You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/sentinel-solutions-deploy.md
+6-18Lines changed: 6 additions & 18 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,9 +18,7 @@ appliesto:
18
18
19
19
The Microsoft Sentinel Content hub is your centralized location to discover and manage out-of-the-box (built-in) content. There you find packaged solutions for end-to-end products by domain or industry. You have access to the vast number of standalone contributions hosted in our GitHub repository and feature blades.
20
20
21
-
- Discover solutions and standalone content using AI based search and filtering based on status, content type, support, provider, and category.
22
-
23
-
- Expand solutions to learn more about the content items that they comprise of, to better understand the value they provide.
21
+
- Discover solutions and standalone content with a consistent set of filtering capabilities based on status, content type, support, provider, and category.
24
22
25
23
- Install content in your workspace all at once or individually.
26
24
@@ -45,35 +43,25 @@ For more information about other roles and permissions supported for Microsoft S
45
43
46
44
The content hub offers the best way to find new content or manage the solutions you already installed.
47
45
48
-
- For Microsoft Sentinel in the [Azure portal](https://portal.azure.com), under **Content management**, select **Content hub**.<br> For Microsoft Sentinel in the [Defender portal](https://security.microsoft.com/), select **Microsoft Sentinel** > **Content management** > **Content hub**.
46
+
1. For Microsoft Sentinel in the [Azure portal](https://portal.azure.com), under **Content management**, select **Content hub**.<br> For Microsoft Sentinel in the [Defender portal](https://security.microsoft.com/), select **Microsoft Sentinel** > **Content management** > **Content hub**.
49
47
50
48
The **Content hub** page displays a searchable grid or a list of solutions and standalone content.
51
49
52
-
- Search for the solutions of standalone content items that you need. Either use the **AI search field** or filter by selecting specific values from the filters. Using AI search allows you to perform a fuzzy search and use approximate vocabulary. In the following example, you can see several solutions which include specific content items that match the search criteria.
50
+
1. Filter the list displayed, either by selecting specific values from the filters, or entering any part of a content name or description in the **Search** field.
53
51
54
52
For more information, see [Categories for Microsoft Sentinel out-of-the-box content and solutions](sentinel-solutions.md#categories-for-microsoft-sentinel-out-of-the-box-content-and-solutions).
55
53
54
+
1. Select the **Card view** to view more information about a solution.
56
55
57
-
> [!IMPORTANT]
58
-
> Make sure you press enter to execute the search based on your search string.
59
-
>
60
-
> The number of search results is limited to 50 items, including solutions and content items found within solutions. If you did not find what you are looking for, try to refine your search expression or use additional filters.
61
-
>
56
+
Each content item shows categories that apply to it, and solutions show the types of content included. For example, in the following image, the **Cisco Umbrella** solution lists one of its categories as **Security - Cloud Security**, and indicates it includes a data connector, analytics rules, hunting queries, playbooks, and more.
62
57
63
-
- Select a solution from the list to view information about the solution as well as the types of content items it includes. For example, in the following image, the **Windows Security Events** solution indicates it includes two data connector, analytics rules, hunting queries, and playbooks.
64
58
65
-
#### [Azure portal](#tab/azure-portal)
59
+
#### [Azure portal](#tab/azure-portal)
66
60
:::image type="content" source="./media/sentinel-solutions-deploy/solutions-list.png" alt-text="Screenshot of the Microsoft Sentinel content hub in the Azure portal.":::
67
61
68
62
#### [Defender portal](#tab/defender-portal)
69
63
:::image type="content" source="./media/sentinel-solutions-deploy/solutions-list-defender.png" alt-text="Screenshot of the Microsoft Sentinel content hub in the Defender portal.":::
70
64
71
-
- Expand a solution in the result set using the arrow on the left side to view the list of content items it includes. The information pane on the left presents detailed information about the content item.
72
-
73
-
> [!NOTE]
74
-
> Iif you want to use a content item which is part of a solution, you still need to install the entire solution. Therefore there is an “install solution” button on the information panel of the content item, which will install the solution the content item is part of.
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments