Recent DiscussionsMost RecentNewest TopicsMost LikesSolutionsTagged:TagRe: Automation Rules Not TriggeringCan you please post Automation rule screenshot where you defined these conditions?Re: How to generate Sentinel incidents to test playbooks?You can use my tool to generate sample CEF logs in a Linux machine but you'll need it connected to Sentinel. https://github.com/mlaraibkhan/CEF-LogGeneratorRe: Automation Rule and PlaybooksAutomation Rule: Set conditions to send Sentinel Incidents to an automation workflow or playbook. Playbook: Execute course of action (require API integrations with connectors). They are more complex and require deep knowledge.Re: Kusto Explorer - So Many Tables!There's no automated way to connect KQL or any kind of Sentinel content back to GitHub. The best practice would be to manually copy KQL and paste them using the GitHub desktop + Sublime text or vs code. Otherwise, all efforts will be lost.How to Manage Permissions in Sentinel Workspace to Edit Given Workbooks Hi There! Is there a way to manage workspace permissions which gives rights to edit only a given number of workbooks in Microsoft Sentinel?
Recent Blog ArticlesMost RecentMost LikesRe: Microsoft Sentinel: Public preview of Microsoft Defender for Cloud to Defender XDR integration The new 3.0 version and tenant-based connector are now visible in euwest. Re: Introducing a Unified Security Operations Platform with Microsoft Sentinel and Defender XDR Can you please send me the invitation form for the XDR private preview? Re: Microsoft Sentinel: Public preview of Microsoft Defender for Cloud to Defender XDR integration I don't see an update in the content hub for Defender for Cloud data connector yet. Re: Integrating Azure Web Application Firewall with Azure Sentinel Playbook constantly failing at GET App Gateway action. Is there any way to resolve it? Seems like the URL is malformed. Re: Part 1 - Lab Setup: Azure WAF Security Protection and Detection Lab Well explained, just deployed my first WAF Lab using your template!