Azure Sentinel News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
Azure Sentinel News
No Result
View All Result
Home KQL

How to Enable the Microsoft Teams Public Preview for Azure Sentinel

Azure Sentinel News Editor by Azure Sentinel News Editor
December 28, 2020
in KQL
0
Microsoft improves Azure’s security to protect your business
5.1kViews
609 Shares Share on Facebook Share on Twitter

On the last day of August (the 31st) the long-awaited Public Preview for the Microsoft Teams connector was finally delivered. During Private Preview, you might remember that the connector was a standalone version just for Microsoft Teams. But it’s always been a logical path that Teams would just be added to the existing Office 365 Data Connector for Azure Sentinel. And, so, such is the case today as the Public Preview is now available to enable in your Azure Sentinel tenant.

The fact that Teams is part of the original Office 365 Data Connector means that Microsoft Teams is also a FREE ingestion source.

How to Enable It

We’ve made enabling the Teams connection in the Office 365 Data Connector as easy to connect as everything else that we offer.

To enable it, in the Azure Sentinel console go to the Data Connector blade, locate the Office 365 Connector, then click or tap the Open connector page button.

Office 365 Connector

Finally (see I told you it was easy), on the Instructions tab of the Office 365 Data Connector page, checkbox the Teams (Preview) in the Configuration area, and then click or tap the Apply Changes button.

Enable Teams

Now, that the connection has been made you can sit back and wait for the data to start rolling in.

Waiting for data

While you’re waiting, you can go grab some Teams Hunting queries: https://github.com/Azure/Azure-Sentinel/tree/master/Hunting%20Queries/TeamsLogs

I also put together a 10-pack of Teams KQL queries and posted to my own GitHub repo: https://github.com/rod-trent/SentinelKQL/blob/master/TeamsKQL.zip


Teams data showing up

Reference:https://azurecloudai.blog/2020/09/01/how-to-enable-the-microsoft-teams-public-preview-for-azure-sentinel/

Azure Sentinel News Editor

Azure Sentinel News Editor

Related Posts

Microsoft’s newest sustainable datacenter region coming to Arizona in 2021
KQL

How to Use Azure Sentinel to Protect Against the Exchange Zero-day

March 3, 2021
What’s new: Microsoft Teams connector in Public Preview
KQL

New Azure Sentinel Learning Modules Released

February 1, 2021
What’s new: Microsoft Teams connector in Public Preview
KQL

How to Connect the New Intune Devices Log Azure Sentinel

January 26, 2021
Next Post
Microsoft Debuts Azure Sentinel SIEM, Threat Experts Service

Azure Sentinel Event Grouping is in Public Preview

With new release, CrowdStrike targets Google Cloud, Azure and container adopters

Spice Up Your Azure Sentinel KQL Query Results with Emoji

What’s new: Microsoft Teams connector in Public Preview

How to Make Your Azure Sentinel Workbooks Even More Interactive with Drilldowns and Downloads

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 21.8M Fans
  • 81 Followers

Recommended

Microsoft introduces integrated Darktrace-a-like, Azure Sentinel

Microsoft introduces integrated Darktrace-a-like, Azure Sentinel

4 months ago
Vectra AI and Microsoft partner on security integration

Using the VirusTotal V3 API with MSTICPy and Azure Sentinel

3 months ago
WA strikes govt-wide cloud deal with Microsoft

WA strikes govt-wide cloud deal with Microsoft

4 months ago
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

Microsoft unveils new DLP, ‘Double Key Encryption’ offerings

3 months ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

Topics

anomaly automation Azure Azure DevOps Azure Security Center Azure Sentinel Azure Sentinel API Azure Sentinel Connector BlueVoyant Call cybersecurity Detection file GitHub Hunting Huntingy IAC incident response Incident Triage infrastructure as code Investigation jupyter LAQueryLogs MDR Microsoft microsoft 365 mssp Multitenancy Notebooks Pester Playbooks PowerShell python Records Security Sentinel Sharing SIEM signin Supply Chain teams Threat hunting Watchlists Workbooks XDR
No Result
View All Result

Highlights

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

How to Use Azure Sentinel to Protect Against the Exchange Zero-day

How to Deploy an Analytics Rule to Azure Sentinel from the GitHub Repository

Azure Sentinel Weekly Newsletter

How to Generate Azure Sentinel Incidents for Testing

Azure Sentinel Notebooks Loses It’s Preview Tag

Trending

With new release, CrowdStrike targets Google Cloud, Azure and container adopters
SIEM

Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

by Azure Sentinel News Editor
March 5, 2021
0

Deploying collateral from our GitHub repository to your Azure Sentinel instance is very similar in that it...

Vectra AI and Microsoft partner on security integration

How to Take Advantage of the New Virus Total Logic App Connector for Your Azure Sentinel Playbooks

March 4, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository

March 3, 2021
With new release, CrowdStrike targets Google Cloud, Azure and container adopters

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

March 3, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

How to Use Azure Sentinel to Protect Against the Exchange Zero-day

March 3, 2021

We bring you the best, latest and perfect Azure Sentinel News, Magazine, Personal Blogs, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA March 5, 2021
  • How to Take Advantage of the New Virus Total Logic App Connector for Your Azure Sentinel Playbooks March 4, 2021
  • How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository March 3, 2021

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

[mc4wp_form]

Copyright © 2020 - Azure Sentinel News

No Result
View All Result
  • Home
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence

Copyright © 2020 Azure Sentinel News