Deploying Sentinel All In One

Sentinel All In One allows you to have a fully fledged ready to use Sentinel environment.

Access Sentinel All in One github page:

https://github.com/Azure/Azure-Sentinel/tree/master/Tools/Sentinel-All-In-One

Click on deploy to Azure

Provide a Resource Group Name and Workspace Name in which Sentinel All In One will be deployed as the following example:

You can configure each of the continuing tabs according to your environment requirements, for my deployment example my configuration is the following:

Review your deployment configuration and click create button

Once your deployment is complete you will get a “Your deployment failed” message however this is fine as this is related to data connectors which require a license

We can now go to Sentinel and see that our environment has successfully been deployed:

Author: user