Microsoft Sentinel
5 articles available
SIEM operations, analytics rules, and incident response with Microsoft Sentinel
How to Connect Data Sources to Microsoft Sentinel
beginnerConnect data sources to Microsoft Sentinel using built-in connectors. Step-by-step guide for Microsoft services, third-party solutions, and custom sources.
How to Create Analytics Rules in Microsoft Sentinel
intermediateBuild custom analytics rules in Microsoft Sentinel using KQL. Learn to create scheduled rules, configure alert thresholds, and map entities for incidents.
How to Investigate Incidents in Microsoft Sentinel
intermediateMaster incident investigation in Microsoft Sentinel. Learn triage workflows, entity analysis, timeline reconstruction, and evidence collection techniques.
How to Set Up Automated Playbooks in Microsoft Sentinel
advancedCreate SOAR playbooks in Microsoft Sentinel using Logic Apps. Automate incident response, enrichment, and remediation with step-by-step instructions.
How to Tune Noisy Alert Rules in Microsoft Sentinel
intermediateReduce false positives in Microsoft Sentinel by tuning analytics rules. Learn suppression techniques, exception handling, and threshold optimization.