Microsoft Sentinel: Planning and implementing Microsoft's cloud-native SIEM solution, 2nd Edition

Chapter 6 Notebooks

In Chapter 5, you learned about hunting in Microsoft Sentinel. This chapter is going to cover another hunting option, using Notebooks. More precisely, Jupyter Notebooks. Besides hunting, you will explore other options, like enrichment and extending your incident triage experience using Notebooks.

A lot has already been written about Jupyter Notebooks, hereafter referenced as Notebooks. In summary, Jupyter is an interactive development and data manipulation environment. A Notebook is generally referenced as a document that integrates live code, equations, computational output, visualizations, and other multimedia resources, along with explanatory text in a single document.

The intent of this chapter is to provide you with ...

Get Microsoft Sentinel: Planning and implementing Microsoft's cloud-native SIEM solution, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microsoft Sentinel: Planning and implementing Microsoft's cloud-native SIEM solution, 2nd Edition by Nicholas DiCola, Yuri Diogenes, Tiander Turpijn

Chapter 6

Notebooks

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly