Quick Question

Occasional Visitor

HI, quick question,

can i import all detection and queries from GitHub in one go. Seems like I have to do that manually.

Secondly, how do i get logs from Windows system without installing an agent.



2 Replies



@Ofer_Shezaf : Is this is something you can speak to?

@Chris Boehm 



Currently you have to manually import each one at a time, we're already looking into improving this. - No ETA at this time


As for your second question regarding Windows System logs - something will have to export the logs for you into Azure Sentinel. Examples given here : https://docs.microsoft.com/en-us/azure/sentinel/connect-data-sources#data-connection-methods