Sentinel Archives - Blog by Morten Knudsen about Microsoft Security, Azure, M365 & Automation

How to save $$$ by storing your Syslog and Defender for Endpoint long-term logs in Azure Data Explorer cluster using Azure Data Factory and Azure Storage Account export – while keeping Kusto query functionalities ?

15/01/202312/01/2023 by Morten Knudsen

This blog is about keeping long-term Sentinel logs, giving you insight to the options today – with great opportunities to …

09/01/202309/01/2023 by Morten Knudsen

Do you want to automate alert rules including creating new alert rules and update existing – with checks every x …

02/01/202329/12/2022 by Morten Knudsen

This is a real-life example of how I helped reduce the log-cost by 43% for LogAnalytics & Sentinel combined for …

27/12/202223/12/2022 by Morten Knudsen

One of the cool features in Azure LogAnalytics is the capability to do data-transformation before the data enters your LogAnalytics …