Microsoft Sentinel

5 articles available

SIEM operations, analytics rules, and incident response with Microsoft Sentinel

How to Connect Data Sources to Microsoft Sentinel

beginner

Connect data sources to Microsoft Sentinel using built-in connectors. Step-by-step guide for Microsoft services, third-party solutions, and custom sources.

12 minUpdated January 2025
Read Article

How to Create Analytics Rules in Microsoft Sentinel

intermediate

Build custom analytics rules in Microsoft Sentinel using KQL. Learn to create scheduled rules, configure alert thresholds, and map entities for incidents.

15 minUpdated January 2025
Read Article

How to Investigate Incidents in Microsoft Sentinel

intermediate

Master incident investigation in Microsoft Sentinel. Learn triage workflows, entity analysis, timeline reconstruction, and evidence collection techniques.

14 minUpdated January 2025
Read Article

How to Set Up Automated Playbooks in Microsoft Sentinel

advanced

Create SOAR playbooks in Microsoft Sentinel using Logic Apps. Automate incident response, enrichment, and remediation with step-by-step instructions.

18 minUpdated January 2025
Read Article

How to Tune Noisy Alert Rules in Microsoft Sentinel

intermediate

Reduce false positives in Microsoft Sentinel by tuning analytics rules. Learn suppression techniques, exception handling, and threshold optimization.

13 minUpdated January 2025
Read Article