cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Secure Tech Accelerator
Apr 13 2023, 07:00 AM - 12:00 PM (PDT)
Microsoft Tech Community
Find out more

Sentinel Github repository's sample data

Gary Bushey
Valued Contributor

‎Nov 03 2021 07:15 AM

‎Nov 03 2021 07:15 AM

Sentinel Github repository's sample data

How do we ingest some of the sample data that is in the Azure Sentinel's GitHub repository?  In particular the Syslog and CEF data.  They are stored as JSON and CSV files but if I use the REST API or PowerShell commands, can I write directly to Syslog or CommonSecurityLog?

366 Views
0 Likes
1 Reply
Reply
1 Reply
CliveWatson

‎Nov 04 2021 03:29 AM

‎Nov 04 2021 03:29 AM

Re: Sentinel Github repository's sample data

Writing to native tables isn't supported (being investigated), you have to use Custom Tables - _CL.
I often use sample data in a Watchlist, so CSV is good for that.
0 Likes
Reply