Deploying collateral from our GitHub repository to your Azure Sentinel instance is very similar in that it is a copy/paste operation. This guidance is specific to an Analytics Rule. P.S. There’s automated ways to accomplish this, but it’s also a good thing to know for basic understanding. For an automated way, see Wortell’s PowerShell module: AZSentinel/AzSentinel … Continue reading How to Deploy an Analytics Rule to Azure Sentinel from the GitHub Repository →

The official GitHub repository for Azure Sentinel exists at: https://aka.ms/ASGitHub Deploying collateral from our GitHub repository to your Azure Sentinel instance is very similar in that it is a copy/paste operation. This guidance is specific to the Hunting query. P.S. There's automated ways to accomplish this, but it's also a good thing to know for … Continue reading How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository →