11# ## YamlMime:Landing
22
33title : Microsoft Sentinel documentation # < 60 chars
4- summary : This article presents use cases to get started using Microsoft Sentinel. See and stop threats before they cause harm, with SIEM reinvented for a modern world. Microsoft Sentinel is your birds-eye view across the enterprise. # < 160 chars
4+ summary : Microsoft Sentinel provides attack detection, threat visibility, proactive hunting, and threat response to help you stop threats before they cause harm. # < 160 chars
55
66metadata :
77 title : Microsoft Sentinel documentation
8- description : This article presents use cases and scenarios to get started using Microsoft Sentinel. See and stop threats before they cause harm, with SIEM reinvented for a modern world. Microsoft Sentinel is your birds-eye view across the enterprise .
8+ description : Microsoft Sentinel provides attack detection, threat visibility, proactive hunting, and threat response to help you stop threats before they cause harm.
99 ms.service : microsoft-sentinel
1010 ms.topic : landing-page
1111 author : yelevin
1212 ms.author : yelevin
13- ms.date : 11/09/2021
13+ ms.date : 02/15/2024
1414
1515# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new
1616
@@ -24,17 +24,12 @@ landingContent:
2424 links :
2525 - text : What is Microsoft Sentinel?
2626 url : overview.md
27- - text : Useful resources
28- url : resources .md
27+ - text : Best practices
28+ url : best-practices .md
2929 - linkListType : whats-new
3030 links :
3131 - text : What's new in Microsoft Sentinel?
3232 url : whats-new.md
33- - linkListType : concept
34- links :
35- - text : Best practices
36- url : best-practices.md
37-
3833
3934 # Card (optional)
4035 - title : Get started
@@ -43,195 +38,109 @@ landingContent:
4338 links :
4439 - text : Onboard Microsoft Sentinel
4540 url : quickstart-onboard.md
46- - linkListType : concept
41+ - linkListType : deploy
4742 links :
43+ - text : Deployment guide
44+ url : deploy-overview.md
4845 - text : Prerequisites
4946 url : prerequisites.md
50- - linkListType : how-to-guide
51- links :
52- - text : Install Microsoft Sentinel solutions (Preview)
53- url : sentinel-solutions-deploy.md
54- - text : Visualize collected data
55- url : get-visibility.md
56- - text : Investigate incidents
57- url : investigate-cases.md
58- - text : Microsoft Defender XDR integration with Microsoft Sentinel
59- url : microsoft-365-defender-sentinel-integration.md
60- - linkListType : reference
61- links :
62- - text : Content hub catalog
47+ - text : Plan costs
48+ url : billing.md
49+ - text : Find solutions
6350 url : sentinel-solutions-catalog.md
64- - linkListType : learn
51+ - linkListType : how-to-guide
6552 links :
66- - text : Create KQL queries for Microsoft Sentinel
67- url : /training/paths/sc-200-utilize-kql-for-azure-sentinel/
53+ - text : Install solutions and content
54+ url : sentinel-solutions-deploy.md
6855
6956 # Card
7057 - title : Collect data
7158 linkLists :
7259 - linkListType : concept
7360 links :
61+ - text : Microsoft Sentinel data connectors
62+ url : connect-data-sources.md
7463 - text : Data collection best practices
7564 url : best-practices-data.md
7665 - text : Normalizing and parsing data
7766 url : normalization.md
67+ - linkListType : tutorial
68+ links :
69+ - text : Forward Syslog data to Log Analytics workspace
70+ url : forward-syslog-monitor-agent.md
7871 - linkListType : how-to-guide
7972 links :
80- - text : Connect data to Microsoft Sentinel
81- url : connect-data-sources.md
82- - text : Connect Microsoft Defender XDR
83- url : connect-microsoft-365-defender.md
8473 - text : Create a custom connector
8574 url : create-custom-connector.md
8675 - text : Monitor connector health
8776 url : monitor-data-connector-health.md
88- - text : Integrate Azure Data Explorer
89- url : store-logs-in-azure-data-explorer.md
9077 - linkListType : reference
91- links :
92- - text : Data connector reference
78+ links :
79+ - text : Find data connectors
9380 url : data-connectors-reference.md
94- - text : Data source schema reference
95- url : data-source-schema-reference.md
96- - text : CEF log field mapping
97- url : cef-name-mapping.md
98- - text : Network normalization schema
99- url : ./normalization-schema-network.md
100-
101- # Card (optional)
102- - title : Kusto Query Language in Microsoft Sentinel
103- linkLists :
104- - linkListType : concept
105- links :
106- - text : Kusto Query Language in Microsoft Sentinel
107- url : kusto-overview.md
108- - linkListType : tutorial
109- links :
110- - text : Kusto Query Language tutorial (Azure Monitor)
111- url : /azure/data-explorer/kusto/query/tutorial?pivots=azuremonitor
112- - linkListType : learn
113- links :
114- - text : Write your first query with Kusto Query Language
115- url : /training/modules/write-first-query-kusto-query-language/
116- - text : More KQL learning and skilling resources
117- url : kusto-resources.md
118- - linkListType : reference
119- links :
120- - text : KQL quick reference guide
121- url : /azure/data-explorer/kql-quick-reference
81+
12282
12383 # Card (optional)
124- - title : Threat intelligence
84+ - title : Detect threats
12585 linkLists :
12686 - linkListType : concept
12787 links :
128- - text : Understand threat intelligence in Microsoft Sentinel
88+ - text : Understand threat intelligence
12989 url : understand-threat-intelligence.md
130- - text : Threat intelligence integrations
131- url : threat-intelligence-integration.md
132- - linkListType : how-to-guide
133- links :
134- - text : Connect threat intelligence platforms to Microsoft Sentinel
135- url : connect-threat-intelligence-tip.md
136- - text : Connect Microsoft Sentinel to STIX/TAXII feeds
137- url : connect-threat-intelligence-taxii.md
138- - text : Work with threat indicators
139- url : work-with-threat-indicators.md
140-
141- # Card (optional)
142- - title : Threat detection
143- linkLists :
144- - linkListType : concept
145- links :
90+ - text : MITRE ATT&CK® framework
91+ url : mitre-coverage.md
14692 - text : User and entity behavior analytics (UEBA)
14793 url : identify-threats-with-entity-behavior-analytics.md
14894 - text : Customizable anomalies
14995 url : soc-ml-anomalies.md
96+ - linkListType : tutorial
97+ links :
98+ - text : Detect threats by using analytics rules
99+ url : tutorial-log4j-detection.md
150100 - linkListType : how-to-guide
151101 links :
152- - text : Use built-in analytics to detect threats
102+ - text : Detect threats by using built-in analytics
153103 url : detect-threats-built-in.md
154104 - text : Create custom detection rules
155105 url : detect-threats-custom.md
156- - linkListType : reference
157- links :
158- - text : Entities reference
159- url : entities-reference.md
160- - text : UEBA enrichments
161- url : ueba-reference.md
162106
163107 # Card (optional)
164- - title : Threat hunting
108+ - title : Investigate
165109 linkLists :
166110 - linkListType : concept
167111 links :
168- - text : Hunt for threats
112+ - text : Incident investigation and case management
113+ url : incident-investigation.md
114+ - text : Threat hunting
169115 url : hunting.md
170- - linkListType : how-to-guide
171- links :
172- - text : Hunt with Jupyter notebooks
173- url : notebooks.md
174- - text : Hunt with bookmarks
175- url : bookmarks.md
176- - text : Hunt with livestream
177- url : livestream.md
178-
179- # Card (optional)
180- - title : Investigate
181- linkLists :
116+ - text : Kusto Query Language in Microsoft Sentinel
117+ url : kusto-overview.md
182118 - linkListType : tutorial
183119 links :
184120 - text : Investigate with UEBA
185121 url : investigate-with-ueba.md
186122 - linkListType : how-to-guide
187123 links :
188124 - text : Investigate incidents
189- url : investigate-cases.md
125+ url : investigate-incidents.md
126+ - text : Manage incident workflow with tasks
127+ url : work-with-tasks.md
190128 - text : Monitor your data
191129 url : monitor-your-data.md
192- - linkListType : reference
193- links :
194- - text : Commonly used Microsoft Sentinel workbooks
195- url : top-workbooks.md
196-
130+ - text : Conduct end-to-end threat hunting
131+ url : hunts.md
197132
198133# Card (optional)
199134 - title : Respond
200135 linkLists :
201- - linkListType : tutorial
202- links :
203- - text : Respond automatically to threats
204- url : tutorial-respond-threats-playbook.md
205- - text : Use Jupyter Notebooks to hunt for security threats
206- url : notebooks.md
207136 - linkListType : concept
208137 links :
209138 - text : Automation rules
210139 url : automate-incident-handling-with-automation-rules.md
211140 - text : Playbooks
212141 url : automate-responses-with-playbooks.md
213- - linkListType : reference
142+ - linkListType : tutorial
214143 links :
215- - text : SOAR content catalog
216- url : sentinel-soar-content.md
217-
218-
219-
144+ - text : Respond automatically to threats
145+ url : tutorial-respond-threats-playbook.md
220146
221- # Card
222- - title : Manage Microsoft Sentinel
223- linkLists :
224- - linkListType : concept
225- links :
226- - text : Workspace architecture best practices
227- url : best-practices-workspace-architecture.md
228- - linkListType : how-to-guide
229- links :
230- - text : Design your workspace architecture
231- url : design-your-workspace-architecture.md
232- - text : Manage multiple tenants
233- url : multiple-tenants-service-providers.md
234- - text : Work with incidents in multiple workspaces
235- url : multiple-workspace-view.md
236- - text : Manage your intellectual property
237- url : mssp-protect-intellectual-property.md
0 commit comments