Note: There may be known issues pertaining to this Solution, please refer to them before installing.

The Windows Security Events solution for Microsoft Sentinel allows you to ingest Security events from your Windows machines using the Windows Agent into Microsoft Sentinel.

Underlying Microsoft Technologies used:

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

a. Agent based logs collection from Windows and Linux machines

Data Connectors: 2, Workbooks: 2, Analytic Rules: 20, Hunting Queries: 43

Learn more about Microsoft Sentinel | Learn more about Solutions