You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/sentinel-solutions-deploy.md
+10-12Lines changed: 10 additions & 12 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,9 +18,7 @@ appliesto:
18
18
19
19
The Microsoft Sentinel Content hub is your centralized location to discover and manage out-of-the-box (built-in) content. There you find packaged solutions for end-to-end products by domain or industry. You have access to the vast number of standalone contributions hosted in our GitHub repository and feature blades.
20
20
21
-
- Discover solutions and standalone content using AI based search and filtering based on status, content type, support, provider, and category.
22
-
23
-
- Expand solutions to learn more about the content items that they comprise of, to better understand the value they provide.
21
+
- Discover solutions and standalone content with a consistent set of filtering capabilities based on status, content type, support, provider, and category.
24
22
25
23
- Install content in your workspace all at once or individually.
26
24
@@ -43,28 +41,27 @@ For more information about other roles and permissions supported for Microsoft S
43
41
44
42
## Discover content
45
43
46
-
The content hub offers the best way to find new content or manage the solutions you already installed. Search to find solutions, standalone content items, or content included in solutions. To refine your search, use the filters. For more information, see [Categories for Microsoft Sentinel out-of-the-box content and solutions](sentinel-solutions.md#categories-for-microsoft-sentinel-out-of-the-box-content-and-solutions).
47
-
44
+
The content hub offers the best way to find new content or manage the solutions you already installed.
48
45
49
46
1. For Microsoft Sentinel in the [Azure portal](https://portal.azure.com), under **Content management**, select **Content hub**.<br> For Microsoft Sentinel in the [Defender portal](https://security.microsoft.com/), select **Microsoft Sentinel** > **Content management** > **Content hub**.
50
47
51
48
The **Content hub** page displays a searchable grid or a list of solutions and standalone content.
52
49
53
-
1. Search for the solutions, standalone content items, or content included in solutions. Use the AI search field or filter by selecting specific values from the filters. Using AI search allows you to perform a fuzzy search and use approximate vocabulary.
50
+
1. Filter the list displayed, either by selecting specific values from the filters, or entering any part of a content name or description in the **Search** field.
51
+
52
+
For more information, see [Categories for Microsoft Sentinel out-of-the-box content and solutions](sentinel-solutions.md#categories-for-microsoft-sentinel-out-of-the-box-content-and-solutions).
54
53
55
-
1. Select enter to search based on your search string. The number of search results is limited to 50 items, including solutions and content items found within solutions. If you didn't find what you are looking for, refine your search expression or use additional filters.
54
+
1. Select the **Card view**to view more information about a solution.
56
55
57
-
1. Select the solution or content item from the list to view information about it.
56
+
Each content item shows categories that apply to it, and solutions show the types of content included. For example, in the following image, the **Cisco Umbrella** solution lists one of its categories as **Security - Cloud Security**, and indicates it includes a data connector, analytics rules, hunting queries, playbooks, and more.
58
57
59
-
#### [Azure portal](#tab/azure-portal)
58
+
59
+
#### [Azure portal](#tab/azure-portal)
60
60
:::image type="content" source="./media/sentinel-solutions-deploy/solutions-list.png" alt-text="Screenshot of the Microsoft Sentinel content hub in the Azure portal.":::
61
61
62
62
#### [Defender portal](#tab/defender-portal)
63
63
:::image type="content" source="./media/sentinel-solutions-deploy/solutions-list-defender.png" alt-text="Screenshot of the Microsoft Sentinel content hub in the Defender portal.":::
64
64
65
-
1. Expand a solution in the result set using the arrow on the left side to view the list of content items it includes. The information pane on the left presents detailed information about the content item.
66
-
67
-
1. To use a content item which is part of a solution, install the solution. Select **install solution** on the information panel of the content item. This action installs the solution that the content item is part of.
68
65
69
66
## Install or update content
70
67
@@ -226,3 +223,4 @@ In this document, you learned how to find and deploy built-in solutions and stan
226
223
Many solutions include data connectors that you need to configure so that you can start ingesting your data into Microsoft Sentinel. Each data connector has its own set of requirements that are detailed on the data connector page in Microsoft Sentinel.
227
224
228
225
For more information, see [Connect your data source](data-connectors-reference.md).
0 commit comments