Own Microsoft Sentinel Workbook is planned? Or recommended Microsoft Sentinel Workbook?

SwiftOnSecurity / sysmon-config

Sysmon configuration file template with default high-quality event tracing

4.68k stars 1.69k forks source link

Own Microsoft Sentinel Workbook is planned? Or recommended Microsoft Sentinel Workbook? #163

Open michalzobec opened 2 years ago

michalzobec commented 2 years ago

Hello,

I begin use Microsoft Sentinel and I want use your sysmon config. But I missing Microsoft Sentinel Workbook for this sysmon config. Is in plan? Or can you recommend some workbook? Or how you analyze generated events from your sysmon config?

thank you very much for your work and help. :)

Michal

michalzobec commented 2 years ago

nobody use Microsoft Sentinel SIEM?

michalzobec commented 1 year ago

hello, still nobody know?