Microsoft Sentinel Blog

Options
1,062
GBushey on Jun 12 2024 07:06 AM
2,007
VipulDabhi on May 23 2024 11:23 AM
1,724
jeffsc on May 13 2024 08:00 AM
7,099
MichalShechter on May 06 2024 09:07 AM
4,807
Israel_Aloni on May 06 2024 08:47 AM
2,851
Eric Burkholder on May 06 2024 06:00 AM
24.8K
robeving on Apr 26 2024 07:51 PM
3,157
Umesh_Nagdev on Apr 19 2024 07:55 AM
2,255
jeffsc on Apr 15 2024 11:17 AM
2,280
jeffsc on Apr 15 2024 11:17 AM
5,520
Preeti_Krishna on Mar 28 2024 02:56 PM
6,626
Matt_Lowe on Mar 14 2024 05:21 PM
4,491
Umesh_Nagdev on Feb 20 2024 07:04 AM
3,602
Josefa-Sepulveda on Feb 08 2024 07:58 AM
6,011
BenjiSec on Feb 06 2024 04:03 AM
5,848
PrateekTaneja on Feb 04 2024 10:22 PM
6,172
madesous on Jan 17 2024 05:27 AM
3,715
GBushey on Jan 16 2024 07:20 AM
4,296
VipulDabhi on Jan 08 2024 11:11 AM
6,958
timurengin on Jan 08 2024 11:10 AM
27.9K
Josefa-Sepulveda on Jan 02 2024 02:24 AM
52.4K
Arjun_Trivedi on Nov 29 2023 10:13 PM
10.5K
skochavi on Nov 27 2023 01:21 PM
9,159
ShaharAviv on Nov 20 2023 10:27 PM
7,053
Eric Burkholder on Nov 15 2023 02:26 PM
65.6K
Erez Einav on Nov 15 2023 08:00 AM
5,969
mahmoudmsft on Nov 08 2023 10:02 AM

Latest Comments

in Debugging Playbooks on Jun 12 2024 09:18 AM
Thanks for the runthrough! :) always usefull.I have to add, for me who is learning to create some basic playbooks - it would be superhelpfull if it was possible to chose some modules (like the "microsoft incident" and be able to trigger it from the builder (ie: press "run/play-button") just to see r...
0 Likes
@robeving wrote:Provision a cloud Azure resource with the same name and now visiting blog.somedomain.com will redirect to the attacker’s resource. Here they control the content. [...] This happened in 2021 when the domain was temporarily used to host a malware C2 service.I've seen plenty of phishing...
0 Likes
@Ciyaresh91 It is possible, but these streams are not chained. So instead of creating one with a 'Drop' destination you can just tell not to include that data set in your table, like this:So everything else will be forwarded but the data you want to filter out. { "streams": [ "Microsoft-Microsoft-Wi...
0 Likes
Hi @kraaay, First, excuse-us for the delay of our answer. In middle of may, we have updated the solution to correct multiple "Connected" status on our data connectors. Can you verify that the version of your data connector is at least 2.2.1 ? In the other hand, ExchangeAdminAuditLogs is a parser lin...
0 Likes
I don't know if anybody has tried to go through the A Getting Started Guide since Microsoft put this video out, but trying to run the notebook is full of errors and when troubleshooting none of the answers are on Google. It's the worst user experience I can possibly imagine. If the getting started g...
0 Likes