In my organisation I have a MISP instance running which contains around 100k IoCs attributes. I want to sync these attributes to Azure Sentinel in the Threat Indicators table by using the Microsoft Graph Security API. However, I have two question on which I cannot find an answer on Microsoft's website:
* What are the costs of the Threat Intel ingestion (using the Microsoft Graph Security API)?
* Is there a limitation of how many IoC attributes I can ingest into Azure Sentinel?
@ceesmandjes I dont really have answer for first question for cost.. on limitation, there should not be any as its just a table within Log Analytics workspace. of course Log Analytics workspace limitations apply ;)