README.md
About
-
This repo contains the Azure Sentinel dashboard gallery.
-
This page describe how to add a new dashboard to the public Azure Sentinel dashboards gallery.
Step 1 - Create Azure Sentinel dashboard:
Follow these instructions to create a new dashboard using a Log Analytics query
Azure Log Analytics Query Language Reference
-
Make sure that you save a 1x1 square for the Azure Sentinel button in the top left corner (this button navigates back to the Azure Sentinel dashboard gallery).
-
Use the Markdown tile for the dashboard standalone titles and the logos.
-
Do not define any time filters on your charts.
Step 2 - Export the dashboard into a JSON file:
-
From the dashboard view, click "Download" - this will download a JSON file to your computer.
-
Edit the JSON file to hide your personal details:
-
Replace the following fields:
Change your subscription ID to "{Subscription_ID}"
Change your resource group to "{Resource_Group}"
Change your name (your workspace ID) to "{Workspace_Name}"
Step 3 - Share the Dashboard JSON with the Azure Sentinel community
In this step you will upload the dashboard JSON, logo, screenshots, and description.
To do this create a single pull request containing the following:
-
Upload the dashboard JSON file to Azure-Sentinel/Dashboards/ repo (make sure the file name is in the format: Text_Text.json).
-
Upload the logo to Azure-Sentinel/Dashboards/Images/Logos/ repo, the logo must be in SVG format (make sure the file name is in the format: text_text.svg).
-
(Optional) Capture two or more screenshots of the dashboard, where at least one is in the white theme and another in the dark theme. Upload the screenshots to Azure-Sentinel/Dashboards/Images/Preview/ repo (make sure the name of the files is in the format: text_text_white1.png, text_text_black1.png )
-
Add a short paragraph that describes the purpose of your dashboard in the pull request comment.