Welcome
Getting Started
- Account Setup
  - Account Creation Instructions
Azure Fundamentals
- Azure Fundamentals Overview
Azure CLI
- Azure CLI Overview
KQL
- KQL Overview
Powershell
- PowerShell for Azure
Azure Logging References
- Logging
Threat Hunting
- Threat Hunting in Azure
Microsoft Resources
- Microsoft Incident Response Ninja Hub
- Microsoft Defender XDR Ninja Hub
Security Research & Resources
Defender XDR
Azure Sentinel
Microsoft Defender
- Microsoft Defender for Cloud References
- Defender for Cloud: Az CLI
Azure Policy
Intune
Windows Host Security
Adversary Emulation
Automation
- Automation Overview
- Logic Apps

Powered by GitBook

On this page

Data Schema Reference
Windows Security Event Data Reference
DNS Over AMA Reference
Purview Reference

Azure Sentinel

Supported Data

Last updated 4 months ago

Data Schema Reference

The following is a list of supported data references both Azure and third party.

Security Alert Data Schema

Windows Security Event Data Reference

DNS Over AMA Reference

Purview Reference

Windows security event sets that can be sent to Microsoft SentinelMicrosoftLearn

Microsoft Sentinel DNS over AMA connector reference - available fields and normalization schemaMicrosoftLearn

Microsoft Sentinel security alert schema referenceMicrosoftLearn

Microsoft Purview Information Protection connector reference - audit log record types and activities support in Microsoft SentinelMicrosoftLearn

Microsoft Sentinel data source schema referenceMicrosoftLearn