Until now, Jupyter notebooks in Microsoft Sentinel have been integrated with Azure Machine Learning. This functionality supports users who want to incorporate notebooks, popular open-source machine l...
Updated Nov 12, 2021
Version 10.0
Blog Post
4 MIN READ
Security big data analytics with Azure Synapse and Microsoft Sentinel Notebooks!
AmritpalSingh
Microsoft
MicrosoftThanks for the feedback, SocInABox!
- SOC-ML refers to the customizable anomalies that are part of Microsoft Sentinel: here's an introductory blog and docs.
- That's a great suggestion and something we're working on! We already have video walkthroughs for some of our other Sentinel notebooks in some of our guided hunting blog posts (here's an example), and the process is much the same for the ML notebooks (it's just the code that is different, but the notebooks contain detailed instructions and contextual information).
- Another good suggestion - we've created an ML notebook folder in the Sentinel notebook repository: Azure-Sentinel-Notebooks/machine-learning-notebooks at master ยท Azure/Azure-Sentinel-Notebooks (github.com). We're currently migrating existing ML notebooks into that folder, so more will appear soon!
Alternatively, in the Sentinel UI, navigate to the template notebooks (under the Notebooks blade), then filter the notebooks by type to view the machine learning notebooks.