Log%20Analytics)%20tier.%20My%20dev%20subscription%20currently%20has%2018m%20events%20in%20Sentinel%20and%20we%20have%20not%20seen%20any%20increased%20cost%20so%20far.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390201%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390201%22%20slang%3D%22en-US%22%3E%3CP%3EI%20read%20online%20(see%20post)%20that%20they%20haven't%20decided%20on%20pricing%20yet%2C%20which%20is%20why%20I%20was%20asking.%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F293663%22%20target%3D%22_blank%22%3E%40Tyler%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fazure.microsoft.com%2Fen-us%2Fpricing%2Fdetails%2Fazure-sentinel%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fazure.microsoft.com%2Fen-us%2Fpricing%2Fdetails%2Fazure-sentinel%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390318%22%20slang%3D%22en-US%22%3ERe%3A%20RE%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390318%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F149429%22%20target%3D%22_blank%22%3E%40David%20Delorge%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Einteresting!%20i%20did%20not%20think%20it%20was%20going%20to%20be%20separate%20from%20the%20current%20ALA%20tier.%20good%20to%20know%20for%20the%20future.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-489337%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-489337%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F89690%22%20target%3D%22_blank%22%3E%40Chris%20Boehm%3C%2FA%3E%26nbsp%3BI'm%20having%20trouble%20pulling%20a%20custom%20log%20from%20a%20Linux%20server.%26nbsp%3B%20OMS%20is%20talking%20fine%20but%20when%20I%20go%20to%20Workspace%20settings%20%26gt%3B%20advanced%20settings%20%26gt%3B%20Custom%20Logs%2C%20it%20fails%20to%20add%20at%20the%20end.%26nbsp%3B%20I%20think%20it's%20because%20I%20cannot%20edit%20the%20%22Name%22%20filed%20on%20the%20final%20step%2C%20I%20can%20add%20a%20description%20though.%26nbsp%3B%20The%20Next%20button%20stays%20dim%20%3A(%3C%2Fimg%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20this%20the%20right%20place%20for%20help%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-542437%22%20slang%3D%22en-US%22%3ERE%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-542437%22%20slang%3D%22en-US%22%3Einteresting%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-390482%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-390482%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F129396%22%20target%3D%22_blank%22%3E%40David%20Caddick%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EPlease%20continue%20providing%20feedback%20here%20on%20the%20Azure%20Sentinel%20Communities%2C%20if%20you're%20specifically%20asking%20for%20a%20feature%20request%20on%20a%20product%20go%20here.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3E%3CA%20href%3D%22https%3A%2F%2Ffeedback.azure.com%2Fforums%2F920458-azure-sentinel%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Ffeedback.azure.com%2Fforums%2F920458-azure-sentinel%3C%2FA%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3Ereferencing%20Ryan's%20Community%20post%20%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FAzure-Advanced-Threat-Protection%2FJoin-Our-Security-Community%2Fm-p%2F311170%22%20target%3D%22_blank%22%20rel%3D%22noopener%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FAzure-Advanced-Threat-Protection%2FJoin-Our-Security-Community%2Fm-p%2F311170%3C%2FA%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3E%22%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3EWe%20want%26nbsp%3Byou%20to%20%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3Espeak%20directly%20to%20our%20engineering%20teams.%3C%2FSTRONG%3E%20We%26nbsp%3Bbelieve%20that%20the%20best%20way%20to%20improve%20our%20security%20products%20is%20by%20having%20no%20barriers%20between%20you%20and%20the%20people%20that%20create%20them.%20That's%20why%20we%20need%20your%20participation%20in%20our%20security%20community.%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3EAs%20part%20of%20our%20community%20you%20can%20%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3Einfluence%20our%20products%3C%2FSTRONG%3E%20and%20get%20%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3Eearly%20access%26nbsp%3Bto%20changes%3C%2FSTRONG%3E%20by%20participating%20in%20private%20previews%2C%20giving%20feedback%2C%20requesting%20features%2C%20reviewing%20product%20roadmaps%2C%20joining%20webinars%20and%20calls%2C%20or%20attending%20in-person%20events.%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3EJoin%20Us%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3ETo%20join%20our%20community%2C%20%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Fplugins%2Fcommon%2Ffeature%2Foauth2sso%2Fsso_login_redirect%3Freferer%3Dhttps%253A%252F%252Ftechcommunity.microsoft.com%252Ft5%252FEnterprise-Mobility-Security%252Fct-p%252FEMS%22%20target%3D%22_newtab%22%3Eclick%20here%3C%2FA%3E%2C%20and%20then%20click%20the%20%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3Ejoin%3C%2FSTRONG%3E%20button%20and%20the%20heart%20icons%20of%20the%20groups%20your%20are%20interested%20in%2C%20as%20pictured%20below.%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%22%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-582486%22%20slang%3D%22en-US%22%3ERE%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-582486%22%20slang%3D%22en-US%22%3ECertainly%20interested%20into%20it.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-709527%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-709527%22%20slang%3D%22en-US%22%3EThanks%20for%20these%20excellent%20tooling.%20We%20enable%20and%20integrated%20with%20AAD%2C%20O365%2C%20Security%20Center%20day%20we%20heard%20about%20it%20and%20very%20cool%20so%20far..%20I%20am%20still%20a%20bit%20muddy%20though%20on%20how%20my%20existing%20non-azure%20oms%20agent%20hosts%20that%20currently%20send%20data%20to%20an%20existing%20log%20analytics%20workspace%2C%20and%20how%20the%20agents%20gets%20data%20to%20ATP%2C%20Security%20Centre%20send%20data%20to%20Sentinel.%20What's%20the%20best%20practice%20for%20agent%20install%20on%20hosts%20to%20get%20data%20to%20all%20the%20security%20portals%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-710610%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-710610%22%20slang%3D%22en-US%22%3E%3CP%3Ehow%20we%20cam%20enable%20azure%20senitel%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-710682%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-710682%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F4821%22%20target%3D%22_blank%22%3E%40Andrew%20Huddleston%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20believe%20this%20comes%20down%20to%20where%20you're%20needing%20the%20data%2C%20the%20OMS%20agent%20can%20be%20multihomed%3C%2FP%3E%0A%3CP%3E%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3E%3CA%20href%3D%22https%3A%2F%2Fblogs.technet.microsoft.com%2Fmsoms%2F2016%2F05%2F26%2Foms-log-analytics-agent-multi-homing-support%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fblogs.technet.microsoft.com%2Fmsoms%2F2016%2F05%2F26%2Foms-log-analytics-agent-multi-homing-support%2F%3C%2FA%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3EThis%20allows%20you%20to%20send%20data%20to%20multiple%20different%20workspaces.%20Be%20aware%20you'll%20be%20charged%20twice%20for%20the%20data.%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3EIf%20you're%20wanting%20to%20take%20advantage%20of%20the%20services%20you're%20already%20paying%20for%20you%20should%20have%20something%20like%20this%2C%20I'm%20going%20to%20be%20using%20Azure%20Security%20Center%20as%20an%20example.%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EServer%20-%26gt%3B%20MMA%2FOMS%20Agent--%26gt%3B%20Azure%20Security%20Center%20--%26gt%3B%20Azure%20Sentinel%3C%2FP%3E%0A%3CP%3EThis%20way%20you'll%20still%20have%20all%20the%20data%20within%20Azure%20Security%20Center's%20Workspace%2C%20you'll%20get%20security%20related%20alerts%20ingested%20into%20Azure%20Sentinel.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EYou%20can%20take%20another%20approach%20as%20to%20having%20Azure%20Sentinel%20and%20Azure%20Security%20Center%20together%20by%20using%20the%20same%20workspace.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EServer%20-%26gt%3B%20MMA%2FOMS%20Agent%20-%26gt%3B%20Workspace(Azure%20Security%20Center%2FAzure%20Sentinel)%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EYou'll%20see%20a%20lot%20%3CU%3E%3CSTRONG%3Emore%20raw%20events%20this%20way%3C%2FSTRONG%3E%3C%2FU%3E%2C%20get%20Azure%20Security%20Center%20benefits%20within%20the%20same%20workspace%2C%20but%20still%20able%20to%20use%20the%20investigation%2Falerts%2Fautomation%20with%20Azure%20Sentinel%20with%20the%20additional%20information.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EHope%20this%20helped%20answer%20your%20question%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-710684%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-710684%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F40284%22%20target%3D%22_blank%22%3E%40Sankarasubramanian%20Parameswaran%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EPlease%20view%20this%20link%20to%20getting%20started%20with%20Azure%20Sentinel%3A%26nbsp%3B%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsentinel%2Fquickstart-onboard%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsentinel%2Fquickstart-onboard%3C%2FA%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIt's%20already%20in%20open%20preview.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-711128%22%20slang%3D%22en-US%22%3EAzure%20log%20analytics%20architecture%20-%20best%20practices%20and%2For%20nested%20instances%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-711128%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Chris%2C%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F89690%22%20target%3D%22_blank%22%3E%40Chris%20Boehm%3C%2FA%3E%26nbsp%3B%40Ofer%20Shezaf%3C%2FP%3E%3CP%3ECan%20you%20confirm%20the%20details%20here%20still%20hold%20true%3F%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2Fuglide%2Fazure-content%2Fblob%2Fmaster%2Farticles%2Flog-analytics%2Flog-analytics-manage-access.md%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2Fuglide%2Fazure-content%2Fblob%2Fmaster%2Farticles%2Flog-analytics%2Flog-analytics-manage-access.md%3C%2FA%3E%26nbsp%3BThis%20seems%20to%20be%20a%20very%20good%20%22simple%22%20primer%20to%20start%20with%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIt%20also%20seems%20to%20be%20mirrored%20here%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Fplatform%2Fmanage-access%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Fplatform%2Fmanage-access%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20guess%20our%20concerns%20are%20-%20we%20need%20to%20max%20the%20retention%20to%20730%20days%20(2%20Years%2C%20although%203Y%20would%20be%20nice)%20-%20and%20with%20that%20we%20trying%20to%20ensure%20that%20we%20don't%20accidently%20%22double-down%22%20on%20the%20same%20Logs%20in%20more%20than%20one%20place%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%22Best%20Practices%22%20for%20Log%20Analytics%20-%20is%20it%20a%20case%20for%26nbsp%3Bjust%20using%20a%20single%20Workspace%20for%20everything%3F%3C%2FP%3E%3CP%3EWhat%20about%20different%20data%20being%20retained%20for%20different%20lengths%20of%20time%20for%20instance%3F%3C%2FP%3E%3CP%3EQuestion%20-%20Can%20Sentinel%20just%20make%20a%20%22call%22%20to%20reference%20other%20Workspaces%3F%3C%2FP%3E%3CP%3EObviously%20this%20would%20not%20be%20ideal%20from%20a%20performance%2Flatency%20point%20of%20view...%3C%2FP%3E%3CP%3E*OR*%20is%20it%20a%20case%20that%20the%20only%20way%20Sentinel%20can%20run%20effectively%20is%20to%20ingest%20that%20Log%20data%20*again*%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ELooking%20at%20the%20first%20screen%20for%20Sentinel%20-%20you%20can%20potentially%20connect%20a%20number%20of%20Workspaces%3F%3C%2FP%3E%3CP%3EBut%20once%20you%20%22step%20in%22%20to%20the%20Console%20as%20such%20the%20Schema%20only%20lists%20the%20current%20Workspace.%3C%2FP%3E%3CP%3ESo%20this%20appears%20to%20rule%20out%20the%20idea%20of%20having%20multiple%20Workspaces%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHoping%20this%20all%20makes%20sense%3F%20%3B)%3C%2Fimg%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-711173%22%20slang%3D%22en-US%22%3ERe%3A%20Join%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-711173%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F89690%22%20target%3D%22_blank%22%3E%40Chris%20Boehm%3C%2FA%3E%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F4821%22%20target%3D%22_blank%22%3E%40Andrew%20Huddleston%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFrom%20what%20I%20can%20make%20out%3A%3C%2FP%3E%3CP%3EServer%20-%26gt%3B%20MMA%2FOMS%20Agent--%26gt%3B%20Azure%20Security%20Center%20--%26gt%3B%20Azure%20Sentinel%3C%2FP%3E%3CP%3EThis%20would%20mean%20the%20data%2Falerts%2Flogs%20would%20end%20up%20in%20*both*%20the%20ASC%20%26amp%3B%20the%20Sentinel%20instance%3F%3C%2FP%3E%3CP%3EDoubling%20the%20data%20costings%3F%20this%20may%2Fmay%20not%20be%20desirable%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EServer%20-%26gt%3B%20MMA%2FOMS%20Agent%20-%26gt%3B%20Workspace(Azure%20Security%20Center%2FAzure%20Sentinel)%3C%2FP%3E%3CP%3EThis%20keeps%20it%20more%20simple%20technically%20%2B%20single%20cost%20of%26nbsp%3Bdata%2Falerts%2Flogs%20storage%20based%20on%20retention%20settings.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20this%20essentially%20correct%20Chris%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20seems%20to%20get%20to%20the%20heart%20of%20the%20matter%3A%26nbsp%3B%20%26nbsp%3Balthough%20it%20seems%20to%20be%20from%20a%20while%20back%3F%3C%2FP%3E%3CH2%20id%3D%22toc-hId-1701904803%22%20id%3D%22toc-hId-1701904803%22%20id%3D%22toc-hId-1701904803%22%20id%3D%22toc-hId-1701904803%22%20id%3D%22toc-hId-1701904803%22%20id%3D%22toc-hId-1701904803%22%20id%3D%22toc-hId-1701904803%22%20id%3D%22toc-hId-1701904803%22%20id%3D%22toc-hId-1701904803%22%20id%3D%22toc-hId-1701904803%22%20id%3D%22toc-hId-1701904803%22%3EDetermine%20the%20number%20of%20workspaces%20you%20need%3C%2FH2%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2Fuglide%2Fazure-content%2Fblob%2Fmaster%2Farticles%2Flog-analytics%2Flog-analytics-manage-access.md%23determine-the-number-of-workspaces-you-need%26nbsp%3B%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2Fuglide%2Fazure-content%2Fblob%2Fmaster%2Farticles%2Flog-analytics%2Flog-analytics-manage-access.md%23determine-the-number-of-workspaces-you-need%26nbsp%3B%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-355610%22%20slang%3D%22en-US%22%3EJoin%20Our%20Azure%20Sentinel%20Community%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-355610%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FAzureSentinelBlog%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CBUTTON%20style%3D%22background-color%3A%20%230066cc%3B%20color%3A%20white%3B%20float%3A%20right%3B%20border%3A%20none%3B%22%20type%3D%22button%22%3EVisit%20Our%20Blog%3C%2FBUTTON%3E%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3ENow%20that%20we%20have%20announced%20%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FAzureSentinel%22%20target%3D%22_newtab%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20Sentinel%3C%2FA%3E%2C%20we'd%20like%20to%20invite%20you%20to%20%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3Espeak%20directly%20to%20our%20engineering%20team.%3C%2FSTRONG%3E%20We%26nbsp%3Bbelieve%20that%20the%20best%20way%20to%20improve%20our%20products%20is%20by%20having%20no%20barrier%20between%20you%20and%20the%20people%20that%20create%20them.%20That's%20why%20we%20need%20your%20participation%20in%20our%20community.%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3EAs%20part%20of%20our%20community%20you%20can%20%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3Einfluence%20our%20products%3C%2FSTRONG%3E%20and%20get%20%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3Eearly%20access%26nbsp%3Bto%20changes%3C%2FSTRONG%3E%20by%20participating%20in%20private%20previews%2C%20giving%20feedback%2C%20requesting%20features%2C%20reviewing%20product%20roadmaps%2C%20joining%20conference%20call%20discussions%2C%20or%20attending%20in-person%20events.%20To%20try%20out%20Azure%20Sentinel%2C%20%3CSTRONG%3Elog%20into%20your%20Azure%20Portal%3C%2FSTRONG%3E%20and%20then%20click%20here%20to%20%3CA%20href%3D%22https%3A%2F%2Faka.ms%2Fmicrosoftazuresentinel%22%20target%3D%22_newtab%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ejoin%20the%20preview%3C%2FA%3E.%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3EJoin%20Us%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3ETo%20join%20our%20community%2C%20%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Fplugins%2Fcommon%2Ffeature%2Foauth2sso%2Fsso_login_redirect%3Freferer%3Dhttps%253A%252F%252Ftechcommunity.microsoft.com%252Ft5%252FAzure%252Fct-p%252FAzure%22%20target%3D%22_newtab%22%3Eclick%20here%3C%2FA%3E%2C%20and%20then%20click%20the%20%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3Ejoin%3C%2FSTRONG%3E%20button%20and%20the%20%3CSTRONG%3Eheart%20icon%3C%2FSTRONG%3E%20for%20Azure%20Sentinel%2C%20as%20pictured%20below.%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20584px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F94005i81336022B6D3D158%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22JoinTechCommunity.PNG%22%20title%3D%22JoinTechCommunity.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CSTRONG%3EStay%20Updated%20via%20our%20Blog%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3ETo%20keep%20up-to-date%20on%20all%20our%20major%20announcements%2C%20please%20visit%20our%20blog%20at%20%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FAzureSentinelBlog%22%20target%3D%22_newtab%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3Ehttps%3A%2F%2Faka.ms%2FAzureSentinelBlog%3C%2FFONT%3E%3C%2FA%3E.%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CSTRONG%3ECheck%20Out%20our%20GitHub%20Repository%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3EWe%20have%20queries%2C%20detections%2C%20playbooks%2C%20and%20more%20on%20our%20GitHub%20repository%20at%20%3C%2FFONT%3E%3CA%20href%3D%22https%3A%2F%2Fnam06.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fgithub.com%252FAzure%252FAzure-Sentinel%26amp%3Bdata%3D02%257C01%257Cryanheff%2540microsoft.com%257C3a0172de8b7f4effcc3608d69cd2a90f%257C72f988bf86f141af91ab2d7cd011db47%257C1%257C0%257C636868825934480967%26amp%3Bsdata%3DN4NaHuXoHQF84zm%252BPbuiur%252BpCgsiCpoOosAzcO8Nt8g%253D%26amp%3Breserved%3D0%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2FAzure%2FAzure-Sentinel%3C%2FA%3E%20and%20we'll%20be%20investing%20significant%20efforts%20developing%20this%20content.%20We%20welcome%20contributions%20and%20hope%20you%20benefit%20from%20the%20shared%20expertise%20of%20our%20entire%20community.%20%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3EAdditional%20Security%20Groups%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3EHere's%20a%20list%20of%20other%20security-related%20groups%20you%20may%20want%20to%20join.%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FAzure%2Fct-p%2FAzure%22%20target%3D%22_newtab%22%3EAzure%3C%2FA%3E%3C%2FP%3E%0A%3CUL%20style%3D%22box-sizing%3A%20border-box%3B%20clear%3A%20left%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20list-style-image%3A%20none%3B%20list-style-position%3A%20outside%3B%20list-style-type%3A%20disc%3B%20margin-bottom%3A%2012px%3B%20margin-top%3A%200px%3B%20orphans%3A%202%3B%20padding-left%3A%202.5em%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3E%0A%3CLI%20style%3D%22box-sizing%3A%20border-box%3B%20font-family%3A%20%26amp%3Bquot%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20title%3D%22Azure%20Security%20Center%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FAzure-Security-Center%2Fbd-p%2FAzureSecurityCenter%22%20target%3D%22_newtab%22%3EAzure%20Security%20Center%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%20style%3D%22box-sizing%3A%20border-box%3B%20font-family%3A%20%26amp%3Bquot%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FSecurity-Identity%2Fbd-p%2FAzure-Security%22%20target%3D%22_newtab%22%3EAzure%20Security%20and%20Identity%3C%2FA%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FEnterprise-Mobility-Security%2Fct-p%2FEMS%22%20target%3D%22_newtab%22%3EEnterprise%20Mobility%20%2B%20Security%3C%2FA%3E%3C%2FP%3E%0A%3CUL%20style%3D%22box-sizing%3A%20border-box%3B%20clear%3A%20left%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20list-style-image%3A%20none%3B%20list-style-position%3A%20outside%3B%20list-style-type%3A%20disc%3B%20margin-bottom%3A%2012px%3B%20margin-top%3A%200px%3B%20orphans%3A%202%3B%20padding-left%3A%202.5em%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3E%0A%3CLI%20style%3D%22box-sizing%3A%20border-box%3B%20font-family%3A%20%26amp%3Bquot%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20title%3D%22Azure%20Advanced%20Threat%20Protection%20and%20ATA%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FAzure-Advanced-Threat-Protection%2Fbd-p%2FAzureAdvancedThreatProtection%22%20target%3D%22_newtab%22%3EAzure%20Advanced%20Threat%20Protection%20and%20ATA%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%20style%3D%22box-sizing%3A%20border-box%3B%20font-family%3A%20%26amp%3Bquot%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Fwww.yammer.com%2Faskipteam%22%20target%3D%22_newtab%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20Information%20Protection%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%20style%3D%22box-sizing%3A%20border-box%3B%20font-family%3A%20%26amp%3Bquot%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FMicrosoft-Cloud-App-Security%2Fbd-p%2FMicrosoftCloudAppSecurity%22%20target%3D%22_newtab%22%3EMicrosoft%20Cloud%20App%20Security%26nbsp%3B%3C%2FA%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FMicrosoft-Graph-Security-API%2Fct-p%2FSecurityGraphAPI%22%20target%3D%22_newtab%22%3EMicrosoft%20Graph%20Security%20API%3C%2FA%3E%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FSecurity-Privacy-Compliance%2Fct-p%2FSecurityPrivacyCompliance%22%20target%3D%22_newtab%22%3ESecurity%2C%20Privacy%20%26amp%3B%20Compliance%3C%2FA%3E.%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FWindows-Defender-Advanced-Threat%2Fct-p%2FWindowsDefenderAdvanced%22%20target%3D%22_newtab%22%3EWindows%20Defender%20Advanced%20Threat%20Protection%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CSTRONG%3EFind%20us%20on%20LinkedIn%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3EWe%20have%20a%20general%20discussion%20group%20on%20LinkedIn%20called%20the%20Microsoft%20Security%20Community%2C%20where%20I%20announce%20highlights%20from%20this%20site.%20Please%20%3CA%20href%3D%22https%3A%2F%2Fwww.linkedin.com%2Fgroups%2F13640774%2F%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ejoin%20the%20group%3C%2FA%3E%20and%20feel%20free%20to%20%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Fwww.linkedin.com%2Fin%2Fryanheff%2F%22%20target%3D%22_newtab%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Econnect%20with%20me%3C%2FA%3E.%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3EWebinars%20and%20Private%20Preview%20Calls%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3EWe%20hold%20regular%20webinars%20and%20calls%20where%20we%20provide%20technical%20training%2C%20preview%20forthcoming%20features%2C%20gather%20feedback%2C%20and%20host%20discussions.%20Many%20of%20these%20allow%20you%20to%20join%20private%20previews.%20Meeting%20invitations%20for%20the%20calls%20are%20posted%20here%20in%20this%20group%2C%20so%20please%20check%20back%20regularly.%20Our%20latest%20Azure%20Sentinel%20webinar%20can%20be%20found%20at%26nbsp%3B%3CFONT%20style%3D%22background-color%3A%20%23ffffff%3B%22%3E%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FAzureSentinelWebinar%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Faka.ms%2FAzureSentinelWebinar%3C%2FA%3E%3C%2FFONT%3E.%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3ESubmit%20Feature%20Requests%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3EIn%20addition%20to%20engaging%20us%20in%20the%20ways%20listed%20above%2C%20you%20can%26nbsp%3Balso%20submit%20and%20vote%20on%20feature%20requests%20at%20%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%230077d4%3B%20text-decoration%3A%20underline%3B%22%20href%3D%22https%3A%2F%2Fmicrosoftsecurity.uservoice.com%2F%22%20target%3D%22_newtab%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmicrosoftsecurity.uservoice.com%3C%2FA%3E.%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoeui%26amp%3Bquot%3B%2C%26amp%3Bquot%3Blato%26amp%3Bquot%3B%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Carial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%3B%22%3E%3CSPAN%20style%3D%22display%3A%20inline%20!important%3B%20float%3A%20none%3B%20background-color%3A%20%23ffffff%3B%20color%3A%20%23333333%3B%20font-family%3A%20'SegoeUI'%2C'Lato'%2C'Helvetica%20Neue'%2CHelvetica%2CArial%2Csans-serif%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3EWe%20hope%20to%20hear%20from%20you%20soon!%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Ryan Heffernan
Microsoft

 

Now that we have announced Azure Sentinel, we'd like to invite you to speak directly to our engineering team. We believe that the best way to improve our products is by having no barrier between you and the people that create them. That's why we need your participation in our community.

 

As part of our community you can influence our products and get early access to changes by participating in private previews, giving feedback, requesting features, reviewing product roadmaps, joining conference call discussions, or attending in-person events. To try out Azure Sentinel, log into your Azure Portal and then click here to join the preview.

 

Join Us

To join our community, click here, and then click the join button and the heart icon for Azure Sentinel, as pictured below.

 

JoinTechCommunity.PNG

Stay Updated via our Blog

To keep up-to-date on all our major announcements, please visit our blog at https://aka.ms/AzureSentinelBlog.

 

Check Out our GitHub Repository

We have queries, detections, playbooks, and more on our GitHub repository at https://github.com/Azure/Azure-Sentinel and we'll be investing significant efforts developing this content. We welcome contributions and hope you benefit from the shared expertise of our entire community.  

 

Additional Security Groups

Here's a list of other security-related groups you may want to join.

Azure

Enterprise Mobility + Security

Microsoft Graph Security API

Security, Privacy & Compliance

Windows Defender Advanced Threat Protection 

 

Find us on LinkedIn

We have a general discussion group on LinkedIn called the Microsoft Security Community, where I announce highlights from this site. Please join the group and feel free to connect with me

 

Webinars and Private Preview Calls

We hold regular webinars and calls where we provide technical training, preview forthcoming features, gather feedback, and host discussions. Many of these allow you to join private previews. Meeting invitations for the calls are posted here in this group, so please check back regularly. Our latest Azure Sentinel webinar can be found at https://aka.ms/AzureSentinelWebinar

 

Submit Feature Requests

In addition to engaging us in the ways listed above, you can also submit and vote on feature requests at https://microsoftsecurity.uservoice.com.

 

We hope to hear from you soon!

22 Replies

Started playing with this today... looking very promising indeed ;)

Enabled this in our tenant today, can't wait to start exploring!

how we can enable in our tenant

 

Enabled in out Test Azure Tenant, looks fine, but I'm missing the possibility to get to the specific Events for more Details from the Dashboard. Hope it will be added in the future.

Click the link above at the end of the second paragraph to join the public preview.
FYI, there is not a specific topic group on the referenced User Voice for Azure Sentinel. I would suspect this would be desired, not sure how to make that happen besides me posting a feedback item under the general topic group (which I have already done).

@Chris Shalda We'll have a specific User Voice channel for Azure Sentinel soon. Please stay tuned.  

@Ryan Heffernan Preview not working for us. The setup process wants to create a 'Resource Group'. This is not allowed to us because it costs money without the ability to limit the spending. 

Can you please let me know the best place to provide feedback and discuss issues for the Sentinel SIEM please? is that here or in Yammer?
When will the cost be announced for sentinel?

@David Delorge  

 

I might be wrong, but I think the cost comes from your ALA (Azure Log Analytics) tier. My dev subscription currently has 18m events in Sentinel and we have not seen any increased cost so far.

I read online (see post) that they haven't decided on pricing yet, which is why I was asking. @Deleted 

 

https://azure.microsoft.com/en-us/pricing/details/azure-sentinel/

@David Delorge 

 

interesting! i did not think it was going to be separate from the current ALA tier. good to know for the future.

Solution

@David Caddick 

 

Please continue providing feedback here on the Azure Sentinel Communities, if you're specifically asking for a feature request on a product go here. 

https://feedback.azure.com/forums/920458-azure-sentinel

 

referencing Ryan's Community post : https://techcommunity.microsoft.com/t5/Azure-Advanced-Threat-Protection/Join-Our-Security-Community/...

 

"

We want you to speak directly to our engineering teams. We believe that the best way to improve our security products is by having no barriers between you and the people that create them. That's why we need your participation in our security community.

 

As part of our community you can influence our products and get early access to changes by participating in private previews, giving feedback, requesting features, reviewing product roadmaps, joining webinars and calls, or attending in-person events. 

 

Join Us

To join our community, click here, and then click the join button and the heart icons of the groups your are interested in, as pictured below.

"

 

 

interesting
Certainly interested into it.
Thanks for these excellent tooling. We enable and integrated with AAD, O365, Security Center day we heard about it and very cool so far.. I am still a bit muddy though on how my existing non-azure oms agent hosts that currently send data to an existing log analytics workspace, and how the agents gets data to ATP, Security Centre send data to Sentinel. What's the best practice for agent install on hosts to get data to all the security portals?

how we cam enable azure senitel

@Andrew Huddleston 

 

I believe this comes down to where you're needing the data, the OMS agent can be multihomed

https://blogs.technet.microsoft.com/msoms/2016/05/26/oms-log-analytics-agent-multi-homing-support/

 

This allows you to send data to multiple different workspaces. Be aware you'll be charged twice for the data.

 

If you're wanting to take advantage of the services you're already paying for you should have something like this, I'm going to be using Azure Security Center as an example.

 

Server -> MMA/OMS Agent--> Azure Security Center --> Azure Sentinel

This way you'll still have all the data within Azure Security Center's Workspace, you'll get security related alerts ingested into Azure Sentinel.

 

You can take another approach as to having Azure Sentinel and Azure Security Center together by using the same workspace.

 

Server -> MMA/OMS Agent -> Workspace(Azure Security Center/Azure Sentinel)

 

You'll see a lot more raw events this way, get Azure Security Center benefits within the same workspace, but still able to use the investigation/alerts/automation with Azure Sentinel with the additional information. 

 

Hope this helped answer your question

 

 

 

 

@Sankarasubramanian Parameswaran 

 

Please view this link to getting started with Azure Sentinel: https://docs.microsoft.com/en-us/azure/sentinel/quickstart-onboard

 

It's already in open preview.

Hi Chris,

@Chris Boehm @Ofer Shezaf

Can you confirm the details here still hold true?

https://github.com/uglide/azure-content/blob/master/articles/log-analytics/log-analytics-manage-acce... This seems to be a very good "simple" primer to start with?

 

It also seems to be mirrored here:

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/manage-access

 

I guess our concerns are - we need to max the retention to 730 days (2 Years, although 3Y would be nice) - and with that we trying to ensure that we don't accidently "double-down" on the same Logs in more than one place?

 

"Best Practices" for Log Analytics - is it a case for just using a single Workspace for everything?

What about different data being retained for different lengths of time for instance?

Question - Can Sentinel just make a "call" to reference other Workspaces?

Obviously this would not be ideal from a performance/latency point of view...

*OR* is it a case that the only way Sentinel can run effectively is to ingest that Log data *again*?

 

Looking at the first screen for Sentinel - you can potentially connect a number of Workspaces?

But once you "step in" to the Console as such the Schema only lists the current Workspace.

So this appears to rule out the idea of having multiple Workspaces?

 

Hoping this all makes sense? ;)

 

 

 

@Chris Boehm @Andrew Huddleston 

 

From what I can make out:

Server -> MMA/OMS Agent--> Azure Security Center --> Azure Sentinel

This would mean the data/alerts/logs would end up in *both* the ASC & the Sentinel instance?

Doubling the data costings? this may/may not be desirable?

 

Server -> MMA/OMS Agent -> Workspace(Azure Security Center/Azure Sentinel)

This keeps it more simple technically + single cost of data/alerts/logs storage based on retention settings.

 

Is this essentially correct Chris?

 

This seems to get to the heart of the matter:   although it seems to be from a while back?

Determine the number of workspaces you need

https://github.com/uglide/azure-content/blob/master/articles/log-analytics/log-analytics-manage-acce...