You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: Instructions/Labs/LAB_AK_09_Lab1_Ex02_Notebooks_Defender.md
+9-10Lines changed: 9 additions & 10 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,7 +1,7 @@
1
1
---
2
2
lab:
3
-
title: Exercise 2 - Threat Hunting using Notebooks with Microsoft Sentinel
4
-
module: Learning Path 10 - Perform threat hunting in Microsoft Sentinel
3
+
title: Exercise 2 - Threat Hunting using Notebooks with Microsoft Sentinel in Microsoft Defender XDR
4
+
module: Learning Path 9 - Perform threat hunting in Microsoft Sentinel
5
5
description: In this task, you'll explore using notebooks in Microsoft Sentinel.
6
6
duration: 30 minutes
7
7
level: 300
@@ -12,10 +12,9 @@ lab:
12
12
- Jupyter Notebooks
13
13
- Python
14
14
- Data lake
15
-
16
15
---
17
16
18
-
# Learning Path 09 - Lab 1 - Exercise 2 - Threat Hunting using Data lake Notebooks in Microsoft Sentinel
17
+
# Learning Path 9 - Lab 1 - Exercise 2 - Threat Hunting using Data lake Notebooks in Microsoft Sentinel
19
18
20
19
## Lab scenario
21
20
@@ -35,9 +34,9 @@ This task explores Notebooks in Microsoft Sentinel Data lake. You will be using
35
34
36
35
>**Note:** Visual Studio Code is already installed on the lab VM. Prior experience with Visual Studio Code, Jupyter Notebooks and Python coding is recommended.
37
36
38
-
1.Login to **WIN1** virtual machine as Admin with the password: **Pa55w.rd**.
37
+
1.Sign in to **WIN1** virtual machine using the provided credentials.
39
38
40
-
1. In the Microsoft Edge browser, navigate to Defender XDR at `https://security.microsoft.com`.
39
+
1. In the **Microsoft Edge** browser, navigate to **Microsoft Defender XDR** at `https://security.microsoft.com`.
41
40
42
41
1. In the **Sign in** dialog box, copy, and paste in the **Tenant Email** account provided by your lab hosting provider and then select **Next**.
43
42
@@ -47,11 +46,11 @@ This task explores Notebooks in Microsoft Sentinel Data lake. You will be using
47
46
48
47
1. In the Microsoft Defender navigation menu, scroll down and expand the **Microsoft Sentinel** section.
49
48
50
-
1.Expand *Data lake exploration* in Microsoft Sentinel and select **Notebooks**.
49
+
1.In Microsoft Sentinel, expand the **Data lake exploration**, and then select **Notebooks**.
51
50
52
51
1. The *Notebooks* page displays the list of steps to perform to use Data lake Jupyter notebooks, and provides links to available resources.
53
52
54
-
1. Go to the task bar and select the Visual Studio Code icon.
53
+
1. Go to the task bar and select the **Visual Studio Code** icon.
55
54
56
55
>**Note:** Unless specified, always install the *Microsoft* published extensions.
57
56
@@ -71,7 +70,7 @@ This task explores Notebooks in Microsoft Sentinel Data lake. You will be using
71
70
72
71
1. Look for **MCP: Add server**, and select that option.
73
72
74
-
1. Choose the HTTP option and enter the URL: `https://sentinel.microsoft.com/mcp/data-exploration>`.
73
+
1. Choose the HTTP option and enter the URL: `https://sentinel.microsoft.com/mcp/data-exploration`.
75
74
76
75
1. Select **Enter** to use the default server ID.
77
76
@@ -113,7 +112,7 @@ This task explores Notebooks in Microsoft Sentinel Data lake. You will be using
113
112
114
113
1. The *SecurityEvent* table schema is displayed.
115
114
116
-
1. In the **NOTEBOOK SAMPLES** section, expand *Tutorials* and select the **01_GettingStartedwithSentineldatalake** tutorial notebook.
115
+
1. In the **NOTEBOOK SAMPLES** section, expand **Tutorials** and select the **01_GettingStartedwithSentineldatalake** tutorial notebook.
117
116
118
117
1. Once the Jupyter Notebook is open, review the different tabs, code cells and markdown cells.
0 commit comments