Preparing towards Azure Sentinel’s GA

This post has been republished via RSS; it originally appeared at: Azure Sentinel articles.

As we move closer to general availability (GA), you will see many changes in the Azure Sentinel. While true to the cloud, we release them as they are ready, the formal announcement will come with GA. This blog post lists some that may require your attention beforehand.

 

Those are already online today:

  • We are replacing the current Dashboards with Workbooks, which offer many new features not available with the current dashboards. Note that dashboards will be removed from Azure Sentinel with GA. You will still be able to access them using the Azure portal outside of Azure Sentinel. 
  • The API to enable and disable Fusion in Azure Sentinel is going to be deprecated. We are making it easier to configure with an option in the UI, and it will be turned ON by default.  
  • As promised, the new Analytics screen includes a large number of rules out of the box in the "rules templates" tab. Apart from Fusion, those are not active by default. Make sure you apply those that are relevant to you using the "create rule" button for each template.

While still not available today, note that the method to deploy CEF connectors would also change and will be more straightforward. The change would not affect any existing CEF connector as it related only to the deployment process.

REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.