Search

Tag: microsoft-sentinel

View:
Nicolas Prigent
  • Nicolas Prigent
  • March 31, 2022

Using Azure Data Explorer to store Microsoft Sentinel logs

Azure Data Explorer is a powerful software for real-time analysis of large volumes of streamed data. However, it can be used for data storage as well, and it’s cheaper than Microsoft Sentinel. Additionally, the service is useful if you want to query logs with Kusto Query Language (KQL), which is also available for Azure Log Analytics.
Read more
Nicolas Prigent
  • Nicolas Prigent
  • February 23, 2022

Move Microsoft Sentinel Logs to Azure Storage

You may need your Sentinel logs in long-term retention based on government requirements. Azure Log Analytics starts charging for such retention after 90 days have elapsed. However, you can use a Playbook that creates an Azure Storage account and, after 90 days, automatically moves such logs to cold storage to avoid retention billing.
Read more
Vladan Seget
  • Vladan Seget
  • February 22, 2022

Microsoft Security Applications New Names and improvements

Microsoft constantly evolves and changes, and so do its products and features. This is especially relevant for the continuous expansion of Azure cloud and its hybrid cloud capabilities. This time, we’ll talk about the changes in names and functionality when it comes to products previously known under the Azure Defender and Sentinel umbrellas.
Read more
Nicolas Prigent
  • Nicolas Prigent
  • February 15, 2022

Automate Microsoft Sentinel Playbook Deployment using Azure DevOps

Microsoft Azure Sentinel is a wide-range cloud-native security and event management service. There’s a variety of ways to manage and automate its services. One of such methods is infrastructure as code, where you can automate how Azure Sentinel will respond to alerts and incidents using a Playbook and Azure DevOps.
Read more