data analytics enviroment with Sentinel

%3CLINGO-SUB%20id%3D%22lingo-sub-1752245%22%20slang%3D%22en-US%22%3Edata%20analytics%20enviroment%20with%20Sentinel%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1752245%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20guys%2C%20I%20am%20currently%20analyzing%20the%20sentinel%20solution%2C%20but%20I%20would%20like%20you%20to%20help%20me%20indicate%20what%20I%20can%20monitor%20or%20how%20to%20get%20the%20most%20out%20of%20it%20when%20using%20it%20in%20a%20data%20analysis%20environment%2C%20with%20the%20next%20component%3A%3CBR%20%2F%3Edatalake%2C%20datawarehous%2C%20databricks%2C%20data%20factory%2C%20iot%20hub%2C%20etc%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ethank%20you%20very%20much%20for%20the%20support%3C%2FP%3E%3CP%3EJFRL%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1752553%22%20slang%3D%22en-US%22%3ERe%3A%20data%20analytics%20enviroment%20with%20Sentinel%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1752553%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F106253%22%20target%3D%22_blank%22%3E%40jfrl%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20Grand%20List%20covers%20many%20of%20these%2C%20solutions%20that%20you%20can%20monitor%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-sentinel%2Fazure-sentinel-the-connectors-grand-cef-syslog-direct-agent%2Fba-p%2F803891%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-sentinel%2Fazure-sentinel-the-connectors-grand-cef-syslog-direct-agent%2Fba-p%2F803891%3C%2FA%3E%3C%2FP%3E%0A%3CP%3EIOT%20Hub%20is%20covered%20by%20Azure%20Secure%20Center%20(which%20can%20be%20linked%20to%20Sentinel)%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fdefender-for-iot%2Fiot-hub-integration%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fdefender-for-iot%2Fiot-hub-integration%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1760304%22%20slang%3D%22en-US%22%3ERe%3A%20data%20analytics%20enviroment%20with%20Sentinel%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1760304%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F239477%22%20target%3D%22_blank%22%3E%40Clive%20Watson%3C%2FA%3E%26nbsp%3B%2C%20thank%20you%3C%2FP%3E%3CP%3EBut%20with%20Azure%20Data%20Lake%20Gen%202%2C%20which%20is%20a%20Gen2%20storage%20account%2C%20how%20could%20I%20connect%20sentinel%2C%20can%20you%20help%20me%20with%20this%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

Hi guys, I am currently analyzing the sentinel solution, but I would like you to help me indicate what I can monitor or how to get the most out of it when using it in a data analysis environment, with the next component:
datalake, datawarehous, databricks, data factory, iot hub, etc

 

 

thank you very much for the support

JFRL

5 Replies
Highlighted

@jfrl 

 

The Grand List covers many of these, solutions that you can monitor: https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-the-connectors-grand-cef-syslog...

IOT Hub is covered by Azure Secure Center (which can be linked to Sentinel) https://docs.microsoft.com/en-us/azure/defender-for-iot/iot-hub-integration

Highlighted

@Clive Watson , thank you

But with Azure Data Lake Gen 2, which is a Gen2 storage account, how could I connect sentinel, can you help me with this?

Highlighted

Hi @jfrl 

 

Please see this link for information about the Preview feature that allows this for Gen2  https://docs.microsoft.com/en-us/azure/storage/blobs/monitor-blob-storage?tabs=azure-powershell

 Note

Azure Storage logs in Azure Monitor is in public preview and is available for preview testing in all public cloud regions. To enroll in the preview, see this page. This preview enables logs for blobs (which includes Azure Data Lake Storage Gen2), files, queues,and tables. This feature is available for all storage accounts that are created with the Azure Resource Manager deployment model. See Storage account overview.

Highlighted

hi @Clive Watson 

yes, i have already seen this kb, but i need to know if there is any stable method to connect the datalake v2 with sentinel

Highlighted
As far as I know no...thats why there is the preview feature to enable this.