Phenomenal content, I learned more in the 25 minutes video than in any documentation found!!

Did this video help you in setting up Microsoft Sentinel?

@borgy78

Жыл бұрын

Thanks Jeroen, it helped a lot!

your essens of explaining things is so good . doing great work for people

Great tutorial. Thanks!!

Thanks, It's really a interesting & interactive video. Clearly understood !

@AzureVlog

Жыл бұрын

Great you liked the video, thanks!

fantastic content mate, very clear and well described. i have a question as i think i will be starting a junior soc job soon. Do you think all this will be set up on my laptop when i start or is this something everyone has to do manually? it is a very large company so i assume they would have a default set they use?

@cybersamurai99

9 ай бұрын

The company should already have the settings and connectors working, but on this video is nicely showing the demo environment. Hi, Im starting a job on SOC this week, do you have some tips you can give me? How was your first few weeks like? Hope all is going well Bro!

Hey friend, its a begginer question! its possible I create a sentinel lab with no cost? there are some cost with azure or something like that? thank you!

I use subscription azure for students when I click create workspace it takes some time to create it and when its done it breifly appears in the menu below and then it dissapears... any idea whats going on?

I can always spot a Dutch man just by the manner we speak English. We have a unique pronunciation to particular words and I can spot it whenever one speaks.

@Comoplantardinheiro

Жыл бұрын

its the same when I get a Brazillian speaking english. Lol

sir what to do after this video? what will be the following steps after this video???

You made a RG for your playbooks. What resource did you place in there?

@AzureVlog

Жыл бұрын

That resource group can be used for playbooks (logic apps). In this video I didn’t put something in (a follow-up video is coming where I will put resources in it). IThere are two reasons why I put them in their own resource group. One is permissions: In order to trigger run books you need to give permissions on resource group level. The second one is the lifecycle: I think it is also important to take into account that your Sentinel workspace has a different lifecycle than the logic apps / playbooks. It is recommend therefor to have them in their own resource group. This allows you to update the resource group as a whole using a ARM template. Hope this helps!

@FranckJacottin

10 ай бұрын

@@AzureVlog the system does not offer to select the ressource group when you save the workbook. Does it mean you have to save the workbook and then in a second step move it to the playbooks ressource group?

pls maximise the azure portal window, im on 1080p resolution on youtube and the sentinel portal is still blurry and really straining the eyes to see it!

@AzureVlog

Жыл бұрын

Thanks for the feedback! I will execute my demos in 4K next time. This is one of the first videos I have uploaded in 4K. Have you tried changing the resolution of the Video in KZread? And if so; did that resolve the blurry issues?

@TheTCPTalk

Жыл бұрын

@@AzureVlog hey thanks for replying, i already mentioned I'm at 1080p - its blurry because you have the window minimized, it needs to be full screen I think then it should be fine. cheers

Hi everyone! I've followed every step at least 3 times and my Azure Activity isn't coneccting. Refreshed Data Connectors and still nothing.Any ideas? Thanks in advance!

@simple-security

10 ай бұрын

I think it's bugged. did you get it working?

@antoniohuenchumilla2297

10 ай бұрын

Yes! I actually did it a different way. Thank you for asking

@boode5957

10 ай бұрын

@@antoniohuenchumilla2297 can you tell me how long it took to work cause I am facing the same problem.

@simple-security

10 ай бұрын

@@boode5957 worked for me too. Likely I'm just impatient because it took over 4 hours to work, which doesn't seem proper but whatever.

@FranckJacottin

10 ай бұрын

Following the instructions in the video, you should also create a remediate task to ensure the policy is applied