Microsoft Sentinel - Retaining the telemetry for Longer duration.
When setting up Microsoft Sentinel, there's a common question: How do we store data for a really long time? Some compliances and...
top of page
READ ABOUT CUTTING EDGE TECHNOLOGIES, AND CLOUD COMPUTING.
Scroll down to read about Cloud Technologies.
Blogs on Futuristic Technologies, Cloud Computing, Azure Cloud, Azure Security, Azure Monitor, Azure Sentinel, Azure Log Analytics, Azure Automation, Azure Defender, KQL and many other things.
LEARN AND GROW
Learn and Grow
Search
Keshav Jain
- Jun 21
- 3 min
Are you using “Azure Monitor Logs Data Export” for exporting log analytics data to storage account ?
From a compliance standpoint, it's important to keep backups of the telemetry data stored in Azure Sentinel and Log Analytics workspace....
30 views0 comments
Keshav Jain
- Jun 14
- 3 min
Microsoft Sentinel - Security Incident Closure Reports
As a member of a Security Operations Center (SOC), one of the key responsibilities is to generate regular reports on incidents. These...
34 views0 comments
Keshav Jain
- Jun 14
- 2 min
KQL query for removing the pipe symbol ("|") from strings.
In this blog post, we will explore how to remove the trailing pipe symbol ("|") from strings using Kusto Query Language (KQL). We'll...
9 views0 comments
Keshav Jain
- Feb 9
- 3 min
Microsoft Sentinel - Collecting Common Event Format (CEF) via AMA Data connector.
Microsoft Sentinel offers the Common Event Format (CEF) via the AMA connector, allowing for the quick filtering and uploading of logs in...
146 views0 comments
Keshav Jain
- Dec 16, 2022
- 1 min
Collecting CEF log using Azure Monitor Agent (AMA agent). Unable to install CEF collector on RHEL8.
We were working on configuring the Data Connector "Common Event Format (CEF) via AMA" in Microsoft Sentinel . While running the CEF...
121 views0 comments
Keshav Jain
- Oct 10, 2022
- 1 min
Error "Failed to list classic administrators of subscription" while deploying the Service offer.
Below listed error might appear while deploying the ARM template in MSSP environment for managing the Sentinel using the Azure...
25 views0 comments
Keshav Jain
- Aug 4, 2022
- 1 min
Granted permission “Sentinel Reader” or “Sentinel Responder” but the Sentinel is not visible ?
I often ran in scenario where I granted permission “Log Analytics Reader” and “Microsoft Sentinel Reader” or “Microsoft Sentinel...
47 views0 comments
Keshav Jain
- Jun 22, 2022
- 2 min
Monitoring the health of the Microsoft Sentinel Data connectors
Monitoring the health of the Microsoft Sentinel Data connector Data is sent to the Microsoft Sentinel workspace by configuring the...
415 views1 comment
Keshav Jain
- Jun 1, 2022
- 1 min
Microsoft Defender Vulnerability Management
With the launch of ‘Microsoft Defender Vulnerability Management’, Microsoft has added more power to the Defender suite. Now,...
214 views0 comments
Keshav Jain
- Feb 28, 2022
- 2 min
Managing cross Tenant Sentinel Workspace using the Azure Light House capabilities.
This blog talks about configuring the test environment for the Azure Lighthouse and Sentinel. Here I am sharing my learning. This is...
182 views0 comments
Keshav Jain
- Dec 1, 2021
- 1 min
Integrating Microsoft Defender with Microsoft Sentinel
Learn how to integrate the Microsoft Defender Data Connectors in Microsoft Sentinel. https://www.youtube.com/watch?v=hZ1CxNRpFWM&t=1726s
78 views0 comments
Keshav Jain
- Nov 10, 2021
- 1 min
Identifying the TorNodes IP address using the Azure Sentinel.
Tor IP addresses are tunneled through other devices on the Tor network with "Onion Routing". This prevents a user's real IP address from...
1,153 views4 comments
Keshav Jain
- Nov 8, 2021
- 1 min
Azure Sentinel will now be known as 'Microsoft Sentinel'
Name changes that Microsoft has announced at Ignite 2021. Azure Sentinel Microsoft Sentinel Azure Defender and Azure...
63 views0 comments
Keshav Jain
- May 29, 2021
- 1 min
Configure the Azure Sentinel.
Learn how to configure Azure Sentinel. If you are preparing for SC200 examination then its important to learn how to configure the Azure...
79 views0 comments
Keshav Jain
- May 22, 2021
- 1 min
Learn how to write your first KQL query!
KQL is quite important in Azure SECOPS domain. Azure Sentinel, Azure Monitor, Defender suite, etc. are powered by KQL . Sometime when...
154 views0 comments
Keshav Jain
- Mar 28, 2021
- 1 min
Azure Sentinel KQL Query to generate report of Users and Authentication Methods they have used.
Below KQL query will generate the report that generate report of Users and Authentication Methods they have used. SigninLogs | extend...
844 views0 comments
bottom of page