Tag: siem

Sep 16, 2024

↗

Log Source Availability Monitoring with KQL in Microsoft Sentinel: An Essential Query for SOC Teams
Aug 27, 2024

↗

Suppressing Defender for XDR Incidents Using Automation Rules in Microsoft Sentinel: A Step-by-Step Guide
Aug 18, 2024

↗

Mastering Sentinel: The Essential KQL Query for Every SOC Team
Jun 6, 2024

↗

Troubleshoot Log Ingestion Drops to Microsoft Sentinel from Linux Machines: Addressing /var/log Capacity Issues
May 2, 2024

↗

Streamlining Bulk Incident Closure in Azure Sentinel with PowerShell
Mar 15, 2024

↗

KQL Query to Detect Log Ingestion Downtime by data connector/tables in Microsoft Sentinel
Feb 12, 2024

↗

Log Trimming via Ingestion time transformation in Microsoft Sentinel
Feb 1, 2024

↗

Troubleshooting Guide: Syslog Forwarding into Microsoft Sentinel
Jan 27, 2024

↗

Simplifying Syslog Forwarding to Microsoft Sentinel: A User-Friendly Guide