Configuration Manager and Azure Sentinel
A few months ago, Microsoft had an Azure Sentinel hackathon, and I thought that maybe I could build-up one POC solution for Azure Sentinel. My idea was to capture all the admin activities and send the data immediately off the Primary Site server. The reason why I decided to build this POC is that the built-in auditing isn’t that good, and it needs some modernization.
You can download all the scripts and manuals from my GitHub account – https://github.com/Kaidja/AZMEMCM.
If you have any questions, then just let me know.
Have fun!