Use Sentinel onboarding API to create new sentinel workspaces
Why
Sentinel workspaces are LA workspaces with many custom features enabled on top. Doing this manually can be error prone. For example, the current implementation does not enable anomalies which is required for many analytic rules to work properly.
Onboarding API takes care of setting up the workspace with the correct settings.
Changes
Use Sentinel onboarding API to create new sentinel workspaces
Why
Sentinel workspaces are LA workspaces with many custom features enabled on top. Doing this manually can be error prone. For example, the current implementation does not enable anomalies which is required for many analytic rules to work properly.
Onboarding API takes care of setting up the workspace with the correct settings.
Some more information about the onboarding API: https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/what-s-new-azure-sentinel-new-onboarding-offboarding-api/ba-p/2640471