Hi there! I'm glad you liked my article.Regarding your query; sure! You could create a Logic App which is triggered with every incident which looks for the Azure tags in a similar…Jul 122Jul 122
Split up your logs with $pl1tRDrop what you don't need and save costs. What's not to like?!Dec 18, 2023Dec 18, 2023
Ingest your logs into Azure Data Explorer with LogstashIs this a better alternative to Sentinel Basic logs?Aug 11, 20232Aug 11, 20232
Unlimited Advanced Hunting for Microsoft 365 Defender with Azure Data Explorer— Part IIJun 7, 20231Jun 7, 20231
Unlimited Advanced Hunting for Microsoft 365 Defender with Azure Data Explorer— Part IMar 30, 20231Mar 30, 20231
Secure your Logstash connections to Microsoft Sentinelby implementing automatic key rotation with "Rot8r"Jan 26, 2023Jan 26, 2023
🎁 HOLiDAY SPECiAL 🎄 From ANSi to nerd fonts…… and some other stuff to get you feeling nostalgicDec 21, 20224Dec 21, 20224
Secure your Microsoft Sentinel playbooks with managed identities… and stop using SPNs and workspace keysDec 13, 20223Dec 13, 20223
Ingest DCR-based custom logs in Microsoft Sentinel with LogstashThe "Swiss army knife" is back! And better than ever!Dec 9, 2022Dec 9, 2022