900 XP
Data normalization in Microsoft Sentinel
By the end of this module, you're able to use Advanced Security Information Model (ASIM) parsers to identify threats inside your organization.
Learning objectives
After completing this module, you'll be able to:
- Use ASIM Parsers
- Create ASIM Parser
- Create parameterized KQL functions
Start
Add
Prerequisites
Basic knowledge of Kusto Query Language (KQL).
This module is part of these learning paths
Module assessment
Assess your understanding of this module. Sign in and answer all questions correctly to earn a pass designation on your profile.
Take the module assessment