You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/whats-new.md
-31Lines changed: 0 additions & 31 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -27,37 +27,6 @@ If you're looking for items older than six months, you'll find them in the [Arch
27
27
>
28
28
> You can also contribute! Join us in the [Microsoft Sentinel Threat Hunters GitHub community](https://github.com/Azure/Azure-Sentinel/wiki).
29
29
30
-
## February 2022
31
-
32
-
[Search across long time spans in large datasets (public preview)](#search-across-long-time-spans-in-large-datasets-public-preview)
33
-
34
-
### Search across long time spans in large datasets (public preview)
35
-
36
-
Use a search job when you start an investigation to find specific events in logs within a given time frame. You can search all your logs, filter through them, and look for events that match your criteria.
37
-
38
-
Search jobs are asynchronous queries that fetch records. The results are returned to a search table that's created in your Log Analytics workspace after you start the search job. The search job uses parallel processing to run the search across long time spans, in extremely large datasets. So search jobs don't impact the workspace's performance or availability.
39
-
40
-
Use search to find events in any of the following log types:
You can also search analytics or basic log data stored in [archived logs (preview)](../azure-monitor/logs/azure-monitor-archived-logs.md).
46
-
47
-
For more information, see:
48
-
49
-
-[Start an investigation by searching large datasets (preview)](investigate-large-datasets.md)
50
-
-[Search across long time spans in large datasets (preview)](search-jobs.md)
51
-
52
-
53
-
### Restore archived logs from search (public preview)
54
-
55
-
When you need to do a full investigation on data stored in archived logs, restore a table from the **Search** page in Microsoft Sentinel. Specify a target table and time range for the data you want to restore. Within a few minutes, the log data is restored and available within the Log Analytics workspace. Then you can use the data in high-performance queries that support full KQL.
56
-
57
-
For more information, see:
58
-
59
-
-[Start an investigation by searching large datasets (preview)](investigate-large-datasets.md)
60
-
-[Restore archived logs from search (preview)](restore.md)
0 commit comments