Chapter 8. Security monitoring with Azure Sentinel, Security Center, and Network Watcher

Chapter 8 Security monitoring with Azure Sentinel, Security Center, and Network Watcher

WRITTEN BY MIKE KASSIS

The previous chapter explains how to turn on logging and consolidate logs into a few areas. It also touched on some of the querying capabilities across these logs. This chapter explores how to start working with those logs. In some cases, we will have out-of-the-box (OOTB) alerting capabilities and investigation tools, which are extremely useful for handling 80% of your monitoring use cases. For the other 20%, we can build custom queries, playbooks, workbooks, and alerts. Knowing what is available and when to use a specific approach are critical to operationalizing your use of the Azure network security product stack.

First, we look ...

Get Microsoft Azure Network Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microsoft Azure Network Security by Nicholas DiCola, Anthony Roman

Chapter 8

Security monitoring with Azure Sentinel, Security Center, and Network Watcher

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly