Ingestion Cost Spike detection Playbook - Microsoft Tech Community
Azure Sentinel is a modern SIEM solution offering cloud scale analytics to power your thereat detection and response requirements. Like most cloud solutions , the billing for Azure Sentinel is largely based on a pay per use model. Specifically for Azure Sentinel, billing is based on the amount of data ingested into Log Analytics and Azure Sentinel. To ensure that you have continuous visibility should the amount of billable data ingested into the platform experience an unexpected spike, we have developed this Logic App to address exactly this sort of scenario.