Sep 29 2021
01:44 PM
- last edited on
Nov 03 2021
04:05 AM
by
TechCommunityAP
Sep 29 2021
01:44 PM
- last edited on
Nov 03 2021
04:05 AM
by
TechCommunityAP
Monitoring Azure Sentinel Analytical Rules – Push Health Notifications - Microsoft Tech Community
Azure Sentinel Analytical rules help Security Teams discover threats and anomalous behaviors to ensure full security coverage for your environment
After connecting our data sources to Azure Sentinel, first we enable Analytical rules. Each data source comes with built-in, out-of-the-box templates to create threat detection rules.
Analytics rules search for specific events or sets of events across your environment, alert you when certain event thresholds or conditions are reached, generate incidents for SOC to triage and investigate, and respond to threats with automated tracking and remediation processes.