❕This article has not been completed yet. However, it may already contain helpful Information and therefore it has been published at this stage
Setting up an Automation Account
Necessary Permission (RBAC) adjustments
| ✏️ Note: |
|---|
| Instead of "Monitoring Analytics Contributor", you should look for the "Monitoring Contributor" role. |
| The Azure Function permission can only be assigned after deployment. |
Deploying the solution
How to use the Tool:
File Path: "https://raw.githubusercontent.com/Yaniv-Shasha/Sentinel/master/Sample_Data/scenarios/Security%20Event%20log%20cleared/1102_clearlogs.json"
References:
New ingestion-SampleData-as-a-service solution, for a great Demos and simulation
Demonstrating Microsoft Sentinel features, that include security incidents, alerts, workbooks, meaningful hunting queries, Helping our internal teams,..
GitHub - Contoso-Hotels-Security-old/LogIngestion: LogIngestion and Fusion
LogIngestion and Fusion. Contribute to Contoso-Hotels-Security-old/LogIngestion development by creating an account on GitHub.
GitHub