Preparing for AZ-104. Of all the concepts - the most confusing is Monitors & Logs. Glad that I found this video series! Thank you!!

What software are using to make this presentation?

Great description of the differences between Azure and intune devices

great content ..thanks for the video

Hi, I need your support. I am facing one issue that logs coming from network devices as CEF and syslog are directly coming on the OS drive, whereas I want that they should come on a additional data drive. Second question can we separate this ingestion of CEF and sylog in log forwarder VM only ? Please support

can you create vedios for playbook in sentinel which will give exposure for automation

Hi sir, Waiting for automation and playbooks topics. When that will be released? Please let us know.

Can we expect more videos on Sentinel???

HEllo, for those who wants to migrate the incident/ Alert management to management used what on premise? Otherwise sentinel replaces which tools plz?

A question plz: if I understand well sentinel is both for siem and soar. Do you think that customer may use sentinel for siem and another tool for soar?? For which reason they do that and which kind of tools they may use for soar for example ? Thanks

Amazingly well explained, so thankful that you took the time to put this out. Congratulations on your work and commitment.

Hello sir, How i can reach out you

I mean no words, The way you explained this is awesome. Please can you share the complete series on LAW and DCR.

great work ..

Terrific Video... I love how you present complex Microsoft technology and very easy sequencial steps.. thanks you very much for create all that material for the community. 😁😁😁😁😁

Your videos are very helpful to understand easily. Could you pls make a video on how to integrate monitoring with service now to create tickets and also how azure services can integrate with splunk or checkmk to monitor the azure infra

really nice one

Is there any way to filter the logs by using dcr pipeline before it sends to sentinel. as per the refferance we need to validate the logs and then to remove it which means logs will be ingested to workspace and in production deployment the size of the logs will be enourmous. How ever if the logs from 2 differnt types of firewall is coming under one table and using one dcr then at that time we would need to specify the device vendor as well to get it filterout right.

Al Mill

I see this was uploaded 3 years ago, but today also this video is super helpful in terms of explanation and examples you provided.

Thank you for the information. It was a good informative video.

Please do how to create playbooks in sentinel

Can I send Prometheus metrics of an application running on my azure VM to the monitor workspace?

Do you have any Video which would show Real life Examples of Ms Sentinel ?

you, sir, are a scholar and a genius - made it easy peasy. Much thanks!

Thank you for giving good concepts. Waiting for other types of Analytics rules in Sentinel like Fusion, Anamoly.... Also waiting for playbooks, workbooks...

26:37: table transforms don't work.

I really haven't seen anyone explain such a monotonous subject as clean, concise, beautiful and humorous as you, my friend. I really congratulate you. you made a great narration.

Fantastic and well-presented series about Log analytics and associated subjects. I think Microsoft should hire you to teach people with their product. The best videos ever, without complicating the subject matter. a million Kudos !!!!!!!!!!!!!!!

Perfect !!!!!

Hi Thanks for creating such a fabulous content - your videos and really helpful. They're crystal clear and easy to understand. Quick question: Towards the end of this video, you mention that next video will be "Configuring Advanced Settings for MDATP on Linux". However, I'm unable to locate that on your channel. Any chance you can share the link of that video here? Thanks

Great work

Hi sir I Request you kindly cover these Below Topics in Microsoft Sentinel course Hunting TTPs of APT Groups & mapping them with MITRE ATT&CK Framework creating Heat Maps for the reference to MITRE ATT&CK Framework for the Detection coverage Hunting Live APT Actors & Identify the potential IOCs How to Mitigate security Breaches to proactively Hunting the Threat Actors specially Ransomware How to Create Standard Operation Procedure(SOP) Documents as per Security Incident Thanks in Advance & Have a Nice day.

Hi sir I Request you kindly cover these Below Topics in Microsoft Sentinel course Hunting TTPs of APT Groups & mapping them with MITRE ATT&CK Framework creating Heat Maps for the reference to MITRE ATT&CK Framework for the Detection coverage Hunting Live APT Actors & Identify the potential IOCs How to Mitigate security Breaches to proactively Hunting the Threat Actors specially Ransomware How to Create Standard Operation Procedure(SOP) Documents as per Security Incident Thanks in Advance & Have a Nice Day.

Hi sir Appreciate your knowledge & Command on Microsoft Sentinel, Hard work Making these videos I dont know why your channel Not Got Highlighted In RU-vid for your Videos(I belive you have made some videos Private/memebers Only) Thats the Reason your Videos Are Not Reaching Many people around Global, So i Request you to make change by removing private options, so that Many students get know about your channel & your wonderful content, even views automatically get generated & many more students subscribe your channel, That was my opinion as your student Thanks in advance & Have a great year ahead

Could you share interview questions like real time for 5 yr work exp candidates?

tysm

i have a question - these logs that are retained up to 7 years , are they retained directly into Log analytics workspace or somewhere else ? Very good video!

great video, i like that you went in and showed it all without skipping some of the options/configurations

Hello sir your vodeos are very helpfull and do one video on ddos dos phishing analysis Thank you

Just want to say thank you for your awesome work on this subject. Thank you

The new claim: Department will not show on the Token Claims page if its not populated in the User Profile.

Hey @ 11:00 what is the difference between storing and processing in this context ? what does it means data processed in only two location ? does this means, part of the data, let's say the response of KQL queries or graphs will be in US or Europe even if the data was stored else where ?

After this series - Looking for dedicated playlist on Logic apps and automation for Security Operation Center use cases 🙏

Hi sir Your videos are very helpfull please do videos about DDos dos and phishing analysis complete videos Thank you

Excellent, Thankyou so much. Can you please make a video on migrating from MMA to AMA.

please dont talk and use the mouse at the same time its insane

The way he explains each and every technical aspect of technology is really exceptional. I really appreciate your time and efforts you put to educate all of us. Thank you once again.