![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 11%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPA%3C/text%3E%3C/svg%3E)
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
999 questions
Hi,
Azure Sentinel uses Log Analytics as platform for storing data. As such it adopts the billing and pricing for Log Analytics. Because of that Sentinel does not change the billing of Log Analytics. This means that any data that is free for Log Analytics is free for Sentinel and vice versa. You can check the official documentation for queries that lists data and if it is billable. For example, by modifying one of the queries to:
Usage
| where TimeGenerated > ago(32d)
| where StartTime >= startofday(ago(31d)) and EndTime < startofday(now())
| where IsBillable == false
| summarize BillableDataGB = sum(Quantity) / 1000. by bin(StartTime, 1d), DataType
| render columnchart
You can get data volume by type for data that is not billable.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
