VanTUG – Global Azure Vancouver 2024 – Sentinel with Andrew Lowes

Microsoft Copilot Meeting Recap notes:

The meeting was about mastering the pulse of Microsoft Sentinel, a cloud-native security information and event management (SIEM) solution.

The presenter was Andrew Lowes, a Microsoft Azure and security expert.

The main topics covered were:

– How to enable and use health monitoring for Sentinel workspaces and resources.

– How to define use cases and strategies for health monitoring.

– How to create analytics rules and logic apps to alert on health issues.

– How to ingest data from various sources and filter and transform it for Sentinel.

The presenter also shared some resources and links for learning more about Sentinel.

The audience had some questions about the cost, data connectors, and data filtering of Sentinel.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *