Microsoft Sentinel - CHARBEL NEMNOM - MVP | MCT | CCSP

Enable Microsoft Sentinel UEBA Activity Templates at Scale (In Bulk)

Enable Sentinel UEBA Activity Templates at Scale (In Bulk)

September 19, 2024 by Charbel Nemnom

Once you have enabled Microsoft Sentinel UEBA (User and Entity Behavior Analytics) in your environment, you can customize the entity page and change the activities

8 Min. Read

Deep Dive into Microsoft Sentinel UEBA (User and Entity Behavior Analytics)

March 4, 2026 by Charbel Nemnom

Updated — 04/03/2026 — Microsoft has recently announced an exciting expansion of User and Entity Behavior Analytics (UEBA) in Sentinel called the Behaviors Layer. The

38 Min. Read

Rotate Microsoft Sentinel Repositories Connections Effectively

November 16, 2025 by Charbel Nemnom

Updated — 15/01/2025 — Microsoft announced Bicep Support in Microsoft Sentinel Repositories. Bicep support for Microsoft Sentinel offers streamlined configuration management with intuitive syntax, improved

10 Min. Read

Demystifying Microsoft Sentinel Multi-Tier Logging

March 8, 2026 by Charbel Nemnom

Updated — 01/04/2025 — Starting 1 May 2025, Microsoft will begin billing for queries and search jobs on logs ingested into the Auxiliary Logs plan.

19 Min. Read

Extract Custom Details from Microsoft Sentinel into Logic App

November 7, 2024 by Charbel Nemnom

When a security alert is triggered, the information provided in the alert is vital for the security analyst to conduct an investigation. Therefore, the alert

9 Min. Read

Microsoft Sentinel Sizing and Pricing – Optimize Costs and Enhance Security

March 12, 2026 by Charbel Nemnom

Updated — 12/03/2026 — Please check the updated article here > Microsoft Sentinel Cost Estimation and Optimization — The Definitive Guide! Updated — 02/10/2025 — Starting

17 Min. Read

Monitor Log Flow For Devices in Microsoft Sentinel

May 17, 2024 by Charbel Nemnom

You are ingesting multiple devices and appliances to Microsoft Sentinel through the Common Event Format (CEF) via AMA, and you want to ensure that the

7 Min. Read

Export Microsoft Sentinel Automation Rules With Ease

September 12, 2024 by Charbel Nemnom

Updated — 12/09/2024 — Generally available (GA), Microsoft officially supports exporting your automation rules to Azure Resource Manager (ARM) template files and importing rules from

6 Min. Read

Import Free TAXII Threat Intelligence Feed to Microsoft Sentinel

April 15, 2025 by Charbel Nemnom

Microsoft Sentinel lets you import threat indicators, enhancing your security analysts’ ability to detect and prioritize known threats. You can stream threat indicators to Microsoft

6 Min. Read

Update Microsoft Sentinel Analytics Rules at Scale (In Bulk)

March 11, 2025 by Charbel Nemnom

Updated —11/03/2025 — The automation tool below was updated to version 2.1. The new update ensures the active rule ID is maintained for the existing

20 Min. Read