From the course: Implementing and Administering Microsoft Sentinel
Join today to access over 24,300 courses taught by industry experts.
Onboarding Microsoft Sentinel
From the course: Implementing and Administering Microsoft Sentinel
Onboarding Microsoft Sentinel
- [Narrator] Now we're going to step through the Microsoft Sentinel onboarding process, which is really very simple. And Sentinel uses a log analytics workspace as its backend, which stores all the events and other information Sentinel needs just like Azure Monitor. And these backends are ultra high scale and they support querying with Kusto Query Language. Now, when we deploy Sentinel, we have a decision to make with regards to our log analytics workspace. Do I want to share an existing login analytics workspace, or do I want a fresh, dedicated log analytics workspace for my Sentinel instance? My choice is, always, a fresh, dedicated log analytics workspace. I'll explain more about why in just a moment. So I'm going to click on create a new workspace. And I have now the wizard to walk through for creating that fresh log analytics workspace. So I'll give this a resource group that is fairly descriptive. So I remember why I created it. Give my log analytics instance and name. And I'm…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.