Chapter 8:Introducing Workbooks

Azure Sentinel workbooks are a way to create and show customizable and interactive reports that can display graphs, charts, and tables. Information can be presented from Log Analytics workspaces using the same Kusto Query Language (KQL) queries that you already know how to use. These workbooks are based on the workbook technology that has been in use with other Azure resources, including Azure Monitor and Log Analytics workspaces.

Azure Sentinel provides a number of templates that are ready for use. You can use these templates to create your own workbook that can then be modified as needed. Most of the data connectors that are used to ingest data come with their own workbooks, to allow you better insight into ...

Get Learn Azure Sentinel now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learn Azure Sentinel by Richard Diver, Gary Bushey

Chapter 8:Introducing Workbooks

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly