Note: There may be known issues pertaining to this Solution, please refer to them before installing.

The Azure DDoS Protection Solution for Microsoft Sentinel enables you to easily ingest Azure DDoS Protection Standard logs to Microsoft Sentinel. This enables you to view and analyze this data in your workbooks, query it to create custom alerts, and incorporate it to improve your investigation process, giving you more insight into your platform security.

To enable automated response to threats detected, consider deploying the Remediation-IP Playbook.

Underlying Microsoft Technologies used:

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

a. Azure Monitor Resource Diagnostics

Data Connectors: 1, Workbooks: 1, Analytic Rules: 2

Learn more about Microsoft Sentinel | Learn more about Solutions