Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

export rules from analytics

Iron Contributor

Hi All

 

I am sure this is a simple issue - I am just wanting to export all the rules from the analytics workspace in Sentinel (disabled / Enabled) into a platform to enable me to monitor the rules, update and amend accordingly.  is there a way to export the rules in analytics.  I have seen a few examples of exporting a rule from logs but essentially this isnt going to work for me.  tks in advance

2 Replies

@wootts You can do so using the Azure Sentinel REST API.  I wrote some blog posts about how to do that at https://www.garybushey.com