Azure Sentinel

  • 292 Blog Articles
Options
7,871
Sarah_Young on Sep 05 2021 03:42 PM
9,636
Chi_Nguyen on Aug 27 2021 11:12 AM
3,551
Ofer_Shezaf on Aug 04 2021 04:52 AM
3,121
Matt_Lowe on Jul 26 2021 11:16 AM
2,585
Ofer_Shezaf on Jul 01 2021 03:23 AM
2,757
Matt_Lowe on Jun 16 2021 02:12 PM
6,363
Ofer_Shezaf on Jun 15 2021 11:51 AM
9,315
Chi_Nguyen on Jun 01 2021 04:08 PM
4,026
Itay Argoety on Feb 17 2021 08:54 AM
2,689
Cristhofer Munoz on Feb 02 2021 07:18 AM
8,558
Sarah_Young on Jan 18 2021 03:07 PM
23.9K
liortamir on Jan 17 2021 10:40 AM
4,469
Inwafula on Jan 05 2021 11:15 PM
5,262
Sarah_Young on Dec 13 2020 01:47 PM
15.2K
Cristhofer Munoz on Dec 07 2020 02:26 PM
3,893
Tiander Turpijn on Nov 10 2020 10:52 AM
11.3K
Sarah_Young on Nov 09 2020 11:16 AM
6,603
Javier Soriano on Oct 22 2020 04:47 AM
4,078
Matt_Lowe on Oct 21 2020 01:24 PM
8,357
JulianGonzalez on Oct 12 2020 03:05 PM
4,692
Chi_Nguyen on Oct 09 2020 01:10 PM
5,923
Cristhofer Munoz on Oct 08 2020 08:15 AM
8,211
Andi Comisioneru on Oct 06 2020 08:25 PM
9,040
Sarah_Young on Sep 29 2020 09:40 PM
5,349
Chi_Nguyen on Sep 22 2020 12:20 PM
24.9K
Sarah Fender on Sep 22 2020 08:00 AM
3,279
Chi_Nguyen on Sep 18 2020 10:17 AM
8,596
Javier Soriano on Sep 14 2020 07:14 AM
4,903
Sarah_Young on Sep 08 2020 05:27 PM
33.1K
Sarah_Young on Sep 06 2020 06:58 PM

Latest Comments

Before I work with pushing analytic rules in any Sentinel instance, I remove all alert identities that are mapped to 'customDetails'.Once you remove those alert identity mappings you'll see the shiny json details you expect to see. As far as I know you can NOT use AZ commands for importing rules tha...
0 Likes
This article is out-of-date now that the support is out of Preview.Recommend using the "A Getting Started Guide for Azure Sentinel notebooks with PowerShell" template provided in Azure Sentinel Notebooks as it will let you perform these set-ups correctly.
0 Likes
HI @gregoval , current AzSentinel version doesn't support customDetails. Grouping settings are supported if you use json format as documented in AzSentinel here: AZSentinel/AlertRules.json at master · wortell/AZSentinel (github.com) If you want to have support for those features, I would recommend u...
0 Likes
Hello,After constructing a Analytic Rule in yaml format and trying importing it using Azure Pipeline / Azure DevOps I faced the following issues during the "Create and Update Alert Rules" step:1. When I manually set the enabled: true in the yaml template the Analytic fails to import to Azure Sentine...
0 Likes
Hi!!Really interesting material!One question, i'm trying to use Update-AzSentinelIncident to close around 1500 incidents in Sentinel, the problem is that when i try with one, for example, it closes correctly but dissappear from the Azure Sentinel Dashboard.Is normal that?
0 Likes