Microsoft Sentinel & Azure Arc – Troubleshooting Windows Event Logs
This post details troubleshooting steps to take when Windows event logs are not being ingested into Microsoft Sentinel via Azure Arc VMs.
Microsoft Sentinel – Ingesting Windows Server Event Logs via Azure Arc
This post outlines the steps to ingest on-premises Windows event logs into Azure Sentinel using Azure Arc.
Microsoft Sentinel – Ingesting Windows Server Event Logs from Azure VMs
Ingesting Windows Server event logs into Microsoft Sentinel involves creating a Data Collection Rule for Azure VMs. Subsequent articles will cover on-premises methods.
Microsoft Sentinel – Configuring PowerBI for Advanced Reporting
Want more reporting in Microsoft Sentinel? Look no further, this guide will show you the steps to use PowerBI with Microsoft Sentinel.
Microsoft Sentinel – Planning & Architecture
There are many things to consider when implementing Microsoft Sentinel, such as: defining objectives, assessing environments, designing architecture, managing user access, and ensuring continuous improvement.
Microsoft Sentinel – The Current Market for SIEM
Whats happening in the market so far in regards to SIEM? How has XDR, Zero Trust and AI impacted the SIEM Market?
Microsoft Sentinel – History of SIEM
SIEM technology began in the 1990s to centralise logs, evolved to real-time event analysis, and now uses machine learning for proactive threat detection.
Microsoft Sentinel – SIEM World Terminology
Microsoft Sentinel requires understanding SIEM concepts and terminology including SOC, SOAR, parsing, syslog, CEF, LEEF, CTI, TAXII, and STIX. Future posts will explore these further.