9c4c79e80d
|
||
|---|---|---|
| .. | ||
| azuredeploy.json | ||
| readme.md | ||
readme.md
Define, Track, and Complete Key Deployment and Migration Tasks
Author: Matt Lowe
This watchlist is meant to be used in tandem with the Deployment and Migration workbook within the Microsoft Sentinel WOrkbook Gallery or GitHub repository. This watchlist assists with defining, tracking, and completing the key actions during a Microsoft Sentinel deployment/migration. It is a key resource for the solution so please make sure to deploy it.
Pre-requisites
To deploy, users will need:
- An Azure Subscription.
- An Microsoft Sentinel workspace and instance.
- A user that has Microsoft Sentinel Contirbutor permissions on the Resource Group that Microsoft Sentinel is located in and the name of the workspace that this watchlist should be tied to. Note: If deploying any Microsoft Defender or Azure Active Directory connector, Global Administrator or Security Administrator will be needed at the tenant level.
Deployment Process
Option 1
- Click on the "Deploy to Azure" button.
- Once in the Azure Portal, select the Subscription and Resource Group that Microsoft Sentinel is under and the name of the workspace that this watchlist should be tied to.
- Click "Review and Create".
- Click "Create".
- Within a minute or two, the template should deploy and the Watchlist should appear within the Microsoft Sentinel environment.
Option 2
- Enter the template within the GitHub folder.
- In the top right corner, select Raw.
- Copy the raw text within the template.
- Go to the Azure Portal.
- Within the search bar at the top, type "Deploy" and select "Deploy a custom template".
- Select "build my own template".
- Within the template space, paste the text copied from GitHub.
- Select the Subscription and Resource Group that Microsoft Sentinel is under.
- Click "Review and Create".
- Click "Create".
- Within a minute or two, the template should deploy and the Watchlist should appear within the Microsoft Sentinel environment.