In this post we go through the basic setup of Microsoft Sentinel. The minimum requirement needed is to create a Log Analytic Workspace and connect this one with Microsoft Sentinel.
- Navigate to Microsoft Sentinel blade and click on “Create”
2. Because we have no eligible Log Analytic workspace we create a new one. Keep in mind that security relevant data should be kept seperate from operational data. Click on “Create a new workspace”.
3. To have every Microsoft Sentinel resource in an own group, I create a new resource group. In my case Log Analytic Workspace will be located (Region) in Germany West Central.
4. Some tags for later use (AppName, Owner, …) are added. Now Log Analytic Workspace will be created.
5. As soon as the workspace is created, it has to be linked with Microsoft Sentinel. Click on Log Analytic Workspace and “Add”.
6. When Microsoft Sentinel is deployed, an info bar reminds you that a free trial is activated.
You are done. Microsoft Sentinel is deployed! *yeah*
!!!At this moment no cost will be charged as long as no features are used!!!
Watch out for my latest blog post: “What is Microsoft Sentinel?”.
For Azure topics in general check out category “Azure”.
Please leave a comment which topics you would like me to cover in the next blog post.
[…] my post about „First steps setting up Microsoft Sentinel“ we prepared our Microsoft Sentinel environment to use it for different connectors. Now we want to […]
[…] First steps setting up Microsoft Sentinel […]
[…] Dive into Sentinel by setting up your environment and exploring its capabilities. For detailed setup instructions, refer to First steps setting up Microsoft Sentinel. […]