What You Need to Know Before
You Start
Starts 5 June 2025 15:10
Ends 5 June 2025
SC-200: Connect logs to Microsoft Sentinel
222 Courses
Not Specified
Optional upgrade avallable
All Levels
Progress at your own speed
Free
Optional upgrade avallable
Overview
Title:
SC-200:
Connect Logs to Microsoft Sentinel
Description:
This comprehensive course on Microsoft Sentinel covers essential modules designed to enhance your skills in integrating security operations. By enrolling in this course, you will:
- Understand and apply data connectors, emphasizing Microsoft Sentinel data connector providers and distinguishing between the Common Event Format and Syslog connectors.
- Learn to integrate various Microsoft services with Microsoft Sentinel and how these connections can automatically create incidents.
- Activate and manage key Microsoft 365 Defender connectors including those for Endpoint and Office 365 within Microsoft Sentinel.
- Connect Azure and non-Azure Windows hosts to Microsoft Sentinel, configuring the Log Analytics Agent to monitor Sysmon events effectively.
- Dive into the deployment options of the Common Event Format logs, running scripts to integrate with Microsoft Sentinel seamlessly.
- Develop proficiency in managing Syslog data sources through comprehensive deployment, parsing using KQL, and integration with Log Analytics Agent.
- Configure connections for threat indicators utilizing the TAXII and Threat Intelligence Platform connectors and reviewing threat data.
University:
Provider:
Microsoft Learn
Categories:
Threat Intelligence Courses, SC-200:
Microsoft Security Operations Analyst Courses, Microsoft Sentinel Courses.
