Forum Discussion
Sentinel automation - create Analytics alert rules from Alert rule templates using PowerShell
I would recommend going to the Azure Sentinel GitHub page and getting your rules there.
Don't know if all of the built-in rules are there, but there are more rules there than there are templates within Azure Sentinel. Azure/Azure-Sentinel: Cloud-native SIEM for intelligent security analytics for your entire enterprise. (github.com)
Otherwise, you can also use the AzSentinel mode to first retrieve the templates (AZSentinel/Get-AzSentinelAlertRuleTemplates.ps1 at master · wortell/AZSentinel (github.com)) and then push them
I would recommend going to the Azure Sentinel GitHub page and getting your rules there.
Don't know if all of the built-in rules are there, but there are more rules there than there are templates within Azure Sentinel. Azure/Azure-Sentinel: Cloud-native SIEM for intelligent security analytics for your entire enterprise. (github.com)
Otherwise, you can also use the AzSentinel mode to first retrieve the templates (AZSentinel/Get-AzSentinelAlertRuleTemplates.ps1 at master · wortell/AZSentinel (github.com)) and then push them
- Rod_Trent
Microsoft
Additionally, @PhilippeAugras and Thijs Lecomte ... there was a PowerShell module developed last week that will allow direct import from a GitHub repo...
Rod_Trent and Thijs Lecomte , thank you very much for your answers, they are what I needed :).
P.
