There’s been a couple slight User Interface changes in the Azure Sentinel console over the past week or so that’s worth highlighting.
A few of you noticed that the Investigation and View Full Details buttons on the Incidents have swapped places. Some noted they experienced the change right away due to muscle memory, i.e., they are used to speeding through the console to get to the Incident details to begin investigating the associated entities and data.
But, there’s another slight UI change some may have missed. In the Logs blade, the cute, little eyeball used for data sampling is gone and the pop-out window has been enhanced. I really like the improvements, but I will miss the eyeball.
The pop-out window is much improved, merging several UI elements into one.
- Use in editor: Sticks the table name into the query window.
- Useful links: This is a jump-link to the Azure Monitor reference docs for that specific table. The full Azure Monitor reference doc is located at: https://aka.ms/AZMonitorRef
- See preview data: This is the replacement for the old data sampling method when the eyeball existed. This will show a random set of data and is the equivalent of: TableName | limit 10