Microsoft Sentinel Blog

Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
Options
3,830
Matt_Lowe on Mar 14 2024 05:21 PM
2,923
Umesh_Nagdev on Feb 20 2024 07:04 AM
2,493
Josefa-Sepulveda on Feb 08 2024 07:58 AM
4,507
BenjiSec on Feb 06 2024 04:03 AM
3,428
PrateekTaneja on Feb 04 2024 10:22 PM
4,897
madesous on Jan 17 2024 05:27 AM
2,754
GBushey on Jan 16 2024 07:20 AM
2,892
VipulDabhi on Jan 08 2024 11:11 AM
5,434
timurengin on Jan 08 2024 11:10 AM
22.8K
Josefa-Sepulveda on Jan 02 2024 02:24 AM
45.1K
Arjun_Trivedi on Nov 29 2023 10:13 PM
9,142
skochavi on Nov 27 2023 01:21 PM
8,024
ShaharAviv on Nov 20 2023 10:27 PM
6,104
Eric Burkholder on Nov 15 2023 02:26 PM
57.5K
Erez Einav on Nov 15 2023 08:00 AM
4,978
mahmoudmsft on Nov 08 2023 10:02 AM
13.7K
Pete Bryan on Sep 21 2023 03:02 PM
15.5K
lili on Sep 05 2023 12:18 AM
6,730
Tiander Turpijn on Aug 30 2023 04:33 AM
17.9K
Jeremy Tan on Aug 23 2023 04:30 AM
7,179
Matt_Lowe on Aug 22 2023 09:30 AM
12.7K
Nicolas Lepagnez on Aug 09 2023 04:44 AM
11.4K
MichalShechter on Aug 01 2023 11:02 AM
8,728
Maayan_Magenheim on Jul 25 2023 07:09 AM
11.5K
Beth_Bischoff on Jul 11 2023 04:00 AM
36.5K
chaitra_satish on Jul 10 2023 08:30 AM
9,521
Preeti_Krishna on Jul 10 2023 07:43 AM
13K
yohasson on Jul 06 2023 06:05 AM

Latest Comments

Hi @wannabeakiwi, I confirm that the On-Premises and online collectors use the "Legacy" HTTP Data collector API. We have in the roadmap to move to the new log ingestion API, this will be done before 2026. We espect a target for CY25 allowing you arround 1 year to migrate. I add a note in our backlog...
0 Likes
Thank you for this. It looks like Microsoft Exchange Security for Exchange Online - Microsoft Azure) solution uses the Azure Monitor HTTP Data Collector API - Azure Monitor | Microsoft Learn which is "deprecated and will no longer be functional as of 9/14/2026". Will the solution be updated to use t...
0 Likes
@timurengin Hello kind sir,Adding additional tasks (more then 1) in the yml file where you specifiy workingDirectory causes DevOps pipeline to overwrite each tasks tracking_table_<id>.csv. This is with the default powershellscript created by connecting Sentinel out the box.Example issue:Task 1 creat...
0 Likes
I'm experiencing an issue while trying to create Sentinel solution through bicep file deployment.// azure sentinel// workspace creationparam location string = resourceGroup().locationresource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = {name: 'ul-sda-np-alaw-cae-002'location: l...
0 Likes
The SIR Work Notes are supposed to be updating when the Status changes (as previously stated, we get New/Active now).At this point we're not focused on ServiceNow writing back to Sentinel, so the field mapping is not urgent.
0 Likes