Lab 2: Importing Splunk data into Microsoft Sentinel
Exercise 1: Import Splunk data into Microsoft Sentinel
Elisabeth, the Azure administrator has been assigned the task of exporting data analytics rules from Splunk and importing them into Azure Sentinel. In order to do this she will have to:
-
Export the required data analytics rules from Splunk.
In this lab the actual export of the data rules has already been completed and you’ll be able to review the exported file.
- Import the Splunk data file into Azure Sentinel using SIEM migration.
- Verify the Splunk migration of data analytics rules in Azure Sentinel.
- Enable migrated Splunk data analytics rules in Azure Sentinel.