You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/sentinel-security-copilot.md
+5-1Lines changed: 5 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -23,7 +23,7 @@ Microsoft Copilot for Security is a platform that helps you defend your organiza
23
23
Together with the iterative processing of other sophisticated Copilot for Security sources you enable, your Microsoft Sentinel incidents and data provide wider visibility into threats and their context for your organization.
24
24
25
25
> [!IMPORTANT]
26
-
> The Microsoft Sentinel and Natural Language to KQL for Microsoft Sentinel plugins are currently in PREVIEW. The [Azure Preview Supplemental Terms](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) include additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
26
+
> The "Microsoft Sentinel" and "Natural Language to KQL for Microsoft Sentinel" plugins are currently in PREVIEW. The [Azure Preview Supplemental Terms](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) include additional legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
27
27
>
28
28
29
29
## Microsoft Copilot in Microsoft Sentinel (Preview)
@@ -75,15 +75,19 @@ Increase your prompt accuracy when you have access to multiple Microsoft Sentine
75
75
For guidance on writing effective prompts, see [Prompting in Microsoft Copilot for Security](/security-copilot/prompting-security-copilot). Here are some examples:
76
76
77
77
- The second part of this prompt nudges Copilot to provide human readable information instead of responding with object IDs.
78
+
78
79
`*Show me Sentinel incidents that were closed as a false positive. Supply the Incident number, Incident Title, and the time they were created.*`
79
80
80
81
- Copilot knows who you are.
82
+
81
83
`*What Sentinel incidents created in the last 24 hours are assigned to me? List them with highest priority incidents at the top.*`
82
84
83
85
- When you narrow a prompt response down to a single incident, Copilot knows the context.
86
+
84
87
`*Tell me about the entities associated with that incident.*`
85
88
86
89
- A useful way to summarize the prompts and responses so far.
90
+
87
91
`*Write an executive report summarizing this investigation. It should be suited for a nontechnical audience.*`
88
92
89
93
For more information on sample prompts, see [Rod Trent's Copilot for Security GitHub](https://github.com/rod-trent/Copilot-for-Security/blob/main/Prompts/Plugins/Sentinel.md).
0 commit comments