search

netevert / sentinel-attack

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
MIT License
1.05k stars 207 forks source link

cost related to doing the sentinel attack ? #20

Closed ssi0202 closed 4 years ago

ssi0202 commented 4 years ago

hi is there anywhere i can get input as to caculating what cost a setup like what you have build here for approx 100 servers

i have run sysmon and can see that my servers individually generate an approx abount of data pr day. This is easy to multiply and I can also look at the cost calculator in terms of GB sent to sentinel.

But what about the ksql queries, will i not get additional cost if i set these to run at 5,10,15 min interval, and will this cost not go up as I apply more of the ksql queries ?

netevert commented 4 years ago

Added costs paragraph on wiki home page