Data normalization in Microsoft Sentinel
Intermediate
Security Operations Analyst
Azure
Microsoft Sentinel
By the end of this module, you're able to use Advanced Security Information Model (ASIM) parsers to identify threats inside your organization.
Learning objectives
After completing this module, you'll be able to:
- Use ASIM Parsers
- Create ASIM Parser
- Create parameterized KQL functions
Prerequisites
Basic knowledge of Kusto Query Language (KQL).
Get started with Azure
Choose the Azure account that's right for you. Pay as you go or try Azure free for up to 30 days. Sign up.