
close
close
Azure Sentinel is Microsoft’s take on a modern cloud-native Security Information and Event Management (SIEM) solution. While Splunk maybe one of the best known SIEM solutions today, Sentinel differs in that it is designed from the get-go to straddle cloud and on-premise infrastructure. Sentinel automatically scales when you need to collect more data and you only pay for what you use. It collects, detects, investigates, and responds to threats. Sentinel can surface suspicious activity and take necessary action to respond to incidents using built-in AI to reduce noise so you can quickly focus on real security incidents.
advertisment
For more information about Azure Sentinel and how to get started with it, check out Cloud-Native SIEM and Built-in AI for Analytics with Azure Sentinel on Petri.
Before you can pull data into Sentinel, you’ll need to configure a Log Analytics workspace and add it to Sentinel.
Monitor Windows Server Security Using Azure Sentinel (Image Credit: Russell Smith)
Let’s add a data connector for Windows Server to the workspace. Note that your Windows Server must be able to connect to the Internet. If your server doesn’t have Internet connectivity, you will need to use a proxy to establish a connection to Azure Sentinel but that is out of the scope of this article.
Monitor Windows Server Security Using Azure Sentinel (Image Credit: Russell Smith)
Monitor Windows Server Security Using Azure Sentinel (Image Credit: Russell Smith)
Monitor Windows Server Security Using Azure Sentinel (Image Credit: Russell Smith)
Monitor Windows Server Security Using Azure Sentinel (Image Credit: Russell Smith)
That is it. You will have to wait for events to start streaming in. I can take up to an hour. In the second part of this article, I’ll show you how to view and work with the events collected from your Windows Server.
advertisment
More from Russell Smith
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Security
CISA Warns Windows Admins Against Applying May Patch Tuesday Updates on Domain Controllers
May 17, 2022 | Rabia Noureen
Microsoft's New Security Experts Service Protects Businesses Against Ransomware Attacks
May 9, 2022 | Rabia Noureen
Microsoft, Google, and Apple to Expand Passwordless Login Across All Major Platforms
May 5, 2022 | Rabia Noureen
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group