top of page

This site was designed with the

website builder. Create your website today.Start Now

Think Beyond the Limits.,

Radhakrishnan Govindan

May 262 min read

Microsoft Sentinel Implementation a Deep Dive- Part 1: Workspace Deployment

Hello Buddies, Howdy..

In this series, we are going to see about Microsoft Sentinel end-to-end implementation and how we can use it.

What is Microsoft Sentinel?

Microsoft Sentinel is a scalable, cloud-native security information and event management (SIEM) that delivers an intelligent and comprehensive solution for SIEM and security orchestration, automation, and response (SOAR). Microsoft Sentinel provides cyberthreat detection, investigation, response, and proactive hunting, with a bird's-eye view across your enterprise.

Microsoft Sentinel also natively incorporates proven Azure services, like Log Analytics and Logic Apps, and enriches your investigation and detection with AI. It uses both Microsoft's threat intelligence stream and also enables you to bring your threat intelligence

Kindly note: We are going to see how we can Deploy, Data Connectors, Threat Management, Content Hub, and many other topics. Hence covering in a single article is not possible which is why made it multiple articles. Don't worry, I will make sure all the previous and next article links are updated and Tags are placed.

To learn MIcrosofft Sentinel - Please refer https://learn.microsoft.com/en-in/training/paths/sc-200-configure-azure-sentinel-environment/

Installing and Configuring Log Analytics Workspace

Creating Log Analytics Workspace for Microsoft Sentinel

Search for Microsoft Sentinel and Click on Microsoft Sentinel

Sentinel-1

Click on Create

Sentinel-2

Click on Create a new workspace

Sentinel-3

Create Resource Group

Note: If you have already created a Resource Group, you can go ahead and select it

Sentinel-4

Sentinel-5

Now you can see the Log Analytics workspace has been created which is required for Microsoft Sentinel in the first place.

Deploying Microsoft Sentinel to a Log Analytics Workspace

Now we can create Microsoft Sentinal to a Workspace that we have created.

Click on Create Microsoft Sentinel

Sentinel-12

Select the Workspace and Click on Add

Sentinel-13

Now you can see the Microsoft Sentinel is getting deployed to a workspace

Sentinel-8

Now Successfully deployed Microsoft Sentinel without any errors and ready to use it.

Note: if you are going to use it for the first time, you can activate for 1 Month Free Trail to validate the solution.

Sentinel-9

Next Articles

Part 2: Microsoft Sentinel Implementation a Deep Dive - Part 2: Microsoft Sentinel Deployment

Part 3: Microsoft Sentinel Implementation a Deep Dive - Part 3: Configuring Data Connectors

Part 4: Microsoft Sentinel Implementation a Deep Dive - Part 4: Deploy VM to Validate the Microsoft Sentinel Deployment

Part 5: Microsoft Sentinel Implementation a Deep Dive - Part 5: Validating the Microsoft Sentinel Deployment

Part 6: Microsoft Sentinel Implementation a Deep Dive - Part 6: Ingesting Microsoft 365 Logs and validation

Recent Posts

Connecting to {PnP}...❌ Unable to retrieve SPO Admin URL

Couldn't connect to the workspace

How to Integrate Microsoft Defender XDR with Microsoft Sentinel to get SIEM and XDR in one place

bottom of page