Microsoft Sentinel - CHARBEL NEMNOM - MVP | MCT | CCSP

How To Delete Microsoft Sentinel Analytics Rule Templates

February 20, 2023 by Charbel Nemnom

Microsoft Sentinel comes with analytics rule built-in templates that you can turn into active analytic rules by effectively creating a copy of them – that’s

5 Min. Read

How To Enable Microsoft Sentinel Analytics Rules at Scale (In Bulk)

August 13, 2025 by Charbel Nemnom

Updated – 13/08/2025 – The tool below has been updated to fix the incident and grouping configuration for the analytic rule template to validate the time

11 Min. Read

Backup and Restore Microsoft Sentinel Watchlists – Step-by-Step Guide

May 16, 2024 by Charbel Nemnom

Microsoft Sentinel watchlist enables you to collect data from external data sources for correlation with the events in your Microsoft Sentinel environment. Once created, you

5 Min. Read

A Comparison Guide | Microsoft Sentinel VS Splunk > Security

October 25, 2023 by Charbel Nemnom

When it comes to security information and event management (SIEM), Microsoft Sentinel and Splunk are two major players in the IT security game. Although the

6 Min. Read

Reduce and Optimize Costs in Microsoft Sentinel

October 2, 2025 by Charbel Nemnom

Updated — 02/10/2025 — Starting from October 1, 2025, until March 31, 2026, Microsoft will introduce a new 50 GB commitment tier in public preview,

10 Min. Read

Passing the Must Learn KQL Assessment

March 15, 2022 by Charbel Nemnom

In this article, we will share with you how to prepare and pass the Must Learn KQL training and assessment. Introduction Microsoft Sentinel is a

3 Min. Read

Advanced Azure AD Hunting with Microsoft Sentinel

Advanced Microsoft Entra ID (Azure AD Hunting) with Microsoft Sentinel

February 11, 2025 by Charbel Nemnom

During Microsoft Ignite in November 2021, Azure Sentinel is now called Microsoft Sentinel. Microsoft Sentinel is a cloud-native Security Information Event Management (SIEM) and Security

11 Min. Read

Simulate and Validate CEF Logs to Microsoft Sentinel

October 9, 2023 by Charbel Nemnom

Updated – 28/11/2022 – The CEF via AMA connector is currently in public preview. You can now stream CEF logs with the new Azure Monitor

7 Min. Read

Manage Security Content as Code with Microsoft Sentinel

March 21, 2025 by Charbel Nemnom

Updated — 15/01/2025 — Microsoft announced Bicep Support in Microsoft Sentinel Repositories. Bicep support for Microsoft Sentinel offers streamlined configuration management with intuitive syntax, improved

8 Min. Read

Passing the Microsoft Sentinel Ninja Training

June 26, 2022 by Charbel Nemnom

During Microsoft Ignite in November 2021, Azure Sentinel is now called Microsoft Sentinel. They’ve also renamed Azure Security Center and Azure Defender to Microsoft Defender

3 Min. Read