Search
Cancel
Sign In

SC-200: Connect logs to Microsoft Sentinel

Go to class
Write Review

Free Online Course: SC-200: Connect logs to Microsoft Sentinel provided by Microsoft Learn is a comprehensive online course, which lasts for 2-3 hours worth of material. The course is taught in English and is free of charge.

Microsoft via Microsoft Learn
2-3 hours worth of material
Self Paced
Overview

    • Module 1: Connect data to Microsoft Sentinel using data connectors

      • Upon completion of this module, the learner will be able to:

      • Explain the use of data connectors in Microsoft Sentinel
      • Describe the Microsoft Sentinel data connector providers
      • Explain the Common Event Format and Syslog connector differences in Microsoft Sentinel
    • Module 2: Connect Microsoft services to Microsoft Sentinel

      • Upon completion of this module, the learner will be able to:

      • Connect Microsoft service connectors
      • Explain how connectors auto-create incidents in Microsoft Sentinel
    • Module 3: Connect Microsoft 365 Defender to Microsoft Sentinel

      • Upon completion of this module, the learner will be able to:

      • Activate the Microsoft 365 Defender connector in Microsoft Sentinel
      • Activate the Microsoft Defender for Endpoint connector in Microsoft Sentinel
      • Activate the Microsoft Defender for Office 365 connector in Microsoft Sentinel
    • Module 4: Connect Windows hosts to Microsoft Sentinel

      • Upon completion of this module, the learner will be able to:

      • Connect Azure Windows Virtual Machines to Microsoft Sentinel
      • Connect non-Azure Windows hosts to Microsoft Sentinel
      • Configure Log Analytics agent to collect Sysmon events
    • Module 5: Connect Common Event Format logs to Microsoft Sentinel

      • Upon completion of this module, the learner will be able to:

      • Explain the Common Event Format connector deployment options in Microsoft Sentinel
      • Run the deployment script for the Common Event Format connector
    • Module 6: Connect syslog data sources to Microsoft Sentinel

      • Upon completion of this module, the learner will be able to:

      • Describe the Syslog connector deployment options in Microsoft Sentinel
      • Run the connector deployment script to send data to Microsoft Sentinel
      • Configure the Log Analytics agent integration for Microsoft Sentinel
      • Create a parse using KQL in Microsoft Sentinel
    • Module 7: Connect threat indicators to Microsoft Sentinel

      • Upon completion of this module, the learner will be able to:

      • Configure the TAXII connector in Microsoft Sentinel
      • Configure the Threat Intelligence Platform connector in Microsoft Sentinel
      • View threat indicators in Microsoft Sentinel

Syllabus

    • Module 1: Connect data to Microsoft Sentinel using data connectors
      • Introduction
      • Ingest log data with data connectors
      • Understand data connector providers
      • View connected hosts
      • Knowledge check
      • Summary and resources
    • Module 2: Connect Microsoft services to Microsoft Sentinel
      • Introduction
      • Plan for Microsoft services connectors
      • Connect the Microsoft Office 365 connector
      • Connect the Azure Active Directory connector
      • Connect the Azure Active Directory identity protection connector
      • Knowledge check
      • Summary and resources
    • Module 3: Connect Microsoft 365 Defender to Microsoft Sentinel
      • Introduction
      • Plan for Microsoft 365 Defender connectors
      • Connect alerts from Microsoft Defender for Office 365
      • Connect alerts from Microsoft Defender for Endpoint
      • Connect the Microsoft 365 Defender connector
      • Knowledge check
      • Summary and resources
    • Module 4: Connect Windows hosts to Microsoft Sentinel
      • Introduction
      • Plan for Windows hosts security events connector
      • Collect Sysmon event logs
      • Knowledge check
      • Summary and resources
    • Module 5: Connect Common Event Format logs to Microsoft Sentinel
      • Introduction
      • Plan for Common Event Format connector
      • Connect your external solution using the Common Event Format connector
      • Knowledge check
      • Summary and resources
    • Module 6: Connect syslog data sources to Microsoft Sentinel
      • Introduction
      • Plan for the syslog connector
      • Collect data from Linux-based sources using syslog
      • Configure the log analytics agent
      • Parse syslog data with KQL
      • Knowledge check
      • Summary and resources
    • Module 7: Connect threat indicators to Microsoft Sentinel
      • Introduction
      • Plan for threat intelligence connectors
      • Connect the threat intelligence TAXII connector
      • Connect the threat intelligence platforms connector
      • View your threat indicators with KQL
      • Knowledge check
      • Summary and resources

← Prev Next →
0, based on 0 Course votes at GetYourEducation

Start your review of SC-200: Connect logs to Microsoft Sentinel

Add review ->
Related courses by Level

Accounting for Mergers and Acquisitions: Foundations

Intermediate
Provider: Coursera
Language: English

Advanced Topics in Derivative Pricing

Intermediate
Provider: Coursera
Language: English

Assisting Public Sector Decision Makers With Policy Analysis

Intermediate
Provider: Coursera
Language: English

Creating and Capturing Mixed Reality

Intermediate
Provider: Kadenze
Language: English

Docker. Basics

Intermediate
Provider: Coursera
Language: English

Natural Language Processing and Capstone Assignment

Intermediate
Provider: Coursera
Language: English
Browse by subject
Browse by provider
Browse by university
Browse by institution
College Rankings