Deployment Creation/Deletion Alerts in Sentinel

matt45 · ‎Nov 30 2023

I have deployment creation/deletion alerts created it Azure Monitor, but is there a way to create those alerts in Sentinel? I would like to have those alerts consolidated into Sentinel, rather than create them for each subscription in Monitor.

I have been unable to find pre-made templates or KQL queries to accomplish this.

BillClarksonAntill · ‎Nov 30 2023

Hey @matt45

You can create alerts in Sentinel, within Sentinel they are called Analytics

You will need to connect the data to sentinel for the alerts depending on what items you want to monitor for in terms of creation/deletion

matt45 · ‎Dec 01 2023

@BillClarksonAntill

Thank you for your response! That's the issue I've been having; I have all the data connectors connected, but am unable to find a premade analytic rule or the KQL to write my own.

Deployment Creation/Deletion Alerts in Sentinel

Deployment Creation/Deletion Alerts in Sentinel

Re: Deployment Creation/Deletion Alerts in Sentinel

Re: Deployment Creation/Deletion Alerts in Sentinel

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Deployment Creation/Deletion Alerts in Sentinel

Deployment Creation/Deletion Alerts in Sentinel

Re: Deployment Creation/Deletion Alerts in Sentinel

Re: Deployment Creation/Deletion Alerts in Sentinel