Things to Do After October 24 When Microsoft 365 Defender for Microsoft Sentinel Integrates AADIP Alerts and Incidents

It's the Friday, before the weekend, just prior to a major Microsoft Sentinel feature update. Did you know that? Well, you would only know it if you're watching the "What's New" section of the Microsoft Sentinel docs - and who does that but me? - so, that's why I'm posting about here to make sure … Continue reading Things to Do After October 24 When Microsoft 365 Defender for Microsoft Sentinel Integrates AADIP Alerts and Incidents

The Easy Way to Get the ARM Deployment Template for a Microsoft Sentinel Solution

If you need the deployment (ARM) template for any Microsoft Sentinel Solution, there's an easy in the UI to way to obtain it. The ARM template will allow you to deploy the Solution using your favorite DevOps method. Once you locate the Solution you want install, begin the actual, normal installation process. When you get … Continue reading The Easy Way to Get the ARM Deployment Template for a Microsoft Sentinel Solution

Easy Way to Build KQL Query Templates for Azure Services

If you want KQL queries to monitor general Azure services, there's actually a pretty easy, quick way to build them. This is not a hidden feature, by any means, but probably (for some of you) something that you've overlooked hundreds of times. In the Azure portal, when you access a number of Azure services, there's … Continue reading Easy Way to Build KQL Query Templates for Azure Services