Summary and resources

Completed

You should have learned how to perform search on large datasets in Microsoft Sentinel.

You should now be able to:

  • Create and view a Search Job in Microsoft Sentinel
  • Restore archived logs in Microsoft Sentinel

Learn more

You can learn more by reviewing the following.

Start an investigation by searching for events in large datasets