Azure Sentinel News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
Azure Sentinel News
No Result
View All Result
Home Threat Intelligence

What’s New: Livestream for Azure Sentinel is now released for General Availability

Azure Sentinel News Editor by Azure Sentinel News Editor
December 1, 2020
in Threat Intelligence
0
Mimecast Email Security for Azure Sentinel is now available in the Microsoft Azure Marketplace
4.1kViews
166 Shares Share on Facebook Share on Twitter

What is Azure Sentinel Livestream? 

Livestream lets you run queries that refresh every 30 seconds and notifies you of any new results.  Creating a livestream enables you to (1) test newly created queries as events occur, (2) receive notifications from a session when a match is found, (3) promote a livestream to a detection rule to generate incidents in the future, (4) quickly launch investigations if necessary. You can quickly create a livestream session using any Log Analytics query.

How do I get started?

Create a livestream session:

In the Azure portal, navigate to Sentinel > Threat management > Hunting.

Select the Livestream tab.

Select “+ New livestream” to start a new livestream.

start_ls.gif

|where EventID == 4625

In this query we’re asking Azure Sentinel to stream all Windows login events in this workspace where the event ID = 4625 (that’s for when an account fails to log on). As you can see, we’re getting a lot of events here, and they’re being updated every 30 seconds by the live stream.

Quickly launch an investigation:

Quickly launch an investigation in the investigation graph directly from your livestream by selecting creating a bookmark directly from livestream.

bookmark.gif

Reference:https://techcommunity.microsoft.com/t5/azure-sentinel/what-s-new-livestream-for-azure-sentinel-is-now-released-for/ba-p/1459972

Tags: Azure SentinelDetectionHuntingInvestigationSecurity
Azure Sentinel News Editor

Azure Sentinel News Editor

Related Posts

With new release, CrowdStrike targets Google Cloud, Azure and container adopters
Threat Intelligence

Tips for Parsing Syslog to Azure Sentinel

December 31, 2020
CRITICALSTART Adds Support for Microsoft Azure Sentinel to MDR Services
Threat Intelligence

Locate all the Preview Goodies in Your Azure Sentinel Console

December 30, 2020
Microsoft is quietly becoming a cybersecurity powerhouse
Threat Intelligence

How to Prohibit an Azure Sentinel Analyst from Editing a Playbook

December 29, 2020
Next Post
New Azure VMware Solution now generally available in Asia

Using external data sources to enrich network logs using Azure storage and KQL

New analytics to help Azure-based Sentinel identify threats

MAY THE "TI" BE WITH YOU: Connect ThreatConnect TIP with Azure Sentinel

Mimecast Email Security for Azure Sentinel is now available in the Microsoft Azure Marketplace

Sending enriched Azure Sentinel alerts to 3rd party SIEM and Ticketing Systems

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 21.8M Fans
  • 81 Followers

Recommended

odix joins the Microsoft Intelligent Security Association (MISA) program extending FileWall security logs to Microsoft Azure Sentinel

odix joins the Microsoft Intelligent Security Association (MISA) program extending FileWall security logs to Microsoft Azure Sentinel

4 months ago
The ‘All-Seeing’ Azure Sentinel Provides Omnipresent Level Security

Securing Remote Work Setups in the Age of COVID-19

4 months ago
With new release, CrowdStrike targets Google Cloud, Azure and container adopters

Managing Disconnected Azure VMs for Azure Sentinel

2 months ago
With new release, CrowdStrike targets Google Cloud, Azure and container adopters

Azure Sentinel: Performing Additional Security Monitoring of High-Value Accounts

3 months ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

Topics

anomaly automation Azure Azure DevOps Azure Security Center Azure Sentinel Azure Sentinel API Azure Sentinel Connector BlueVoyant Call cybersecurity Detection file GitHub Hunting Huntingy IAC incident response Incident Triage infrastructure as code Investigation jupyter LAQueryLogs MDR Microsoft microsoft 365 mssp Multitenancy Notebooks Pester Playbooks PowerShell python Records Security Sentinel Sharing SIEM signin Supply Chain teams Threat hunting Watchlists Workbooks XDR
No Result
View All Result

Highlights

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

How to Use Azure Sentinel to Protect Against the Exchange Zero-day

How to Deploy an Analytics Rule to Azure Sentinel from the GitHub Repository

Azure Sentinel Weekly Newsletter

How to Generate Azure Sentinel Incidents for Testing

Azure Sentinel Notebooks Loses It’s Preview Tag

Trending

With new release, CrowdStrike targets Google Cloud, Azure and container adopters
SIEM

Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

by Azure Sentinel News Editor
March 5, 2021
0

Deploying collateral from our GitHub repository to your Azure Sentinel instance is very similar in that it...

Vectra AI and Microsoft partner on security integration

How to Take Advantage of the New Virus Total Logic App Connector for Your Azure Sentinel Playbooks

March 4, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository

March 3, 2021
With new release, CrowdStrike targets Google Cloud, Azure and container adopters

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

March 3, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

How to Use Azure Sentinel to Protect Against the Exchange Zero-day

March 3, 2021

We bring you the best, latest and perfect Azure Sentinel News, Magazine, Personal Blogs, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA March 5, 2021
  • How to Take Advantage of the New Virus Total Logic App Connector for Your Azure Sentinel Playbooks March 4, 2021
  • How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository March 3, 2021

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

[mc4wp_form]

Copyright © 2020 - Azure Sentinel News

No Result
View All Result
  • Home
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence

Copyright © 2020 Azure Sentinel News