question

Rohit-3772 avatar image
0 Votes"
Rohit-3772 asked ·

Azure Sentinel

I want to build a custom rule on Sentinel and data source would be the Azure Firewall. Please provide me the query for the rule.

Few rule like below:
1. Port Scan(Horizontal and Vertical)

azure-sentinel
· 1
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi, have you looked at this?


0 Votes 0 ·

1 Answer

JasonSmyth-2826 avatar image
0 Votes"
JasonSmyth-2826 answered ·

Hello,

As a starting point, have you reviewed: https://docs.microsoft.com/en-us/azure/sentinel/connect-azure-firewall

Jason S.

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.