New Blog Post | Monitoring Azure Sentinel Analytical Rules – Push Health Notifications

%3CLINGO-SUB%20id%3D%22lingo-sub-2796946%22%20slang%3D%22en-US%22%3ENew%20Blog%20Post%20%7C%20Monitoring%20Azure%20Sentinel%20Analytical%20Rules%20%E2%80%93%20Push%20Health%20Notifications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2796946%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22AshleyMartin_0-1632948085475.png%22%20style%3D%22width%3A%20730px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313778i8561F0835D537932%2Fimage-dimensions%2F730x205%3Fv%3Dv2%22%20width%3D%22730%22%20height%3D%22205%22%20role%3D%22button%22%20title%3D%22AshleyMartin_0-1632948085475.png%22%20alt%3D%22AshleyMartin_0-1632948085475.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-sentinel%2Fmonitoring-azure-sentinel-analytical-rules-push-health%2Fba-p%2F2793694%22%20target%3D%22_blank%22%3EMonitoring%20Azure%20Sentinel%20Analytical%20Rules%20%E2%80%93%20Push%20Health%20Notifications%20-%20Microsoft%20Tech%20Community%3C%2FA%3E%3C%2FP%3E%0A%3CP%3EAzure%20Sentinel%20Analytical%20rules%20help%20Security%20Teams%20discover%20threats%20and%20anomalous%20behaviors%20to%20ensure%20full%20security%20coverage%20for%20your%20environment%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAfter%20connecting%20our%20data%20sources%20to%20Azure%20Sentinel%2C%20first%20we%20enable%20Analytical%20rules.%20Each%20data%20source%20comes%20with%20built-in%2C%20out-of-the-box%20templates%20to%20create%20threat%20detection%20rules.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAnalytics%20rules%20search%20for%20specific%20events%20or%20sets%20of%20events%20across%20your%20environment%2C%20alert%20you%20when%20certain%20event%20thresholds%20or%20conditions%20are%20reached%2C%20generate%20incidents%20for%20SOC%20to%20triage%20and%20investigate%2C%20and%20respond%20to%20threats%20with%20automated%20tracking%20and%20remediation%20processes%3CSPAN%3E.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2796946%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Sentinel%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ECloud%20Security%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ELog%20Analytics%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

AshleyMartin_0-1632948085475.png

Monitoring Azure Sentinel Analytical Rules – Push Health Notifications - Microsoft Tech Community

Azure Sentinel Analytical rules help Security Teams discover threats and anomalous behaviors to ensure full security coverage for your environment

 

After connecting our data sources to Azure Sentinel, first we enable Analytical rules. Each data source comes with built-in, out-of-the-box templates to create threat detection rules.

 

Analytics rules search for specific events or sets of events across your environment, alert you when certain event thresholds or conditions are reached, generate incidents for SOC to triage and investigate, and respond to threats with automated tracking and remediation processes.

 

0 Replies