I was currently in a project where we needed to have a multi-tenant Microsoft Sentinel environment. We had multiple Sentinel / Log Analytics workspaces where we needed to do cross queries to look at the datasets which is typically the case with MSSP environments. When it comes to using Microsoft Sentinel as a multi-tenant solution such as …
Cross Analytics queries with a multitenant Azure Sentinel setup Read More »
The last couple of weeks I’ve been busy preparing for upcoming webinars/conferences, and therefore I want to mention that tomorrow I’ll be presenting at the Nordic Virtual Summit. Which is a IT pro based event Nordic Virtual Summit – A virtual IT Pro Community Event! * On Wednesday I’ll be talking about Security and Governance (with …
In a previous blog post (https://msandbu.org/automating-azure-sentinel-deployment-using-terraform-and-powershell/) I wrote how about you can use Terraform to automate the setup of Azure Sentinel and Log Analytics. The issue back then, was that you couldn’t automate Sentinel Analytics rules which you still needed to maintain using a third-party PowerShell module. NOTE: I’m working on publishing a Terraform module …
