Azure Sentinel2Go is an open source project developed to expedite the deployment of an Azure Sentinel lab along with other Azure resources and a data ingestion pipeline to consume pre-recorded datasets for research purposes. It also comes with the option to ingest pre-recorded datasets from the Mordor project right at deployment time.
There are a few things that you can do with this project. This project is intended for research purposes, so I highly recommend to create a new resource group in your subscription to not interfere with any other system in the same resource group. Take a look at the different scenarios that you can deploy in the section below.
A few deployments available through Azure Sentinel To-go!
For more information about the development of this project, feel free to check out the following resources:
- Azure Sentinel To-Go (Part 1): A lab w/ Prerecorded Data ๐ & a Custom Logs Pipe via ARM Templates ๐
- Azure Sentinel To-Go (Part 2): Integrating a Basic Windows Lab ๐งช via ARM Templates ๐
- Roberto Rodriguez (@Cyb3rWard0g)