1,297 questions
1,297 questions with Microsoft Security | Microsoft Sentinel tags
0 answers
Unexpected connections to an IP address located in Nigeria
Hello everyone. In the last few months we have seen over 400 direct connections to this IP address: 196.49.32.6, which is associated with the Internet Exchange Point of Nigeria (IXPN). The URLs associated with the connections appear to be related to…
Microsoft Security | Microsoft Sentinel
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 5%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
1 answer
What is Windows Web Experience Pack really for?
Hello, Pertaining to my personal desktop.. Can anyone tell me honestly what Windows Web Experience Pack is for, and why it is always accessing my location? Thank you
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-07-09T08:36:36.9166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 0%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Randall S
0
Reputation points
answered 2025-07-09T17:52:25.5966667+00:00
Clive Watson
7,866
Reputation points MVP
Volunteer Moderator
0 answers
Sentinel REST API alertRules not supported in eastus
I am trying to use the Microsoft Sentinel REST API to list/get/create alert rules. My Sentinel Workspace is in eastus. GET…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-07-03T17:49:38.9933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 24%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Shyamal Pandya
0
Reputation points
commented 2025-07-08T06:53:10.1166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 90%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
Pauline Mbabu
1,165
Reputation points Microsoft Employee
2 answers
Microsoft sentinel not ingesting M365 connector data
Greetings, we have this situation where the data connector for M365 isn't ingesting logs to sentinel. The connector shows as connected, but no logs are being ingested From the health data, they give this message: "Tenant does not exist in the O365…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-05-01T11:58:52.87+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 79%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBD%3C/text%3E%3C/svg%3E)
Brandon DeVane
0
Reputation points
commented 2025-07-07T13:41:34.0333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 38%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPA%3C/text%3E%3C/svg%3E)
philippe augras
25
Reputation points
1 answer
How to install Sentinel content hub via IaC (e.g.) azapi terraform provider
Hi all, I was asked to managed the Sentinel via IaC and successfully installed Log Analytics Workspace & Sentinel via Terraform azurerm provider. I want now to install Content pack from content hubs. I see some documentation for API calls to install…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2024-11-20T16:50:46.0433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 50%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Annamalai, Manickam
0
Reputation points
commented 2025-07-06T13:53:15.6533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 80%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECH%3C/text%3E%3C/svg%3E)
Christophe Humbert
126
Reputation points
1 answer
Need Information about the connection - Logstash Output Microsoft Sentinel
Hi Microsoft Community, I am trying to use logstash to filter log before sending it to Microsoft Sentinel. I see there is a plugin from Microsoft…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-06-30T08:45:20.1733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 65%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Juan Matthew
0
Reputation points
commented 2025-07-01T01:30:50.58+00:00
Juan Matthew
0
Reputation points
1 answer
Cross Tenant Data Ingestion
My issue so far is that I cannot ingest data to "Azure Tables" not "Custom-Tables" with DCRs, for example data from AzureDiagnostics or SecurityAlert from Tenant A cannot be ingested to Tenant B. I understand that Microsoft does not…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-06-27T13:20:10.5766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 1%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDS%3C/text%3E%3C/svg%3E)
Dimitriοs Tsamitas
0
Reputation points
answered 2025-06-27T13:45:53.1033333+00:00
Aditiya Widodo Putra
0
Reputation points
4 answers
Connection between Sentinel, ASC, Defender and Log Analytics
What is the difference and connection between Azure Security Center, Azure Defender, Log Analytics Workspace, and Azure Sentinel, and how can they all be connected? I'm currently writing an essay about Azure and need some help understanding.
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2021-02-19T09:58:27.49+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 35%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBH%3C/text%3E%3C/svg%3E)
Bachelor Hundreogtolv
1
Reputation point
answered 2025-06-26T05:29:59.2566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 92%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEJ%3C/text%3E%3C/svg%3E)
Ethan Johnson
0
Reputation points
1 answer
Do I need to include all IP Addresses of Sentinel in allowlist?
Hi! I am setting up a 3rd Party Threat Intel based in Australia to a my Sentinel environment. Upon checking the link below, there are 18 IP Addresses which are based from different countries. …
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-06-19T23:48:23.8466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 35%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Christian Medina
0
Reputation points
commented 2025-06-24T14:17:53.9566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Navya
20,650
Reputation points Microsoft External Staff
Moderator
0 answers
Packaging Azure Function Data Connector into a Microsoft Sentinel Solution Package
I've built an Azure Function data connector for Sentinel that works great. Now, I need to package it into a proper Microsoft Sentinel Solution for easy deployment. I'm struggling to find any clear documentation on how to do this. How do I include my…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-06-13T07:54:47.94+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 16%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOJ%3C/text%3E%3C/svg%3E)
Omkar Jadhav
0
Reputation points
commented 2025-06-21T06:00:37.49+00:00
Omkar Jadhav
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Azure B2C monitoring for Azure Sentinel Role
I am following this article to set up the delegations https://learn.microsoft.com/en-us/azure/active-directory-b2c/azure-monitor?source=docs The document says that the B2C instance needs the 'Contributor' role on the log analytics workspace resource…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-06-19T01:29:11.84+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 4%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Shashank Kumar
20
Reputation points
commented 2025-06-20T02:39:04.98+00:00
Shashank Kumar
20
Reputation points
1 answer
Microsoft Sentinel | Data connector won't disconnect
Hi, I've currently got these data connectors: I want to disconnect the following: When i open the connector page on Defender for Endpoint etc, everything is disabled, see below: The same with Defender XDR: The same with Threat…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2024-01-30T08:05:09.4866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 41%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAB%3C/text%3E%3C/svg%3E)
Andreas Bjelven
135
Reputation points
commented 2025-06-19T21:31:56.2633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 55.00000000000001%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Ren Valdes
0
Reputation points
0 answers
Unable to see AI MITRE ATT&CK Tagging in SOC Optimization
I can not see AI MITRE ATT&CK Tagging in Microsoft Azure Sentinel SOC Optimization
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-06-16T12:00:10.3533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 6%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERN%3C/text%3E%3C/svg%3E)
Rubén Martínez Robles
0
Reputation points
commented 2025-06-19T16:28:56.95+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 94%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDR%3C/text%3E%3C/svg%3E)
Deepthi R
25
Reputation points Microsoft External Staff
Moderator
1 answer
One of the answers was accepted by the question author.
Collect data from Cisco FTD(Firepower) firewall devices
Hello, I hope this message finds you well. I am reaching out for assistance with ingesting data from a Cisco Firepower 2130 firewall into Microsoft Sentinel. I have already installed the Cisco "Firepower eStreamer" application, but I am unsure…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-06-18T17:50:48.76+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 98%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Aksoy, Mehmet
20
Reputation points
accepted 2025-06-19T15:52:11.7333333+00:00
Aksoy, Mehmet
20
Reputation points
1 answer
Optimize threat intelligence feeds by filtering and enhancing objects before they're delivered to your workspace
We would like to optimize Threat intelligence feed as it spikes esteems as we have setup daily cap of 4gb ingestion.
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-06-16T10:54:00.3533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 38%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Mitul Admin
0
Reputation points
commented 2025-06-19T05:36:55.2633333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 82%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVD%3C/text%3E%3C/svg%3E)
Vigneshwar Duvva
2,225
Reputation points Microsoft External Staff
Moderator
1 answer
A logic app Get-VirusTotalIPReport is not working
I am trying to automate IP enrichment using the Virus Total API. I have set up a logic app and tied it to a respective analytical rule but I am getting the following error. This is a test instance and we have only few resources running on it.
Azure Logic Apps
Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
3,566 questions
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2024-07-30T11:07:58.4133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 1%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Bhupender Singh
0
Reputation points
commented 2025-06-18T16:00:54.4466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 61%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFY%3C/text%3E%3C/svg%3E)
Francisco Yeray Gómez Carrión
0
Reputation points
0 answers
Discrepancy Between Azure Activity Logs from REST API and Microsoft Sentinel
Hi everyone, I'm using the Azure Activity Logs REST API to collect activity logs from my Azure environment. While comparing the results with what’s available in Microsoft Sentinel (specifically in the AzureActivity table), I’ve noticed some…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-05-30T09:06:20.3+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 12%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Margi Patel
0
Reputation points
commented 2025-06-17T14:15:39.29+00:00
Margi Patel
0
Reputation points
1 answer
One of the answers was accepted by the question author.
How do you archive old incidents out of Sentinel (specifically unload them from the incident view)
encountering an issue with Microsoft Sentinel's workspace capacity, particularly as we are expecting to handle up to 10,000 incidents per day—well above the current threshold. Upon investigation, the root cause appears to be that the incident database…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-06-13T14:48:26.6466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 28.999999999999996%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBP%3C/text%3E%3C/svg%3E)
Brynel Peter Libera (CONVERGYS CORPORATION)
100
Reputation points Microsoft External Staff
edited an answer 2025-06-17T07:51:25.3966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 77%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Rukmini
3,916
Reputation points Microsoft External Staff
Moderator
2 answers
How to enable Azure Activity Sentinel Data Connector
Hi, I'm trying to enable Azure Activity Sentinel Data Connector. I've manage to install it and when I follow the 'Launch Azure Policy Assignment Wizard' it completes successfully, however the Azure Activity Data Connector never shows 'green/connected'…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2024-11-07T12:11:18.33+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 81%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESL%3C/text%3E%3C/svg%3E)
Silva, Luis
5
Reputation points
commented 2025-06-14T13:26:51.5666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 5%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Mohsin Ali Amjad Sheikh
0
Reputation points
2 answers
Microsoft Sentinel, Logic App Designer, Email Service
I have spun up a Microsoft Sentinel Log Analytic workspace, I have AMA installed and working on my Azure VMs, I created a analytic rule named "Credential Access" that is supposed to check for brute force attacks (ect.), I created a Logic App…
Microsoft Security | Microsoft Sentinel
1,297 questions
asked 2025-06-05T16:17:32.4433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 85%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Corey Mechalske
60
Reputation points
answered 2025-06-12T12:09:06.9833333+00:00
Navya
20,650
Reputation points Microsoft External Staff
Moderator