Recent DiscussionsMost RecentNewest TopicsMost LikesSolutionsTagged:TagRe: Ninja Cat Giveaway: Episode 3 | Sentinel integrationmy favorite feature is fusion that automatically fuse together all alerts using ML and AI UEBA = User and Entity Behavior Analytics
Recent Blog ArticlesMost RecentMost LikesRe: Usage reporting for Azure Sentinel try with this link 🙂 KQLpublic/KQL/Workbooks/WorkspaceUsage at master · clivewatson/KQLpublic (github.com) Azure Sentinel – How to Audit Management Groups A quick walkthrough of auditing management groups using the Azure REST API! Deep Dive How To Debug Syslog Ingestion for Sentinel and Log Analytics Most of the time nobody knows what needs to be collected and how hence, with this article, I just want to make some clarification on what is behind the scenes. Starting from RFC, it is mentioned th...Re: Closing an Incident in Azure Sentinel and Dismissing an Alert in Azure Security Center Can i close manage Sentinel as well? a sort of bidirectional if i am in defender i can close the incident in Sentinel and if i am in Sentinel i can close in Defender? Re: Closing an Incident in Azure Sentinel and Dismissing an Alert in Azure Security Center Cool Nathan Swift very useful! Following your concept we could create the same playbook for DefenderATP, AzureATP, CloudApp and third party if they expose API. Is it correct? Re: Azure Sentinel Sigma & SOC Prime Integration (Part 2) i don't know why but i did all the step of integration and it failed. i change one setting only from "Workspace ID" to "workspace name" and worked. Re: Azure Sentinel Insecure Protocols Workbook Implementation Guide Hi Rafal if you delete accidentally the workbook from MyWorkbook, you can restore it back from templates or copy from GitHub as Custom https://github.com/Azure/Azure-Sentinel/blob/master/Workbook...Re: Usage reporting for Azure Sentinel Well done Clive very useful workbook! it give the overview about the Sentinel's Ingestion Cost. Many customer asked me in the past. i suggest to include it by default into Sentinel
MicrosoftMicrosoftMicrosoftMicrosoft
