export rules from analytics

Contributor

Hi All

 

I am sure this is a simple issue - I am just wanting to export all the rules from the analytics workspace in Sentinel (disabled / Enabled) into a platform to enable me to monitor the rules, update and amend accordingly.  is there a way to export the rules in analytics.  I have seen a few examples of exporting a rule from logs but essentially this isnt going to work for me.  tks in advance

2 Replies

@wootts You can do so using the Azure Sentinel REST API.  I wrote some blog posts about how to do that at https://www.garybushey.com