Azure
/
Azure-Sentinel
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
Azure-Sentinel/Notebooks
История
Ian Hellen 503e6413ba Updated Readme to point users to new GitHub location 2019-11-01 16:22:01 -07:00
..
BehaviorAnalytics/UserSecurityMetadata
HowTos
Sample-Notebooks
SentinelUtilities
Test
utils
ConfiguringNotebookEnvironment.ipynb
Get Started.ipynb
Guided Hunting - Office365-Exploring.ipynb
Guided Hunting - Windows-Host-Explorer.ipynb
Guided Investigation - Anomaly Lookup.ipynb
Guided Investigation - Process-Alerts.ipynb
README.md
SigmaRuleImporter.ipynb
config.json
requirements.txt

README.md

Azure Notebooks for Azure Sentinel

Warning! The contents of this folder have moved.

The notebooks and support files in this folder have moved to the Azure-Sentinel-Notebooks repo. This new location will be the main repository for Azure Sentinel notebooks and all new and updated content will be posted there. Existing files have been left here to support links to these locations. The files here will not be maintained or updated.

What is Azure Notebooks?

Azure Notebooks is a free hosted service to develop and run Jupyter notebooks in the cloud with no installation. Jupyter is an open source project that lets you easily combine markdown text, executable code (Python, R, and F#), persistent data, graphics, and visualizations onto a single, sharable canvas called a notebook.

How do Azure Notebooks work?

Interactive Azure Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors. Each Azure Notebook is purpose-built with a self-contained workflow for a specific use case. Visualizations are included in each Azure Notebook for faster data exploration and threat hunting. Click on the button below to clone our prebuilt investigation and hunting Azure Notebooks into projects that belong to you. Modify and tailor your projects to your environment. Either run the Azure Notebooks for free or, for better performance, run them on a dedicated virtual host. Click here to learn more

Using the Notebooks locally or in other environments

Azure Sentinel will provision notebooks and supporting modules for you in Azure Notebooks. You can also download the notebooks and modules and use them locally in a supported Python environment (Anaconda Distribution is recommended) or another notebook hosting environment such as Azure Databricks or a JupyterHub environment that supports Python 3.6 or later.

Interactive in Azure (requires logging in):

View Get Started notebook

Other resources

  • View sample notebooks in the Sample-Notebooks folder
  • How tos and Troubleshooting in the How-Tos folder

Feedback

For questions or feedback, please contact AzureSentinel@microsoft.com