A few hours ago, I just posted my auditing POC solution for Configuration Manager, and that solution also integrates with Log Analytics and Azure Sentinel.
In Configuration Manager, we can add Scripts, and if the Script is approved, we can execute these against a specific device or many devices or Audit Script related activities in Configuration Manager
A few months ago, Microsoft had an Azure Sentinel hackathon, and I thought that maybe I could build-up one POC solution for Azure Sentinel. My idea was to capture all the admin activities and send the data immediately off the Primary Site server. The reason why I decided to build this POC is that Configuration Manager and Azure Sentinel