You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/sentinel-security-copilot.md
+9-5Lines changed: 9 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -45,18 +45,22 @@ For more information, see [Microsoft Sentinel in the Microsoft Defender portal](
45
45
46
46
Example: (to be added)
47
47
48
-
## System capabilities of Copilot in Microsoft Sentinel
48
+
## Microsoft Sentinel plugins
49
49
50
50
Copilot in Microsoft Sentinel has the following capabilities in the standalone experience.
51
51
52
+
From the **Microsoft Sentinel (Preview)** plugin:
52
53
- Get Microsoft Sentinel incidents
53
54
- List Microsoft Sentinel workspaces
54
55
55
-
The Microsoft Sentinel plugin for KQL support generates and runs KQL hunting queries using Microsoft Sentinel data for most tables with good confidence.
56
+
The **Natural language to KQL for Microsoft Sentinel (Preview)** plugin generates and runs KQL hunting queries using Microsoft Sentinel data.
56
57
57
-
- Natural language to KQL (NL2KQL) for Microsoft Sentinel
58
+
>[!NOTE]
59
+
> In the [unified Microsoft Defender portal](/defender-xdr/advanced-hunting-microsoft-defender), you can prompt Copilot for Security to generate advanced hunting queries for both Defender XDR and Microsoft Sentinel tables. Not all Microsoft Sentinel tables are currently supported, but support for these tables can be expected in the future.
58
60
59
-
To view these capabilities in Copilot, select the **Prompts** :::image type="icon" source="media/sentinel-security-copilot/prompts.png"::: icon in the prompt bar and select **See all system capabilities**. Scroll down to section for Microsoft Sentinel and Natural language to KQL.
61
+
To view these capabilities in Copilot, select the **Prompts** :::image type="icon" source="media/sentinel-security-copilot/prompts.png"::: icon in the prompt bar and select **See all system capabilities**. Scroll down to the section for Microsoft Sentinel and Natural language to KQL.
62
+
63
+
For more information, see [Copilot for Security in advanced hunting](/defender-xdr/advanced-hunting-security-copilot).
60
64
61
65
### Enable the Microsoft Sentinel plugins in Copilot
62
66
@@ -108,7 +112,7 @@ A useful way to summarize the prompts and responses so far.<br>
108
112
109
113
For more information on sample prompts, see [Rod Trent's Copilot for Security GitHub](https://github.com/rod-trent/Copilot-for-Security/blob/main/Prompts/Plugins/Sentinel.md).
110
114
111
-
###Related articles
115
+
## Related articles
112
116
113
117
-[Microsoft Copilot in Microsoft Defender](/defender-xdr/security-copilot-in-microsoft-365-defender)
114
118
-[Microsoft Defender XDR integration with Microsoft Sentinel](microsoft-365-defender-sentinel-integration.md)
0 commit comments