Forum Discussion
Documenting tenant configuration
What are the options for documenting the configuration settings of a Sentinel environment, e.g., connectors that are enabled with their options, workbooks that are active, analytical rules that are enabled, etc
- Bumping to try to get a response.
You will either need to use PowerShell or a Workbook for this I'd imagine. Most settings are contained in their own api call, so you have to call multiple places. You could look to lift examples from Workspace Usage as that has most things (but across multiple tabs)
Get-AzSentinelDataConnector is I find more useful than the api (as the api still only returns the 9 Microsoft connectors). So if you do that part in PS, you may as well do the rest? Or run the PS and create custom logs from that?
