Azure Sentinel

Rohit 1 Reputation point
2020-10-23T10:08:56.87+00:00

I want to build a custom rule on Sentinel and data source would be the Azure Firewall. Please provide me the query for the rule.

Few rule like below:

  1. Port Scan(Horizontal and Vertical)
Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,210 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Jason Smyth 6 Reputation points
    2021-03-04T14:41:13.987+00:00

    Hello,

    As a starting point, have you reviewed: https://learn.microsoft.com/en-us/azure/sentinel/connect-azure-firewall

    Jason S.

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.