Azure Sentinel data estimates for different type of data sources

Regular Visitor

Hello everyone!

 

I'd appreciate if someone could give advice how to estimate data volume/usage for different types of data sources like FW. IPS/IDS, domain controller logs etc.

The option to connect data sources to Azure Sentinel and get real information of data spent isn't an option right now so I'm looking for some calculator or similar tool to estimate what would be the cost and data spent for particular data sources in Azure Sentinel.

Thank you!

2 Replies

Hi @Explorer27 , if you browse a little you can find some portals that have EPS estimations based on source system (fw, ips/ids, etc.). This one for example: http://www.aspiretss.com/tools

 

Regards

@Explorer27 Mostly Cloud require integration with platform security logs such as Azure security center, Defender ATP, Microsoft Cloud App Security, Azure NSG Logs, etc. 

 

Customer would plan for budgets on below components in cloud

1. Hosting Infrastructures required for collecting security events from data sources

2. Platform services (Such as Event Hubs, Security Center API Graph) charges

3. Bandwidth to transport (via Internet - i.e. Data Transfer out) if across regions

4. Log consumption per month (Data Volume) (or) Events Per Second.

 

Does Microsoft has Estimation guidance or calculator to obtain these inputs

 

Regards,

Rasool Irfan