Microsoft Sentinel – Migrating to another Subscription
This post details a few options for migrating Microsoft Sentinel between Azure subscriptions and resource groups.
Microsoft Sentinel – Using Azure Lighthouse
This article provides the steps taken to implement Azure Lighthouse for multi-tenant management of Microsoft Sentinel instances.
Microsoft Sentinel & Azure Arc – Troubleshooting Windows Event Logs
This post details troubleshooting steps to take when Windows event logs are not being ingested into Microsoft Sentinel via Azure Arc VMs.
Microsoft Sentinel – Ingesting Windows Server Event Logs via Azure Arc
This post outlines the steps to ingest on-premises Windows event logs into Azure Sentinel using Azure Arc.
Microsoft Sentinel – Configuring PowerBI for Advanced Reporting
Want more reporting in Microsoft Sentinel? Look no further, this guide will show you the steps to use PowerBI with Microsoft Sentinel.
Azure & Windows 11 – Issue with RDP using Entra ID Credentials
A quick workaround for RDP login issues with Entra ID credentials on a Windows 11 VM in Azure.
Microsoft Sentinel – Planning & Architecture
There are many things to consider when implementing Microsoft Sentinel, such as: defining objectives, assessing environments, designing architecture, managing user access, and ensuring continuous improvement.
Microsoft Sentinel – The Current Market for SIEM
Whats happening in the market so far in regards to SIEM? How has XDR, Zero Trust and AI impacted the SIEM Market?
Microsoft Sentinel – History of SIEM
SIEM technology began in the 1990s to centralise logs, evolved to real-time event analysis, and now uses machine learning for proactive threat detection.
Microsoft Sentinel – SIEM World Terminology
Microsoft Sentinel requires understanding SIEM concepts and terminology including SOC, SOAR, parsing, syslog, CEF, LEEF, CTI, TAXII, and STIX. Future posts will explore these further.