Script: Sentinel Data Lake Table Management
Microsoft Sentinel’s data lake story is quietly powerful: you get fast, 90-day Analytics (Shortterm) for hunting and detections, plus scalable, …
cost
Tutorial: Integrate AI into your Powershell scripts
I have been playing around with integrating AI into my favorite scripting tool: Powershell. This blog serves as a quick-guide …
Optimize Costs using Auxiliary Logs for Verbose Logging
Today, we use logging for many purposes including security hunting with SIEM (Sentinel), troubleshooting, performance telemetry, compliance reporting – but …
How to save $$$ by storing your Syslog and Defender for Endpoint long-term logs in Azure Data Explorer cluster using Azure Data Factory and Azure Storage Account export – while keeping Kusto query functionalities ?
This blog is about keeping long-term Sentinel logs, giving you insight to the options today – with great opportunities to …
Real example with 43% cost savings on Sentinel log-costs: How to exclude Syslog log-events from banned IPs using AbuseIPDB-service with integration to firewalls
This is a real-life example of how I helped reduce the log-cost by 43% for LogAnalytics & Sentinel combined for …