Facing a Scenario Where You Need to Create a Custom Table in Log Analytics (or Sentinel) but Don’t Have Sample Logs in JSON Format?"
READ ABOUT CUTTING EDGE TECHNOLOGIES, AND CLOUD COMPUTING.
Scroll down to read about Cloud Technologies.
Blogs on Futuristic Technologies, Cloud Computing, Azure Cloud, Azure Security, Azure Monitor, Azure Sentinel, Azure Log Analytics, Azure Automation, Azure Defender, KQL and many other things.
LEARN AND GROW
Learn and Grow
Have you noticed empty fields in the Common Security Event Format (CEF) logs when collecting them in Microsoft Sentinel?
Configuring the "Citrix ADC" Data Connector in Microsoft Sentinel.
Automating Playbook Execution on Specific Days with Microsoft Sentinel and Logic Apps.
Microsoft Log Analytics Workspace: The Case missing column of 'msg_s' from the table AzureDiagnostics.
Optimizing Microsoft Sentinel (SIEM) Environment
Microsoft Sentinel - Retaining the telemetry for Longer duration.
Are you using “Azure Monitor Logs Data Export” for exporting log analytics data to storage account ?
Microsoft Sentinel - Security Incident Closure Reports
KQL query for removing the pipe symbol ("|") from strings.
Microsoft Sentinel - Collecting Common Event Format (CEF) via AMA Data connector.
Collecting CEF log using Azure Monitor Agent (AMA agent). Unable to install CEF collector on RHEL8.
Error "Failed to list classic administrators of subscription" while deploying the Service offer.
Granted permission “Sentinel Reader” or “Sentinel Responder” but the Sentinel is not visible ?
Monitoring the health of the Microsoft Sentinel Data connectors
Microsoft Defender Vulnerability Management
Managing cross Tenant Sentinel Workspace using the Azure Light House capabilities.
Integrating Microsoft Defender with Microsoft Sentinel
Identifying the TorNodes IP address using the Azure Sentinel.
Azure Sentinel will now be known as 'Microsoft Sentinel'