Configure Diagnostic Settings for Storage Accounts to Sentinel at Scale
This article will demonstrate how to enable and configure Diagnostic logging from all storage services within the Azure Storage Account – Blob, Queue, Table, and
This article will demonstrate how to enable and configure Diagnostic logging from all storage services within the Azure Storage Account – Blob, Queue, Table, and
Azure Storage has evolved rapidly, and I’m excited to announce that my Azure Storage Essential Training course on LinkedIn Learning has been fully updated (released
Updated – 16/02/2026 – Microsoft announced Microsoft Sentinel’s CCF Push Feature. The push feature enables real-time, high-volume delivery of security data directly into Sentinel with
Modern SIEM and platform solutions like Microsoft Sentinel can ingest logs from virtually any source, including custom text and JSON logs from network appliances and
Updated—12/02/2026 — For supported Microsoft Defender XDR tables (MDE/MDO/MDA), you can now stream directly to the Microsoft Sentinel data lake while keeping XDR retention at
In early July 2025, Microsoft announced that Microsoft Sentinel in the Azure Portal will be deprecated as of July 1, 2026. From that date forward,
Updated—12/02/2026 — For supported Microsoft Defender XDR tables (MDE/MDO/MDA), you can now stream directly to the Microsoft Sentinel data lake while keeping XDR retention at
Microsoft Defender for Endpoint (MDE) with Plan 2 provides a really great and relatively affordable way of ingesting large-scale events into your SIEM, like Microsoft
Effective access control is the keystone of any secure, well‑managed Microsoft Sentinel deployment. By carefully scoping permissions at each level—from your Azure tenant down to
Updated — 20/08/2025 — The tool below has been updated to create Microsoft Sentinel Data Lake tier tables, which are the same as Auxiliary tier