Azure-Sentinel/Dashboards
morshabi c7d7adfbb0
Update DashboardsMetadata.json
2019-07-31 19:01:59 +03:00
..
Images Delete f5.svg 2019-07-04 09:07:52 +03:00
AWS_network_activities.json Update AWS_network_activities.json 2019-06-24 10:23:21 +03:00
AWS_user_activities.json Update AWS_user_activities.json 2019-04-18 10:18:03 +03:00
Attivo.json Removed logo 2019-05-15 15:36:48 -07:00
AzureNetworkWatcher.json Update AzureNetworkWatcher.json 2019-04-18 10:19:13 +03:00
Azure_AD_Audit_Logs.json Update Azure_AD_Audit_Logs.json 2019-04-18 10:21:13 +03:00
Azure_AD_Signins.json Update Azure_AD_Signins.json 2019-06-10 17:40:25 +03:00
Azure_Active_Directory.json add telemetry 2019-04-18 10:59:03 +03:00
Azure_Activity.json add telemetry 2019-04-18 10:59:03 +03:00
Azure_Firewall.json Update Azure_Firewall.json 2019-05-01 19:15:50 +03:00
Azure_Information_Protection_Usage.json Update Azure_Information_Protection_Usage.json 2019-07-17 17:58:04 +08:00
Check_Point_Software_Technologies.json add telemetry 2019-04-18 10:59:03 +03:00
Cisco.json add telemetry 2019-04-18 10:59:03 +03:00
CyberArk_Dashboard.json Update CyberArk_Dashboard.json 2019-07-04 10:05:25 +03:00
Cylance.json add telemetry 2019-04-18 10:59:03 +03:00
DNS.json add telemetry 2019-04-18 10:59:03 +03:00
DashboardsMetadata.json Update DashboardsMetadata.json 2019-07-31 19:01:59 +03:00
Exchange_Online.json add telemetry 2019-04-18 10:59:03 +03:00
F5NetworksDashboard.json Update F5NetworksDashboard.json 2019-07-31 18:59:53 +03:00
FortiGate.json add telemetry 2019-04-18 10:59:03 +03:00
Identity_and_Access.json add telemetry 2019-04-18 10:59:03 +03:00
Insecure_Protocols.json Update Insecure_Protocols.json 2019-07-24 18:28:43 +03:00
Juniper.json add telemetry 2019-04-18 10:59:03 +03:00
Linux_machines.json add telemetry 2019-04-18 10:59:03 +03:00
Microsoft_WAF.json add telemetry 2019-04-18 10:59:03 +03:00
Office_365.json add telemetry 2019-04-18 10:59:03 +03:00
Palo_Alto.json add telemetry 2019-04-18 10:59:03 +03:00
Palo_Alto_Networks_Threat_Dashboard.json add telemetry 2019-04-18 10:59:03 +03:00
README.md Update README.md 2019-05-06 11:48:39 +03:00
SharePoint_and_OneDrive.json add telemetry 2019-04-18 10:59:03 +03:00
Symantec_Security_Overview_Dashboard.json Update Symantec_Security_Overview_Dashboard.json 2019-07-01 18:28:42 +03:00
Symantec_URL_threats_overview_dashboard.json Update Symantec_URL_threats_overview_dashboard.json 2019-06-25 20:35:33 +03:00
Symantec_file_threats_overview_dashboard.json Update Symantec_file_threats_overview_dashboard.json 2019-06-27 09:47:11 +03:00
Symantec_threats_overview_dashboard.json Update Symantec_threats_overview_dashboard.json 2019-06-25 20:34:54 +03:00
Threat_Intelligence_Dashboard.json Update Threat_Intelligence_Dashboard.json 2019-06-10 17:25:27 +03:00
VM_Insights.json add telemetry 2019-04-18 10:59:03 +03:00

README.md

About

  • This repo contains the Azure Sentinel dashboard gallery.

  • This page describe how to add a new dashboard to the public Azure Sentinel dashboards gallery.

Step 1 - Create Azure Sentinel dashboard:

Follow these instructions to create a new dashboard using a Log Analytics query

Azure Log Analytics Query Language Reference

  • Make sure that you save a 1x1 square for the Azure Sentinel button in the top left corner (this button navigates back to the Azure Sentinel dashboard gallery).

  • Use the Markdown tile for the dashboard standalone titles and the logos.

  • Do not define any time filters on your charts.

Step 2 - Export the dashboard into a JSON file:

  • From the dashboard view, click "Download" - this will download a JSON file to your computer.

  • Edit the JSON file to hide your personal details:

  • Replace the following fields:

Change your subscription ID to "{Subscription_ID}"

Change your resource group to "{Resource_Group}"

Change your name (your workspace ID) to "{Workspace_Name}"

Step 3 - Share the Dashboard JSON with the Azure Sentinel community

In this step you will upload the dashboard JSON, logo, screenshots, and description.

To do this create a single pull request containing the following:

  1. Upload the dashboard JSON file to Azure-Sentinel/Dashboards/ repo (make sure the file name is in the format: Text_Text.json).

  2. Upload the logo to Azure-Sentinel/Dashboards/Images/Logos/ repo, the logo must be in SVG format (make sure the file name is in the format: text_text.svg).

  3. (Optional) Capture two or more screenshots of the dashboard, where at least one is in the white theme and another in the dark theme. Upload the screenshots to Azure-Sentinel/Dashboards/Images/Preview/ repo (make sure the name of the files is in the format: text_text_white1.png, text_text_black1.png )

  4. Add a short paragraph that describes the purpose of your dashboard in the pull request comment.