Skip to content

Commit d89ad94

Browse files
yelevinyelevin
committed
Adding What's New back in
1 parent 6e2d405 commit d89ad94

File tree

1 file changed

+9
-0
lines changed

1 file changed

+9
-0
lines changed

articles/sentinel/whats-new.md

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,10 +19,19 @@ See these [important announcements](#announcements) about recent changes to feat
1919

2020
## February 2023
2121

22+
- [Audit and monitor the health of your analytics rules (Preview)](#audit-and-monitor-the-health-of-your-analytics-rules-preview)
2223
- [New behavior for alert grouping in analytics rules](#new-behavior-for-alert-grouping-in-analytics-rules) (in [Announcements](#announcements) section below)
2324
- [Microsoft 365 Defender data connector is now generally available](#microsoft-365-defender-data-connector-is-now-generally-available)
2425
- [Advanced scheduling for analytics rules (Preview)](#advanced-scheduling-for-analytics-rules-preview)
2526

27+
### Audit and monitor the health of your analytics rules (Preview)
28+
29+
Microsoft Sentinel's **health monitoring feature is now available for analytics rules** in addition to automation rules, playbooks, and data connectors. Also now available for the first time, and currently only for analytics rules, is Microsoft Sentinel's **audit feature**. The audit feature collects information about any changes made to Sentinel resources (analytics rules) so that you can discover any unauthorized actions or tampering with the service.
30+
31+
Learn more about [auditing and health monitoring in Microsoft Sentinel](health-audit.md):
32+
- [Turn on auditing and health monitoring for Microsoft Sentinel (preview)](enable-monitoring.md)
33+
- [Monitor the health and audit the integrity of your analytics rules](monitor-analytics-rule-integrity.md)
34+
2635
### Microsoft 365 Defender data connector is now generally available
2736

2837
Microsoft 365 Defender incidents, alerts, and raw event data can be ingested into Microsoft Sentinel using this connector. It also enables the bi-directional synchronization of incidents between Microsoft 365 Defender and Microsoft Sentinel. This integration allows you to manage all of your incidents in Microsoft Sentinel, while taking advantage of Microsoft 365 Defender's specialized tools and capabilities to investigate those incidents that originated in Microsoft 365.

0 commit comments

Comments
 (0)