You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/sentinel-solutions-deploy.md
+16-4Lines changed: 16 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,10 +1,10 @@
1
1
---
2
2
title: Discover and deploy Microsoft Sentinel out-of-the-box content from Content hub
3
3
description: Learn how to find and deploy Sentinel packaged solutions containing data connectors, analytics rules, hunting queries, workbooks, and other content.
4
-
author: austinmccollum
4
+
author: cwatson-cat
5
5
ms.topic: how-to
6
6
ms.date: 03/01/2024
7
-
ms.author: austinmc
7
+
ms.author: cwatson
8
8
appliesto:
9
9
- Microsoft Sentinel in the Azure portal
10
10
- Microsoft Sentinel in the Microsoft Defender portal.
@@ -80,12 +80,22 @@ Here's an example showing the install of an individual solution.
80
80
81
81
The tabs correspond with the content offered by the solution. Different solutions might have different types of content, so you might not see the same tabs in every solution.
82
82
83
-
You might also be prompted to enter credentials to a third party service so that Microsoft Sentinel can authenticate to your systems. For example, with playbooks, you might want to take response actions as prescribed in your system.
83
+
You might also be prompted to enter credentials to a non-Microsoft service so that Microsoft Sentinel can authenticate to your systems. For example, with playbooks, you might want to take response actions as prescribed in your system.
84
84
85
85
1. In the **Review + create** tab, wait for the `Validation Passed` message.
86
86
1. Select **Create** or **Update** to deploy the solution. You can also select the **Download a template for automation** link to deploy the solution as code.
87
87
88
-
Each content type within the solution might require more steps to configure. For more information, see [Enable content items in a solution](#enable-content-items-in-a-solution).
88
+
### Install with dependencies
89
+
90
+
Some solutions have dependencies to install, including many [domain solutions](sentinel-solutions-catalog.md#domain-solutions) and solutions that use the unified AMA connectors for [CEF, Syslog](cef-syslog-ama-overview.md), or [custom logs](connect-custom-logs-ama.md).
91
+
92
+
In such cases, select **Install with dependencies** to ensure that the required data connectors are also installed. From there, select one or more of the dependencies to install them along with the original solution. The original solution you chose to install is always selected by default.
93
+
94
+
If one or more of the dependency solutions is already installed, but has updates, use the **Install/Update** button to both install and update all selected solutions in bulk. For example:
95
+
96
+
:::image type="content" source="media/sentinel-solutions-deploy/install-update-dependencies.png" alt-text="Screenshot of installing multiple solution dependencies in bulk." lightbox="media/sentinel-solutions-deploy/install-update-dependencies.png":::
97
+
98
+
After you install a solution, each content type within the solution might require more steps to configure. For more information, see [Enable content items in a solution](#enable-content-items-in-a-solution).
89
99
90
100
## Bulk install and update content
91
101
@@ -101,6 +111,8 @@ Content hub supports a list view in addition to the default card view. Select th
101
111
102
112
1. Select **Manage** for each solution you installed. Content types within the solution might require more information for you to configure. For more information, see [Enable content items in a solution](#enable-content-items-in-a-solution).
103
113
114
+
115
+
104
116
## Enable content items in a solution
105
117
106
118
Centrally manage content items for installed solutions from the content hub.
Copy file name to clipboardExpand all lines: articles/sentinel/whats-new.md
+12-1Lines changed: 12 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: Learn about the latest new features and announcement in Microsoft S
4
4
author: yelevin
5
5
ms.author: yelevin
6
6
ms.topic: concept-article
7
-
ms.date: 08/18/2024
7
+
ms.date: 09/04/2024
8
8
---
9
9
10
10
# What's new in Microsoft Sentinel
@@ -248,12 +248,23 @@ To learn more about the Syslog and CEF connectors, see [Ingest Syslog and CEF lo
248
248
249
249
## February 2024
250
250
251
+
-[Install domain solutions with dependencies](#install-domain-solutions-with-dependencies)
251
252
-[Microsoft Sentinel solution for Microsoft Power Platform preview available](#microsoft-sentinel-solution-for-microsoft-power-platform-preview-available)
252
253
-[New Google Pub/Sub-based connector for ingesting Security Command Center findings (Preview)](#new-google-pubsub-based-connector-for-ingesting-security-command-center-findings-preview)
253
254
-[Incident tasks now generally available (GA)](#incident-tasks-now-generally-available-ga)
254
255
-[AWS and GCP data connectors now support Azure Government clouds](#aws-and-gcp-data-connectors-now-support-azure-government-clouds)
255
256
-[Windows DNS Events via AMA connector now generally available (GA)](#windows-dns-events-via-ama-connector-now-generally-available-ga)
256
257
258
+
### Install domain solutions with dependencies
259
+
260
+
Some Microsoft Sentinel content hub solutions, including many [domain solutions](sentinel-solutions-catalog.md#domain-solutions) and solutions that use the unified AMA connectors for [CEF, Syslog](cef-syslog-ama-overview.md), or [custom logs](connect-custom-logs-ama.md), don't necessarily include a data connector of their own. Instead, they rely on data connectors from other solutions to provide visibility in a specific area across data connectors. The data connectors they use are prerequisites for the domain solution to work properly.
261
+
262
+
When installing a domain solution, you can now select **Install with dependencies** to ensure that the data connectors required by the domain solution are also installed:
263
+
264
+
:::image type="content" source="media/whats-new/dependencies.png" alt-text="Screenshot of the new Install with dependencies button.":::
265
+
266
+
For more information, see [Install with dependencies](sentinel-solutions-deploy.md#install-with-dependencies) and [Domain solutions](sentinel-solutions-catalog.md#domain-solutions).
267
+
257
268
### Microsoft Sentinel solution for Microsoft Power Platform preview available
258
269
259
270
The Microsoft Sentinel solution for Power Platform (preview) allows you to monitor and detect suspicious or malicious activities in your Power Platform environment. The solution collects activity logs from different Power Platform components and inventory data. It analyzes those activity logs to detect threats and suspicious activities like the following activities:
0 commit comments