Log Analytics / Sentinel - Dictionary of Solutions, Schemas and Variables

fedecharosky · ‎Nov 10 2019

Hi Team, does anyone know of a good centralised repository (like a dictionary) of Azure Solutions mapped to their Log Schemas, and a definition of the fields within each?

For example, if you take a look at the following LA workspace logs:

We'd like the full list of potentially available sources, with a mapping to which component provides / feeds into each one of these logs, and a clear explanation of the fields within each of these.

Thanks

stijsseling · ‎Nov 10 2019

I am looking for the same. This would be extremely helpful.

fedecharosky · ‎Nov 11 2019

@stijsselingone of my analysts is starting to pull together a repository that we plan to open-source to the community - I'll tell them to share the github repo here.

CliveWatson · ‎Nov 11 2019

@fedecharosky

Does this help? https://github.com/Azure/Azure-Sentinel/wiki/DataSource-Schema-Reference

fedecharosky · ‎Nov 12 2019

@CliveWatsonsuper helpful; do you know if there are plans to include all other schemas?

Log Analytics / Sentinel - Dictionary of Solutions, Schemas and Variables

Log Analytics / Sentinel - Dictionary of Solutions, Schemas and Variables

Re: Log Analytics / Sentinel - Dictionary of Solutions, Schemas and Variables

Re: Log Analytics / Sentinel - Dictionary of Solutions, Schemas and Variables

Re: Log Analytics / Sentinel - Dictionary of Solutions, Schemas and Variables

Re: Log Analytics / Sentinel - Dictionary of Solutions, Schemas and Variables

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Log Analytics / Sentinel - Dictionary of Solutions, Schemas and Variables