Author : MD TAREQ HASSAN | Updated : 2022/02/17


Create custom KQL query or load pre-defined queries.

Microsoft Sentinel | Logs tab in Azure Protal


Microsoft Sentinel incidents are containers of threats in your organization – alerts, entities and any additional related evidence. An incident is created based on alerts that you have defined in the security analytics page.

Microsoft Sentinel | Incidents tab in Azure Protal


Interactive reports based on incoming data to sentinel.

Microsoft Sentinel | Workbooks tab in Azure Protal


Proactively hunt for security threats.

Microsoft Sentinel | Hunting tab in Azure Protal


Jupyter notebooks allow you to supercharge your threat hunting and investigation by enabling documents that contain live code, visualizations, and narrative text.

Microsoft Sentinel | Notebooks tab in Azure Protal

Entity Behavior

About Entity Behavior Analytics Search. Search for account and host entities.

Microsoft Sentinel | Entity behavior tab in Azure Protal

Threat Intelligence

Cyber threat intelligence (CTI) within Azure Sentinel through tagging existing data as well as generating new CTI directly inside of Sentinel

Microsoft Sentinel | Threat intelligence tab in Azure Protal

Content Hub

Centrally discover, install, enable and manage out-of-the-box content and solutions for Microsoft Sentinel.

Microsoft Sentinel | Content Hub tab in Azure Protal


Helps to automate the deployment and management of your Microsoft Sentinel content through central repositories.

Microsoft Sentinel | Repositories tab in Azure Protal


Community driven contents, contribution, forum, links etc.

Microsoft Sentinel | Community tab in Azure Protal

Data Connectors

Connect Microsoft and non-microsoft services/resources

Microsoft Sentinel | Data Connectors tab in Azure Protal


Craft and enable analytics rules, either out-of-the-box or customized.

Microsoft Sentinel | Analytics tab in Azure Protal


Collection of data from external data sources for correlation against the events in your Microsoft Sentinel environment.

Microsoft Sentinel | Watchlist tab in Azure Protal


Centrally manage the automation of incident handling, simplifying complex workflows for incident orchestration processes.

Microsoft Sentinel | Automation tab in Azure Protal


Pricing palan and other settings.

Microsoft Sentinel | Settings tab in Azure Protal - pricing

Microsoft Sentinel | Settings tab in Azure Protal - settings