ingestion

Sentinel Phantom Fields: Understanding and Managing Inaccessible Data
Sentinel Phantom Fields: …

Read the blog post on BlueVoyant’s site: Sentinel Phantom Fields: Understanding and Managing Inaccessible Data. Microsoft has transitioned to a DCR-based log ingestion and manual schema management for tables for some time now. Lots of organizations are adopting this modern approach over the …

Oct 1, 2024 Read
Ingestion delay variance issues with Bins and Buckets
Ingestion delay variance …

I’m pretty sure you’ve already dealt with the ingestion delay issue if you use a SIEM with scheduled rules. There are numerous articles on the internet that explain how to handle ingestion latency without missing any events and without having your rules double-process a log. While these …

Oct 31, 2022 Read
Ingestion-Time Data Transformation in Sentinel
Ingestion-Time Data …

Lately, each month, I see a new feature from Microsoft that I think is going to be a game-changer for Sentinel. And again, there is a new one that was introduced a month ago, and I think it could be a feature that moves Microsoft’s SIEM to the next level. This feature is called the Ingestion-Time …

Apr 4, 2022 Read