How to Deploy an Analytics Rule to Azure Sentinel from the GitHub Repository

Deploying collateral from our GitHub repository to your Azure Sentinel instance is very similar in that it is a copy/paste operation. This guidance is specific to an Analytics Rule. P.S. There’s automated ways to accomplish this, but it’s also a good thing to know for basic understanding. For an automated way, see Wortell’s PowerShell module: AZSentinel/AzSentinel … Continue reading How to Deploy an Analytics Rule to Azure Sentinel from the GitHub Repository

How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository

The official GitHub repository for Azure Sentinel exists at: https://aka.ms/ASGitHub Deploying collateral from our GitHub repository to your Azure Sentinel instance is very similar in that it is a copy/paste operation. This guidance is specific to the Hunting query. P.S. There's automated ways to accomplish this, but it's also a good thing to know for … Continue reading How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository