Nov 15 2021 10:36 AM
Azure Sentinel Notebooks - Code Snippets (microsoft.com)
As discussed in Part 1 of this series, Notebooks service is a powerful feature and an integral part of Microsoft Sentinel that provides additional capability to help augment your analysis during threat hunting, incident triage and investigation.
When creating your custom notebook, you can leverage the Sentinel code snippets to quickly add the foundation structure to set up the environment for MSTICPy, configure the parameters, authenticate into Azure and Log Analytics, and query the data.
Four code snippets are currently available for Sentinel Notebooks:
You can access the code snippets by simply typing the key-word “Sentinel” in the Notebook code cell.