Oct 06 2020 09:45 PM
Hi guys, I am currently analyzing the sentinel solution, but I would like you to help me indicate what I can monitor or how to get the most out of it when using it in a data analysis environment, with the next component:
datalake, datawarehous, databricks, data factory, iot hub, etc
thank you very much for the support
JFRL
Oct 07 2020 12:12 AM
The Grand List covers many of these, solutions that you can monitor: https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-the-connectors-grand-cef-syslog...
IOT Hub is covered by Azure Secure Center (which can be linked to Sentinel) https://docs.microsoft.com/en-us/azure/defender-for-iot/iot-hub-integration
Oct 08 2020 09:25 AM
@CliveWatson , thank you
But with Azure Data Lake Gen 2, which is a Gen2 storage account, how could I connect sentinel, can you help me with this?
Oct 08 2020 10:38 AM
Hi @jfrl
Please see this link for information about the Preview feature that allows this for Gen2 https://docs.microsoft.com/en-us/azure/storage/blobs/monitor-blob-storage?tabs=azure-powershell
Note
Azure Storage logs in Azure Monitor is in public preview and is available for preview testing in all public cloud regions. To enroll in the preview, see this page. This preview enables logs for blobs (which includes Azure Data Lake Storage Gen2), files, queues,and tables. This feature is available for all storage accounts that are created with the Azure Resource Manager deployment model. See Storage account overview.
Oct 08 2020 11:30 AM
hi @CliveWatson
yes, i have already seen this kb, but i need to know if there is any stable method to connect the datalake v2 with sentinel
Oct 08 2020 11:37 AM