Good night people.
I work on managing Azure Sentinel for customers in an MSSP environment and have been encountering a dilemma in managing exceptions for use cases.
It's been my pain. 😞
How do you create use case exceptions in a scalable way that doesn't need to go into each case's KQL code to insert an exception if you do?