- Learn Azure Sentinel
- Richard Diver Gary Bushey Jason S. Rader
- 207字
- 2021-06-30 15:08:17
Chapter 2: Azure Monitor – Log Analytics
In this chapter, we will explore the Azure Monitor Log Analytics platform, which is used to store all the log data that will be analyzed by Azure Sentinel. This is the first component that needs to be designed and configured when implementing Azure Sentinel, and will require some ongoing maintenance to configure the data storage options and control the costs associated with the solution.
This chapter will also explain how to create a new workspace using the Azure portal, PowerShell, and the CLI. Once a workspace has been created, we will learn how to attach various resources to it so that information can be gathered, and we will explore the other navigation menu options.
By the end of this chapter you will know how to set up a new workspace, connect to resources to gather data, enable Azure Sentinel for data analysis, and configure some of the advanced features to ensure security and cost management.
We will cover the following topics in this chapter:
- Introduction to Azure Monitor Log Analytics
- Planning a workspace
- Creating a workspace
- Managing permissions of the workspace
- Enabling Azure Sentinel
- Exploring the Azure Sentinel Overview page
- Connecting your first data source
- Advanced settings for Log Analytics
- Web安全與攻防入門很輕松(實戰超值版)
- 走進新安全:讀懂網絡安全威脅、技術與新思想
- 捍衛隱私
- Mastering Malware Analysis
- 企業數據安全防護指南
- 黑客攻擊與防范實戰從入門到精通
- 聯邦學習原理與算法
- Securing Network Infrastructure
- Real-World SRE
- INSTANT Microsoft Forefront UAG Mobile Configuration Starter
- 2023—2024年中國網絡安全發展藍皮書
- 惡意軟件、Rootkit和僵尸網絡
- Hands-On Spring Security 5 for Reactive Applications
- 網警說安全:網絡陷阱防范110招
- 從實踐中學習Fiddler Web應用分析