On December 29th, when the rest of the world wasn’t watching, the Microsoft team unleashed the first rev of a PowerShell module specifically for Azure Sentinel.
You can find Az.SecurityInsights version 0.1.0 here: https://www.powershellgallery.com/packages/Az.SecurityInsights/0.1.0
I’ve been playing with it the last couple days when my wife isn’t looking. I’m off until January 4th and have to sneak away to do anything remotely work related. Granted, I needed the break because I was going gangbusters delivering 2-3 Azure Sentinel workshops per week for the last 6 months, but not I’m starting to get antsy – ready to dive back into things at the start of the new year.
So…the PowerShell module. You’re probably already wondering about what’s in it – or – if it’s worth your time since it’s an early revision. So, here you go…
What’s included? (cmdlets)
UPDATE: A few hours after this blog post, the product team posted its own announcement, which includes many more details. See: New Year – New Official Azure Sentinel PowerShell Module!
Hopefully, you’re already familiar with the Wortell PowerShell module offering. If not, you should absolutely invest some time in checking it out. This module has been the de facto standard, go-to for over a year.
Wortell Powershell module: https://github.com/wortell/AZSentinel
And, P.S. HAPPY NEW YEAR!