Microsoft-Sentinel-As-A-Code icon indicating copy to clipboard operation
Microsoft-Sentinel-As-A-Code copied to clipboard

Published 20 hours ago verified publisher icon sreedharande

Metadata

Export Microsoft Sentinel artifacts like Analytical Rules, Hunting Queries, Workbooks in order to support new feature Repositories CI/CD Pipeline

Microsoft-Sentinel-As-A-Code

Export Microsoft Sentinel artifacts like Analytical Rules, Hunting Queries, Workbooks in order to support new feature Repositories CI/CD Pipeline

  • Currently supporting
    • Scheduled Analytical Rules
    • Automation Rules
    • Parsers (Saved Searches - KQL Functions)
    • Workbooks

How to use

  1. Download the Tool
    Download

  2. Extract the folder and open "Export_Sentinel_Artifacts.ps1" either in Visual Studio Code/PowerShell(Admin)

    Note
    The script runs from the user's machine. You must allow PowerShell script execution. To do so, run the following command:

    Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass

  3. Run the script using the following command

    .\Export_Sentinel_Artifacts.ps1 -TenantID xxxx `

Questions ❓ / Issues 🙋‍♂️ / Feedback 🗨

Post here.

Contributions are welcome! 👏

Metadata

35
Stars
13
Forks
Watchers

Owner

verified publisher icon sreedharande

Metadata

Export Microsoft Sentinel artifacts like Analytical Rules, Hunting Queries, Workbooks in order to support new feature Repositories CI/CD Pipeline

Back