On this article, You’ll learn to monitor your on-premises servers and Azure VMs utilizing Microsoft Sentinel. It was referred to as Azure Sentinel, and so they just lately renamed it to Microsoft Sentinel.
Prerequisite
- Azure Subscription and Log Analytics Workspace
Create a Microsoft Sentinel
Step 1
Register to your Azure portal at https://portal.azure.com utilizing your Microsoft credential.
Click on the portal menu to pick “All Companies“
Then Utilizing the Sentinel key phrases to look the Microsoft Sentinel
Then choose the “Microsoft Sentinel“
Steps 2
Click on “Create Microsoft Sentinel“
Steps 3
Choose “Create a workspace” so as to add Microsoft Sentinel
Steps 4
Present the Venture Particulars
Choose the Subscription (Lively subscription)
Create a brand new or use present “Useful resource Group” (ex: MsSentinelRG)
Enter the “Workspace identify” (ex: sentinelworkspace)
Then Choose your “Area“
Then choose “Overview + Create” to validate the entered particulars
Steps 5
As soon as Validation handed, Choose “Create“
Steps 6
Add Microsoft Sentinel to a workspace
Choose the workspace “sentinelworkspace” after which click on “Add“
Join On-premises server to Microsoft Sentinel
Steps 1
Go to the Useful resource Group, the place the sentinel workspace saved
Then open the SecurityInsights(sentinelworkspace)
Steps 2
Navigate to “Log Analytics Workspace“
Steps 3
Choose “Agent“
Then Choose your “Working System Sort“
After which “Obtain Home windows Agent” (64/32 bit)
Steps 4
As soon as the obtain is accomplished, double-click to open the Home windows Agent Wizard out of your on-premises server
Then click on “Subsequent“
Steps 5
Choose “I Agree” to Settle for the Microsoft Software program Licence Phrases
Steps 6
If you wish to retailer it in a special location, Click on Change to pick the set up folder.
Then Choose “Subsequent“
Steps 7
Choose the Agent setup possibility “Join the Agent to Azure Log Analytics (OMS)”
Then Choose “Subsequent”
Steps 8
Enter the Workspace ID and Workspace key to attach the agent to azure log analytics.
Steps 9
If you wish to maintain safe your origination, “Use Microsoft Replace assist maintain safe and updated”
Then Choose “Subsequent”
Steps 10
Click on “Set up” to begin the set up of the Microsoft Monitor Agent
Steps 12
Click on “End” to finish the wizard
Steps 13
Now formally put in Microsoft Agent on a Home windows laptop, you’ll be able to test from the Agent administration.
Steps 14
After connecting the Log Analytics workspace to Microsoft Sentinel, use present or create analytics guidelines to detect threats and anomalous behaviors in your atmosphere.
