Qué necesitas saber antes de
comenzar
Inicio 4 June 2026 07:39
Fin 4 June 2026
SC-200: Connect logs to Microsoft Sentinel
262 Cursos
No especificado
Actualización opcional disponible
Todos los niveles
Avanza a tu propio ritmo
Free
Actualización opcional disponible
Resumen
Title:
SC-200:
Connect Logs to Microsoft Sentinel
Description:
This comprehensive course on Microsoft Sentinel covers essential modules designed to enhance your skills in integrating security operations. By enrolling in this course, you will:
- Understand and apply data connectors, emphasizing Microsoft Sentinel data connector providers and distinguishing between the Common Event Format and Syslog connectors.
- Learn to integrate various Microsoft services with Microsoft Sentinel and how these connections can automatically create incidents.
- Activate and manage key Microsoft 365 Defender connectors including those for Endpoint and Office 365 within Microsoft Sentinel.
- Connect Azure and non-Azure Windows hosts to Microsoft Sentinel, configuring the Log Analytics Agent to monitor Sysmon events effectively.
- Dive into the deployment options of the Common Event Format logs, running scripts to integrate with Microsoft Sentinel seamlessly.
- Develop proficiency in managing Syslog data sources through comprehensive deployment, parsing using KQL, and integration with Log Analytics Agent.
- Configure connections for threat indicators utilizing the TAXII and Threat Intelligence Platform connectors and reviewing threat data.
University:
Provider:
Microsoft Learn
Categories:
Threat Intelligence Courses, SC-200:
Microsoft Security Operations Analyst Courses, Microsoft Sentinel Courses.
