/Azure-Sentinel2Go

Azure Sentinel2Go is an open source project developed to expedite the deployment of an Azure Sentinel lab.

Primary LanguageShellGNU General Public License v3.0GPL-3.0

Azure Sentinel To-Go!

Open_Threat_Research Community Open Source Love

Azure Sentinel To-Go!

Azure Sentinel2Go is an open source project developed to expedite the deployment of an Azure Sentinel lab along with other Azure resources and a data ingestion pipeline to consume pre-recorded datasets for research purposes. It also comes with the option to ingest pre-recorded datasets from the Mordor project right at deployment time.

Getting Started

There are a few things that you can do with this project. This project is intended for research purposes, so I highly recommend to create a new resource group in your subscription to not interfere with any other system in the same resource while deploying VMs needed for some of the features provided by this Azure Resource Manager (ARM) template. Take a look at the different scenarios that you can deploy in the section below.

Grocery List - Deployment Options

A few deployments available through Azure Sentinel To-go!

Items Deploy Deploy US Gov
Azure Sentinel Deploy to Azure Deploy to Azure Gov
Azure Sentinel + Custom Log Pipeline Deploy to Azure Deploy to Azure Gov
Azure Sentinel + Win10 Workstations Deploy to Azure Deploy to Azure Gov
Azure Sentinel + Win10 + Domain Controller Deploy to Azure Deploy to Azure Gov
Azure Sentinel + Win10 + Palo Alto Networks VM-Series Firewall Deploy to Azure Deploy to Azure Gov
Azure Sentinel + Linux (Ubuntu,CentOS,RHEL) Deploy to Azure Deploy to Azure Gov

Media

For more information about the development of this project, feel free to check out the following resources:

Author