cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Home

Logs Size and Total Data Received in Azure Sentinel

%3CLINGO-SUB%20id%3D%22lingo-sub-994337%22%20slang%3D%22en-US%22%3ELogs%20Size%20and%20Total%20Data%20Received%20in%20Azure%20Sentinel%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-994337%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20need%20to%20find%20a%20way%20how%20to%20check%20for%20the%20logs%20size%20in%20total%20that%20is%20been%20received%20from%20data%20connectors%20and%20the%20total%20number%20of%20data%20that%20is%20been%20received%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%2C%3C%2FP%3E%3CP%3EMazhar%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-994427%22%20slang%3D%22en-US%22%3ERe%3A%20Logs%20Size%20and%20Total%20Data%20Received%20in%20Azure%20Sentinel%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-994427%22%20slang%3D%22en-US%22%3E%3CP%3EThere%20are%20few%20ways%20to%20collect%20data%20from%20Azure%20Sentinel%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EVisualize%20data%20using%20the%20Azure%20Data%20Explorer%20(including%20excel%20report)%3C%2FLI%3E%0A%3CLI%3EUsing%20%3CSPAN%3EWorkbook%20inside%20Azure%20Sentinel%20to%20gain%20extensive%20insight%3C%2FSPAN%3E%26nbsp%3B%3C%2FLI%3E%0A%3CLI%3E%3CSPAN%3ECreate%20a%20PowerBI%20report%20(need%20to%20create%20connector%20and%20few%20customizations)%3C%2FSPAN%3E%3C%2FLI%3E%0A%3CLI%3EWith%20KQL%20you%20can%20pull%20out%20any%20data%2C%20example%20general%20command%3A%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CEM%3E%2F%2F%20Billable%20performance%20data%26nbsp%3Bover%20the%20last%2030%20days%3C%2FEM%3E%3C%2FP%3E%0A%3CDIV%3E%0A%3CDIV%3E%3CEM%3EUsage%20%3C%2FEM%3E%3C%2FDIV%3E%0A%3CDIV%3E%3CEM%3E%7C%20where%20TimeGenerated%20%26gt%3B%20ago(30d)%3C%2FEM%3E%3C%2FDIV%3E%0A%3CDIV%3E%3CEM%3E%7C%20where%20IsBillable%20%3D%3D%20true%3C%2FEM%3E%3C%2FDIV%3E%0A%3CDIV%3E%3CEM%3E%7C%20summarize%20TotalVolumeGB%20%3D%20sum(Quantity)%20%2F%201024%3C%2FEM%3E%3C%2FDIV%3E%0A%3CDIV%3E%3CEM%3E%26nbsp%3B%3C%2FEM%3E%3C%2FDIV%3E%0A%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-994438%22%20slang%3D%22en-US%22%3ERe%3A%20Logs%20Size%20and%20Total%20Data%20Received%20in%20Azure%20Sentinel%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-994438%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1791%22%20target%3D%22_blank%22%3E%40Eli%20Shlomo%3C%2FA%3E%26nbsp%3B-%20Thanks%20for%20the%20detail%20response.%20Appreciated.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
smhasn
smhasn
Occasional Contributor

‎11-07-2019 09:14 PM

‎11-07-2019 09:14 PM

Logs Size and Total Data Received in Azure Sentinel

Hello,

 

I need to find a way how to check for the logs size in total that is been received from data connectors and the total number of data that is been received?

 

Regards,

Mazhar

129 Views
0 Likes
2 Replies
Reply
2 Replies
Eli Shlomo

‎11-07-2019 10:35 PM

‎11-07-2019 10:35 PM

Solution

Re: Logs Size and Total Data Received in Azure Sentinel

There are few ways to collect data from Azure Sentinel:

  • Visualize data using the Azure Data Explorer (including excel report)
  • Using Workbook inside Azure Sentinel to gain extensive insight 
  • Create a PowerBI report (need to create connector and few customizations)
  • With KQL you can pull out any data, example general command:

// Billable performance data over the last 30 days

Usage
| where TimeGenerated > ago(30d)
| where IsBillable == true
| summarize TotalVolumeGB = sum(Quantity) / 1024
 
Best Response confirmed by smhasn (Occasional Contributor)
1 Like
Reply
smhasn

‎11-07-2019 10:47 PM

‎11-07-2019 10:47 PM

Re: Logs Size and Total Data Received in Azure Sentinel

@Eli Shlomo - Thanks for the detail response. Appreciated. 

1 Like
Reply
Related Conversations
Tabs and Dark Mode
 cjc2112 in Discussions on 09-18-2019
46 Replies
Extentions Synchronization
 Deleted in Discussions on 11-13-2019
3 Replies
Stable version of Edge insider browser
 HotCakeX in Discussions on 10-12-2019
35 Replies
How to Prevent Teams from Auto-Launch
 chenrylee in Microsoft Teams on 06-27-2019
30 Replies
flashing a white screen while open new tab
 Deleted in Discussions on 10-05-2019
14 Replies
Security Community Webinars
 Valon_Kolica in Security, Privacy & Compliance on 10-22-2019
13 Replies