Ends in
00
days
00
hrs
00
mins
00
secs
ENROLL NOW

🧑‍💻 AWS Foundation Sale - Certified Cloud & AI Practitioner Mock Exams for only $12.99 each!

Microsoft Sentinel

Home » Azure Cheat Sheets » Azure Security Services » Microsoft Sentinel

Microsoft Sentinel

Last updated on January 16, 2026

Microsoft Sentinel Cheat Sheet

  • A cloud-native SIEM and SOAR solution.
  • It offers a birds-eye view across your enterprise.
  • Sentinel is an intelligent security analytics and threat intelligence service that provides alert detection, threat visibility, proactive hunting, and threat response.
  • Data connection methods in Sentinel: Service to service integration, External solutions via API, and External solutions via an agent.
    • You can now ingest critical security logs without installing the Log Analytics agent, simplifying setup and management with Agentless Collection for Microsoft 365 and Azure AD logs (Generally Available).
    • New & Updated Data Connectors: Key additions include deeper integration with Microsoft Defender XDR and Defender for Cloud, plus connectors for major third-party tools like CrowdStrike Falcon, Zscaler, and Palo Alto Networks.
    • Data Collection Rules (DCR) & Cost Management: Sentinel now uses Azure Monitor Data Collection Rules (DCRs) as the primary method for configuring data ingestion. This change enables more granular cost allocation through Azure Cost Management tags.
  • Microsoft Sentinel roles: Reader, Responder, and Contributor.
Tutorials dojo strip

Threat Management

  • Sentinel provides the following features: Collect, Detect, Investigate, and Respond.
  • Quickly gain insights across your data with Azure Sentinel Workbooks.
  • Investigate and resolve possible threats with incidents (groups of related alerts).
  • You can automate tasks and simplify security orchestration using playbooks.
  • Sentinel provides deep investigation tools to find the root cause of a potential security threat.
  • Hunting allows you to find issues in your data.
  • AI-assisted investigation, hunting, and response (Public Preview).
  • Entity Behavior Analytics (UEBA) to detect anomalous user and device activity.

Pricing

  • You are charged for all data ingested into the Log Analytics workspace. The first 90 days of retention for this data is included in the ingestion cost. Data retained beyond 90 days incurs an additional monthly retention charge.
  • You are charged for the ingested data (per GB).

Microsoft Defender for Cloud vs Microsoft Sentinel:
https://tutorialsdojo.com/azure-security-center-vs-azure-sentinel/

What is Microsoft Sentinel and Why You Should Care

Want to learn more about Azure? Watch the official Microsoft Azure YouTube channel’s video series called Azure Tips and Tricks.

Microsoft Sentinel Cheat Sheet References:

https://docs.microsoft.com/en-us/azure/sentinel/overview
https://azure.microsoft.com/en-in/services/microsoft-sentinel/

🧑‍💻 AWS Foundation Sale – Certified Cloud & AI Practitioner Mock Exams for only $12.99 each!

Tutorials Dojo portal

Learn AWS with our PlayCloud Hands-On Labs

$2.99 AWS and Azure Exam Study Guide eBooks

tutorials dojo study guide eBook

New AWS Generative AI Developer Professional Course AIP-C01

AIP-C01 Exam Guide AIP-C01 examtopics AWS Certified Generative AI Developer Professional Exam Domains AIP-C01

Learn GCP By Doing! Try Our GCP PlayCloud

Learn Azure with our Azure PlayCloud

FREE AI and AWS Digital Courses

FREE AWS, Azure, GCP Practice Test Samplers

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

Follow Us On Linkedin

Written by: Jon Bonso

Jon Bonso is the co-founder of Tutorials Dojo, an EdTech startup and an AWS Digital Training Partner that provides high-quality educational materials in the cloud computing space. He graduated from Mapúa Institute of Technology in 2007 with a bachelor's degree in Information Technology. Jon holds 10 AWS Certifications and is also an active AWS Community Builder since 2020.

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

~98%
passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
200k+
students
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
~4.8
ratings
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?