I want to build a custom rule on Sentinel and data source would be the Azure Firewall. Please provide me the query for the rule.
Few rule like below:
1. Port Scan(Horizontal and Vertical)
As a starting point, have you reviewed: https://docs.microsoft.com/en-us/azure/sentinel/connect-azure-firewall
1 Person is following this question.