Azure
/
Azure-Sentinel
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
Azure-Sentinel/Tools/Archive-Log-Tool
История
Sreedhar Ande 1536c265be
Update README.MD 		2023-11-09 13:40:52 -08:00
..
ArchiveLogsTool-PowerShell Update README.MD 2023-11-09 13:40:52 -08:00
ArchiveLogsTool-Workbook Update Basic-Archive-Logs-Tool.json 2022-03-02 15:32:50 -05:00
images Added README 2022-02-18 01:02:07 -08:00
README.MD Deleted Prerequisites 2022-03-09 22:13:09 -08:00

README.MD

Review and Manage Data Table Retention

Authors : Matt Lowe; Sreedhar Ande

With the introduction of the new Search, Archive, and Restoration features within Microsoft Sentinel and Azure Log Analytics, it is imperative that the retention on tables with the workspace is monitored. To make this process easier, this tool has been developed within Microsoft Sentinel Workbooks. This tool allows users to perform the following:

  • Identify tables within the workspace.
  • Identify search tables that have been generated within the workspace.
  • Retention set for the table within the workspace
  • Retention set for archiving.
  • Total retention of the data in both the workspace and archive.
  • Update retention for the data in the workspace and archive.

Tools

  1. PowerShell Script
  2. Workbook