Sep 17 2020 09:36 AM
The key challenge which we are facing is to migrate existing SIEM(QRadar, ArcSight) solution use cases to Sentinel Use cases. We tried uncoder.io but even that is not helpful to 1%. Please support if some one is having good way to execute it.
Sep 19 2020 12:13 PM
Sep 20 2020 06:15 AM
@vijayyadav351 You can also check places like SocPrime that have a repository of alert rules to see if the ones you need in your other system are present and then export those as Azure Sentinel rules.
Sep 20 2020 08:59 AM
@mergene but I am unable to convert query also. You mean using undecoder.io or there is other way available.
Apr 08 2021 02:39 AM