cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Entra Tech Accelerator
Jun 27 2023, 08:00 AM - 12:00 PM (PDT)
Microsoft Tech Community
Find out more
SOLVED

Data source and table mapping

truekonrads
Occasional Contributor

‎Jan 27 2020 11:28 PM

‎Jan 27 2020 11:28 PM

Data source and table mapping

Hello,

 

Is there a list (official or crowdsources) between Azure Sentinel official data sources and schemas and tables? For example, "Windows Security Events" -> SecurityEvent, Azure Security Centre -> SecurityAlert (unless it is Azure Security Centre Free then elsewhere)?

 

Thanks!

1,127 Views
0 Likes
2 Replies
Reply
2 Replies
best response confirmed by truekonrads (Occasional Contributor)
thomasdefise

‎Jan 27 2020 11:56 PM

‎Jan 27 2020 11:56 PM

Solution

Re: Data source and table mapping

Hello @truekonrads,

 

I found the following one yesterday

 

AzureSentinelTablesV1

https://www.managedsentinel.com/wp-content/uploads/2020/01/Azure-Sentinel-Tables-v1.1.pdf

Kind Regards,
Thomas

1 Like
Reply
rodtrent

‎Jan 28 2020 06:20 AM

‎Jan 28 2020 06:20 AM

Re: Data source and table mapping

@thomasdefise Some additional descriptions for some of those, too:  https://medium.com/wortell/azure-sentinel-tables-explained-d91d8cad6f

1 Like
Reply