You are doing a fantastic job here, thanks a lot !

Awesome video and summary! Thanks a lot!

Love the time and effort you put in the coffee edit😁

Great Job! Thanks

Keep it up! These are good.

very nice video , thanks lot

Good video

Excellent video. How do you keep track of your expenses when doing these labs? How much money do you usually spend? Is there a way I could do things like this in a lab environment without worrying for a big bill?

@AzureVlog

10 ай бұрын

As long as you don't ingest that much data into Microsoft Sentinel, it isn't expensive. You pay per GB that gets ingested into Sentinel. Another way to keep things within budget, is to delete resources after finishing your lab.

is there any guide that can help splunk users translate from SPL to KQL?

HI, thank you for your great videos. I have question about 42:51 If i would like to set playbook to block the user, what is the best way to do it? as i can see in your case - you add URL with username? so this playbook will be just for one user, how to do with case of any user?

@AzureVlog

Жыл бұрын

You can use variables in the URI of the HTTP activity. You use the "Entities - Get Account" activity to retrieve the username. Then use that username as variable in the URI. It is actually quite bad that I "hardcoded" the username in the URI of the HTTP activity.

@polonia66

Жыл бұрын

@@AzureVlog thank you so much!

In sentinel log in OperationName column nothing is appearing what to do?

First like from Canada...

First like from Canada..