Transforming Data at Ingestion Time in Microsoft Sentinel | Microsoft Sentinel Webinar
Ғылым және технология
Tuesday, May 31, 2022 | 08:00AM - 9:00AM (PST, Redmond Time)
Microsoft Sentinel Webinar | Transforming Data at Ingestion Time in Microsoft Sentinel
Presenter(s): Edi Lahav & Javier Soriano
Description:
The new version of the custom logs API in Log Analytics together with the new pipeline transformation feature open up many new scenarios for Microsoft Sentinel customers, like filtering, masking or tagging. Join this session as we explore these scenarios and show practical examples on how to implement them.
SUBSCRIBE for new Microsoft Security videos every week.
/ @microsoftsecuritycomm...
To ensure you hear about future Microsoft Sentinel webinars and other developments, make sure you join our community by going to aka.ms/SecurityCommunity
#MicrosoftSentinel #LogAnalytics #MicrosoftSecurityCommunity
Пікірлер: 3
Love it. Thanks for putting this video together
[00:15] Agenda [01:15] Ingestion-time transformations overview [01:15] Ingestion-time transformations for standard tables [04:15] Sentinel's data flow before I-T T [06:12] Sentinel's data flow with I-T T [08:17] (What is a) Data Collection Rule (DCR) [10:56] Ingestion-Time Transformations Scenario's [11:10] I-T T Filtering: Scenario 1 [15:48] I-T T Filtering: Scenario 2 [18:13] Enrichtment/Tagging [21:29] Demo - adding the enrichtment transformation KQL [23:05] PII Masking/Obfuscation [27:33] Data Collection Rule based ingestion for custom logs [28:59] Demo Data Collection Rule based ingestion for custom logs [31:30] New Logstash Plugin (coming soon) [32:18] Demo scenario - aggregation with Logstash [36:26] Migration from Custom Logs v1 [38:34] Microsoft Sentinel Data Connectors - Ingestion Time Transformations Support [40:31] Ingestion Time Transformations Advantages [42:10] Resources & next steps [43:40] Q&A
your az command doesn't seem to work anymore. kzread.info/dash/bejne/fKWpxdtqY5vLpNY.html