История

Sreedhar Ande df1889e40e Merge pull request #1727 from happy-jo/patch-26 Sentinel-All-In-One Tool fix for PowerShell script location		2021-02-05 10:20:23 -08:00
..
LinkedTemplates	Adjusting target PowerShell script	2021-02-05 10:45:21 -05:00
Scripts	Adding Sentinel All-In-One	2021-01-28 14:17:00 +01:00
README.md	Update README.md	2021-01-28 18:11:44 +01:00
azuredeploy.json	point to master	2021-02-05 15:26:19 +01:00
createUiDefinition.json	fixing some bool variables	2021-02-05 14:54:21 +01:00

README.md

ARM template version

The ARM template in this folder allows you to delploy your Azure Sentinel environments in a few clicks. The template is very easy to use as it comes with a wizard interface that guides you through the setup steps.

The template performs the following tasks:

Creates resource group (if given resource group doesn't exist yet)
Creates Log Analytics workspace (if given workspace doesn't exist yet)
Installs Azure Sentinel on top of the workspace (if not installed yet)
Enables the following Data Connectors:
- Azure Activity
- Azure Security Center
- Azure Active Directory Identity Protection
- Office 365 (Sharepoint, Exchange and Teams)
- Microsoft Cloud App Security
- Azure Advanced Threat Protection
- Microsoft Defender Advanced Threat Protection
- Security Events
- Linux Syslog
- DNS (Preview)
- Windows Firewall
Enables analytics rules for selected Microsoft 1st party products
Enables Fusion rule and ML Behavior Analytics rules for RDP or SSH (if selected)
Enables Scheduled analytics rules that apply to all the enabled connectors