I thought id write something up for anyone wanting to setup Microsoft Sentinel for the first time, but are unsure how.
Below are the steps to build and enable Microsoft Sentinel
Log into Microsoft Azure https://portal.azure.com
Find the subscription you want to use to create your Microsoft Sentinel Workspace
Create a resource group if you don't have one already
Click create and search for Azure Sentinel (make sure to click "Azure Services Only"
Click Create
Click Add
Click "Create a new workspace"
Give the new Workspace name, location and resource group details
Click Review + Create
Wait for the new workspace to be created
Select the new workspace and click Add
This will add the Microsoft Sentinel solution to the Log Analytics Workspace
Microsoft Sentinel has now been successfully created
コメント