Azure Sentinel – Analytics Rules

Overview

Analytics rules in Azure Sentinel help you detect suspicious activities, automate investigations, and respond to threats. Choose from built-in templates, create custom queries, or import community rules to continuously monitor your environment.

Name	Severity	Tactics	Last Updated
Suspicious Login	High	Credential Access, Initial Access	2024-08-12
Malware Detection	Medium	Defense Evasion, Execution	2024-07-05
Unusual PowerShell Activity	Low	Execution, Persistence	2024-06-20
Brute Force Attack	High	Credential Access	2024-05-18
Anomalous Geolocation Login	Medium	Credential Access, Lateral Movement	2024-04-30