I have a sentinel instance running in azure but not enough data to test the full functionality of sentinel. Doing some research I came across with azure sentinel GitHub:
https://github.com/Azure/Azure-Sentinel/tree/master/Sample Data
This has enough sample data for testing and getting my hands dirty and try to understand the full power of sentinel and how to leverage it. But I was wondering if there is a way or option about how to get those csv file (import) into sentinel portal.
I hope my question is clear and if not please don't not hesitate to ask more details.
Thank you so much for any help you can provide.
CodePudding user response:
You can import them as custom logs:
Additionally, check out the "Training Lab" solution in Content Hub in the Sentinel console. Installing this will populate data.