Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,783 questions
1 answer
Looking for Azure real time roles and responsibilities
Hi Friends, I have completed my Azure Administration training and looking for a Azure admin basic roles and responsibilities. Kindly help me what are the roles and responsibilities of a Azure Admin, kindly help me with best links
asked 2021-01-21T12:32:45.433+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 12%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Raj Shekar
21
Reputation points
answered 2021-01-21T12:58:35.46+00:00
SUNOJ KUMAR YELURU
13,946
Reputation points MVP
3 answers
One of the answers was accepted by the question author.
log query on NetworkCidrBlock match
Hi Community, My "ThreatIntelligenceIndicator" table stores rows of NetworkCidrBlock as indicators. I need to query "CommonSecurityLog" table against the indicator table on any DestinationIP that matches any value in…
asked 2021-01-09T08:52:22.787+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 33%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
SentinelNoob
191
Reputation points
accepted 2021-01-20T00:19:35.87+00:00
SentinelNoob
191
Reputation points
1 answer
Playbook as automated response for all Analytics rules | Azure Sentinel
I have created a playbook that will trigger certain alerts, and I want to set this as an automated response for all rules. I can manually set this playbook as an automated response for any Analytics rule, but how can I set it for all rules, including new…
asked 2021-01-15T12:44:22.807+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 23%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Antti Kosonen
1
Reputation point
commented 2021-01-17T19:21:13.887+00:00
Antti Kosonen
1
Reputation point
2 answers
Azure Sentinel DNS
Hi, I enabled the DNS connector in Sentinel and some DNS events are getting collected from the DNS servers, however DnsEvents SubType "LookupQuery" are not being sent to Sentinel. I saw the article here…
asked 2021-01-11T22:41:20.183+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(169.60000000000002, 37%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDG%3C/text%3E%3C/svg%3E)
Della Grotta, Fletcher
1
Reputation point
commented 2021-01-14T00:19:00.54+00:00
SUNOJ KUMAR YELURU
13,946
Reputation points MVP
2 answers
One of the answers was accepted by the question author.
Azure Sentinel (IIS, SQL, Syslog server)
Hello, I am new to Azure Sentinel - so i need to implement this solution. So basically i need to collect logs from Active Directory, IIS, SQL Server make SYSLOG (linux) server which will collect Windows Firewall Logs and then send it's to Syslog…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 39%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EE%3C/text%3E%3C/svg%3E)
1 answer
Missing indicators from Graph Security API submission
Hi Community, Using the Graph Security API, I submitted 1.9 million unique network ip indicators to my Sentinel workspace with concurrent threads. I verified the count via responses from the API. However, the sentinel only shows the ingestion of…
asked 2021-01-10T09:04:49.537+00:00
SentinelNoob
191
Reputation points
answered 2021-01-12T18:27:16.3+00:00
Deva-MSFT
2,256
Reputation points Microsoft Employee
2 answers
Azure Sentinel estimated cost
I understand Azure Sentinel charged by volume of data ingested But I have no idea how many data the following azure services will ingesting to Sentinel Windows server virtual machines Azure SQL server Fortigate Firewall Azure AD …
asked 2020-08-06T05:06:18.15+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 40%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBW%3C/text%3E%3C/svg%3E)
barry.wong
1
Reputation point
answered 2021-01-11T17:46:20.06+00:00
Luis Antonio Márquez
1
Reputation point
1 answer
Log filtering on Azure Sentinel
how to optimize the logs that are being ingested to Azure Sentinel ? Either on prem logs or cloud logs . Can we do any filtering before the log sits in log analytics work space ? if so, how can we add the filtering
asked 2020-12-09T06:53:52.423+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 10%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
pavan kemisetti
1
Reputation point
commented 2021-01-08T09:20:52.527+00:00
pavan kemisetti
1
Reputation point
1 answer
Defender ATP - Query failed, how to investigate
Hello, This morning, we've had an issue with one of our custom rules in Microsoft Defender ATP. For a two hour period, the query returned several false positives, which points us to one of the threat intelligence functions (FileProfile()) either…
asked 2021-01-07T08:37:20.74+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 88%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETJ%3C/text%3E%3C/svg%3E)
Tetera, Jakub
6
Reputation points
answered 2021-01-08T07:42:27.033+00:00
Candy Luo
12,656
Reputation points Microsoft Vendor
0 answers
Azure Sentinel - SQL Audit
Hello, Recently i configure SQL Audit and audit server specifications to collect SQL logs and send it to Application. Also i installed MMA agent on SQL server and configured that Event Viewer -> Application logs (MSSQLSERVER) will be delivered to…
0 answers
Azure Sentinel Azure AD logs
Hello, I have a question about Azure AD Logs sending to Azure Sentinel. I have all prerequisites and connected Azure AD to Azure Sentinel But i didn't receive any logs and Azure AD data connector status is What could be the cause?…
2 answers
One of the answers was accepted by the question author.
Can I trigger playbook from alert Status?
I'm trying to create incidents in ServiceNow whenever an Alert is set to "Active" inside of Sentinel. Is there a playbook trigger for this? Or a way to do this without creating another alert?
5 answers
Azure Sentinel office 365 Tenant Permissions
Hello Thanks for reading my post Hopefully, this is simple to sort out but I seem to be going around in circles setting up a test office 365 and Azure environment - things seem to go well until I ran into this issue following along this…
asked 2021-01-03T15:10:17.247+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 11%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Thomas Black
1
Reputation point
commented 2021-01-05T16:38:51.543+00:00
JamesTran-MSFT
36,376
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Azure Setinel Lookup queries logs
Hello, I configuret Azure Sentinel Workspace. Installed MMA agent on DNS server and enabled DNS logging. And added DNS log event to workspace configuratian. I am receiving logs about DNS dynamic updates but don't get Lookup Query logs. DNS debug…
1 answer
Automated Response for Microsoft Security Rules | Azure Sentinel
Hello, I have created a playbook to orchestrate automated response which will trigger an email with the alert details. I'm able to associate the playbook with scheduled rule analytic rule, however I'm unable to associated with Microsoft Security…
asked 2020-12-01T07:02:56.64+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 95%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
Prasenna Kannan
436
Reputation points
answered 2021-01-04T16:08:08.933+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 56.00000000000001%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJN%3C/text%3E%3C/svg%3E)
John Nephin
1
Reputation point
2 answers
Sentinel Crashing when Running Lookup Search. Trying to find stale Firewall rules.
Hello, I'm trying to implement a lookup search that takes a lookup of all of our firewall rules and correlates it with our firewall data to then output what firewall rules are NOT present in the firewall logs. This is to trim down on any stale firewall…
asked 2020-12-17T20:00:09.837+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 60%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECL%3C/text%3E%3C/svg%3E)
Christian Lozach
1
Reputation point
answered 2021-01-04T08:29:58.47+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 78%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYF%3C/text%3E%3C/svg%3E)
Yaron Fruchtmann
1
Reputation point Microsoft Employee
0 answers
Defender for Endpoint Users Not in MCAS
Hey! We've onboarded 15 users into Defender for Endpoint. Now that we've got the Sentinel Connector turned on to get the raw logs, we can see these machines/users reporting in. However, only 10 of these users show in the MCAS Cloud Discovery Dashboard.…
asked 2020-12-28T17:04:08.603+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 52%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
Sam C
46
Reputation points
commented 2020-12-30T00:43:02.6+00:00
James Hamil
21,851
Reputation points Microsoft Employee
0 answers
[Sentinel] No Azure AD Sign-in logs in my workbook
Hello, I've been trying to use the Azure AD Sign-in logs workbook to see my user's sign ins and I can't get it to work. I definitely see the Audits but no logins even though there are. At this point I have chosen to display only logins and the…
asked 2020-12-18T10:59:51.683+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 25%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
DP
1
Reputation point
commented 2020-12-22T04:07:55.07+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 0%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
VipulSparsh-MSFT
16,231
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Azure sentinel Azure AD logs
Hello, I have question about Azure sentinel Azure AD "data connectors". If my Azure sentinel is in subscription number 2. And i configure azure sentinel. I want to install Azure AD connector to get information from other AD tenant where…
0 answers
Send syslog server logs to Azure Sentinel through log analytics gateway
Team, I have a scenario where one of our customer wanted to send the syslog data to Sentinel through log analytics gateway. We tried to simulate this on our lab but we were facing issues with the successful installation. Can we have a steps where we can…
asked 2020-12-10T08:08:17.75+00:00
pavan kemisetti
1
Reputation point
commented 2020-12-12T00:39:23.843+00:00
JamesTran-MSFT
36,376
Reputation points Microsoft Employee