You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/whats-new.md
+17-2Lines changed: 17 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: This article describes new features in Microsoft Sentinel from the
4
4
author: batamig
5
5
ms.author: bagol
6
6
ms.topic: conceptual
7
-
ms.date: 01/31/2022
7
+
ms.date: 03/01/2022
8
8
ms.custom: ignite-fall-2021
9
9
---
10
10
@@ -27,11 +27,26 @@ If you're looking for items older than six months, you'll find them in the [Arch
27
27
>
28
28
> You can also contribute! Join us in the [Microsoft Sentinel Threat Hunters GitHub community](https://github.com/Azure/Azure-Sentinel/wiki).
29
29
30
+
## March 2022
31
+
32
+
-[Create a large watchlist from file in Azure Storage (public preview)](#create-a-large-watchlist-from-file-in-azure-storage-public-preview)
33
+
34
+
### Create a large watchlist from file in Azure Storage (public preview)
35
+
36
+
Create a watchlist from a large file that's up to 500 MB in size by uploading the file to your Azure Storage account. When you add the watchlist to your workspace, you provide a shared access signature URL. Microsoft Sentinel uses the shared access signature URL to retrieve the watchlist data from Azure Storage.
37
+
38
+
For more information, see:
39
+
40
+
-[Use watchlists in Microsoft Sentinel](watchlists.md)
41
+
-[Create watchlists in Microsoft Sentinel](watchlists-create.md)
42
+
30
43
## February 2022
31
44
32
45
-[View MITRE support coverage (Public preview)](#view-mitre-support-coverage-public-preview)
33
46
-[View Azure Purview data in Microsoft Sentinel](#view-azure-purview-data-in-microsoft-sentinel-public-preview)
34
47
-[Manually run playbooks based on the incident trigger (Public preview)](#manually-run-playbooks-based-on-the-incident-trigger-public-preview)
48
+
-[Search across long time spans in large datasets (public preview)](#search-across-long-time-spans-in-large-datasets-public-preview)
49
+
-[Restore archived logs from search (public preview)](#restore-archived-logs-from-search-public-preview)
35
50
36
51
### View MITRE support coverage (Public preview)
37
52
@@ -618,7 +633,7 @@ Watchlist templates currently include:
618
633
-**High Value Assets**. A list of devices, resources, or other assets that have critical value in the organization.
619
634
-**Network Mapping**. A list of IP subnets and their respective organizational contexts.
620
635
621
-
For more information, see [Create a new watchlist using a template](watchlists-create.md#create-a-watchlist-by-using-a-template-public-preview) and [Built-in watchlist schemas](watchlist-schemas.md).
636
+
For more information, see [Create watchlists in Microsoft Sentinel](watchlists-create.md) and [Built-in watchlist schemas](watchlist-schemas.md).
0 commit comments