Lab 1: Introduction to Microsoft Sentinel, Azure Monitoring agent, and syslog incident monitoring
Exercise 1: Configure the Azure environment for Microsoft Sentinel
As part of the Humongous IT efforts on cloud modernization, Elisabeth Eriksson, the Azure admin, is in charge of preparing the Azure environment to leverage Microsoft Sentinel for comprehensive threat detection and response. The preparatory steps she undertakes include:
- Configuring long-term data storage for up to 15 years, essential for meeting legal retention mandates, enhancing business continuity, and facilitating in-depth data analysis for strategic insights.
- Establishing the primary storage account with Geo-Redundant Storage to ensure data is highly available, aiding in disaster recovery and meeting compliance requirements.
- Integrating Microsoft Sentinel to funnel data into the configured storage account, ensuring data is preserved for security analysis, while also enabling synergy with other Azure services for improved analytics and process automation.
These actions are critical for the cloud modernization and standardization initiative approved by Humongous IT’s board, as they move towards a more secure and efficient cloud infrastructure.