It happens. Well, at least it's happened to me more than once and I've worked with customers who have been affected, too. Whether it's from someone fat-thumbing something or something else entirely, Workbook edits or updates can get things out of whack where sections stop working and data stops displaying. Because of this, I've taken … Continue reading How to Manage Microsoft Sentinel Workbook Versions
Tag: Workbooks
How to Deploy a Workbook to Azure Sentinel from the GitHub Repository
Deploying collateral from our GitHub repository to your Azure Sentinel instance is very similar in that it is a copy/paste operation. This guidance is specific to an Workbook. How to do it Azure Sentinel Workbooks are located in the Workbooks folder of the GitHub repo. Locate an Analytics Rule you want in the GitHub Repo. Click the … Continue reading How to Deploy a Workbook to Azure Sentinel from the GitHub Repository
Beginning in 2021 Shared Reports is Your Only Save Option for Azure Sentinel Workbooks
Saw this today when I was adding a new Workbook to my Azure Sentinel environment for a customer demo and thought it worthy to pass along. The ability to save workbooks as Private Workbooks is going away by early 2021. You will still be able to access your private workbooks but any edit or save … Continue reading Beginning in 2021 Shared Reports is Your Only Save Option for Azure Sentinel Workbooks
How to Link to Related Workbooks within the Current Azure Sentinel Workbook
Here's a quick one. I had a customer request where they wanted to replicate the capability of another product. In this other product links are generated to related resources within the system. While I can't currently offer that these links can be auto-generated, we do have the ability within Workbooks to create custom links to … Continue reading How to Link to Related Workbooks within the Current Azure Sentinel Workbook
How to Make Your Azure Sentinel Workbooks Even More Interactive with Drilldowns and Downloads
Azure Sentinel Workbooks are designed to be dynamic reporting tools. Based on KQL, the numerous Workbooks included with the product and provided across the web (including our own GitHub repo - aka.ms/ASGitHub) give security teams and security managers a way to create personalized, quick-glance views into the security stance of the organization. I've worked with … Continue reading How to Make Your Azure Sentinel Workbooks Even More Interactive with Drilldowns and Downloads
New Reference Workbooks for Azure Sentinel
Who says Workbooks have to be crazy-complicated and full of dynamic data? Sometimes a valuable Workbook can simply be a great reference to have at your fingertips. Such is the case for a couple new Azure Sentinel Workbooks I just posted to my GitHub repository. These new Workbooks are based off blog posts in the … Continue reading New Reference Workbooks for Azure Sentinel
Sharing Workbook Data Outside Azure Sentinel with Non-analysts
Customers ask quite often how they can share their Workbooks with others outside of Azure Sentinel, i.e., give access to the valuable visualizations/reports to those that don't need full Azure Sentinel access. The solution is actually much easier than it might seem and involves a very simple method of using the pinning features of Workbooks … Continue reading Sharing Workbook Data Outside Azure Sentinel with Non-analysts
Pinning Entire Azure Sentinel Workbooks to Azure Dashboards
For those that do more in the Azure portal everyday than just Azure Sentinel analyst work, it may be helpful to pin some of the more valuable data representations in Sentinel Workbooks to the general Azure portal dashboard. Azure dashboards give immediate access to a host of valuable data, and by "pinning" Azure Sentinel Workbooks, … Continue reading Pinning Entire Azure Sentinel Workbooks to Azure Dashboards
You must be logged in to post a comment.