Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Quick Question

Copper Contributor

HI, quick question,

can i import all detection and queries from GitHub in one go. Seems like I have to do that manually.

Secondly, how do i get logs from Windows system without installing an agent.

Regards

 

2 Replies

@MKhan001_ 

 

@Ofer_Shezaf : Is this is something you can speak to?

@Chris Boehm 

@MKhan001_ 

 

Currently you have to manually import each one at a time, we're already looking into improving this. - No ETA at this time

 

As for your second question regarding Windows System logs - something will have to export the logs for you into Azure Sentinel. Examples given here : https://docs.microsoft.com/en-us/azure/sentinel/connect-data-sources#data-connection-methods