Azure Sentinel News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
Azure Sentinel News
No Result
View All Result
Home KQL

How to Get Splunk Data into Azure Sentinel

Azure Sentinel News Editor by Azure Sentinel News Editor
December 25, 2020
in KQL
0
BlueVoyant acquires Managed Sentinel, builds out Microsoft MSS offerings
6.5kViews
800 Shares Share on Facebook Share on Twitter

This is not a deep, beefy blog post, but more of an announcement post for those that have been wanting an easier way to get Splunk data into Azure Sentinel to tie the two systems together.

I’ve worked with a number of customers over the last year that are either wanting to move to Azure Sentinel from Splunk, or wanting to save Splunk costs by keeping cloud-data in Azure and on-prem data in Splunk. But, with each scenario, they would also love to tie the data from both system together. In one case, being able to perform a more comprehensive migration and relieve themselves of that big contract cost burden, and in the other case, to use both more intelligently.

Splunkbase has an add-on for Azure Sentinel customers called simply: Azure Sentinel Add-On for Splunk.

Fortunately, the add-on is free, and it was developed by Microsoft so it has to be fantastic — right? It enables customers to ingest Splunk data into Azure Sentinel and query the data with KQL in a custom table.

I may dig into the details of this a bit later in another blog post once I’m more comfortable with the add-on myself. I’m positive I’ll be working with this a lot due to customer interest.

Check it out and let me know what you think.

Reference: https://azurecloudai.blog/2020/11/06/how-to-get-splunk-data-into-azure-sentinel/

Azure Sentinel News Editor

Azure Sentinel News Editor

Related Posts

What’s new: Microsoft Teams connector in Public Preview
KQL

New Azure Sentinel Learning Modules Released

February 1, 2021
What’s new: Microsoft Teams connector in Public Preview
KQL

How to Connect the New Intune Devices Log Azure Sentinel

January 26, 2021
What’s new: Microsoft Teams connector in Public Preview
KQL

How to Create a Backup Notification in the Event an Unauthorized User Accesses Azure Sentinel

January 11, 2021
Next Post
Watching the Watchers: Monitoring Azure Sentinel Query Activity for Malicious Activity.

Why Enabling Entities for Azure Sentinel Investigations is so Important

The ‘All-Seeing’ Azure Sentinel Provides Omnipresent Level Security

Modernize Security for Efficiency and Scale Using Azure Sentinel from Microsoft

Microsoft Releases Azure Sentinel, a Cloud Native SIEM, to General Availability

How to Send Azure SQL Server Audit Logs to Azure Sentinel

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 21.8M Fans
  • 81 Followers

Recommended

New analytics to help Azure-based Sentinel identify threats

Azure Sentinel Workbooks 101 (with sample Workbook)

3 months ago
With new release, CrowdStrike targets Google Cloud, Azure and container adopters

How to Query HaveIBeenPwned Using an Azure Sentinel Playbook

2 months ago
Microsoft Threat Protection and Insider Risk Management hit general availability

Microsoft celebrates 62% Azure revenue growth

3 months ago
Open Systems Augments its Cybersecurity Capabilities With Acquisition of Leading Microsoft Azure Sentinel Expert

Hunting Threats on Linux with Azure Sentinel

3 months ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

Topics

anomaly automation Azure Azure DevOps Azure Security Center Azure Sentinel Azure Sentinel API Azure Sentinel Connector BlueVoyant Call cybersecurity Detection file GitHub Hunting Huntingy IAC incident response Incident Triage infrastructure as code Investigation jupyter LAQueryLogs MDR Microsoft microsoft 365 mssp Multitenancy Notebooks Pester Playbooks PowerShell python Records Security Sentinel Sharing SIEM signin Supply Chain teams Threat hunting Watchlists Workbooks XDR
No Result
View All Result

Highlights

New Items of Note on the Azure Sentinel GitHub Repo

Tuning the MCAS Analytics Rule for Azure Sentinel: System Alerts and Feature Deprecation

New Search Capability for Azure Sentinel Incidents

Follow-up: Microsoft Tech Talks Practical Sentinel : A Day in the Life of a Sentinel Analyst

Changes in How Running Hunting Queries Works in Azure Sentinel

Azure Sentinel can now Analyze All Available Azure Active Directory Log Files

Trending

What’s new: Microsoft Teams connector in Public Preview
IR

How to Generate Azure Sentinel Incidents for Testing

by Azure Sentinel News Editor
February 26, 2021
0

Do you want to generate an Incident in Azure Sentinel for testing/demoing? Here’s a couple easy ways...

What’s new: Microsoft Teams connector in Public Preview

Azure Sentinel Notebooks Loses It’s Preview Tag

February 25, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

The Holy Grail of Azure Sentinel Data Connections: The Azure Service Diagnostic Setting

February 22, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

New Items of Note on the Azure Sentinel GitHub Repo

February 18, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

Tuning the MCAS Analytics Rule for Azure Sentinel: System Alerts and Feature Deprecation

February 17, 2021

We bring you the best, latest and perfect Azure Sentinel News, Magazine, Personal Blogs, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • How to Generate Azure Sentinel Incidents for Testing February 26, 2021
  • Azure Sentinel Notebooks Loses It’s Preview Tag February 25, 2021
  • The Holy Grail of Azure Sentinel Data Connections: The Azure Service Diagnostic Setting February 22, 2021

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

[mc4wp_form]

Copyright © 2020 - Azure Sentinel News

No Result
View All Result
  • Home
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence

Copyright © 2020 Azure Sentinel News