Check out the documentation, code samples, videos, webinars, tutorials, and guides to help you get started, building your submissions! Remember to build content (workbooks, analytics, and more) for Azure Sentinel or extend Azure Sentinel capabilities via APIs and feel free to mix and match different types of content and data sources to deliver richer end-to-end experiences. Be creative!

Questions? Post on the Hackathon Discussion Forums or reach out to the Azure Sentinel Hackathon team

----------------------------------------------------------------------------------------------------

Step 1. First, create and configure an Azure Sentinel workspace, if you have not done so already.  

  1. Go to https://aka.ms/AzureSentinel - Get set up with your Azure free account
  2. Go to the Azure Sentinel dashboard in the Azure portal
  3. Explore the documentation and quickstarts (Step 2.a. below helps with not only ingesting data sets but also deploying Azure Sentinel and configuring onboarding options in the deployment template. Read up on this option before going ahead with setting up Azure Sentinel from scratch.)
  4. Next, it’s all about onboarding to Azure Sentinel and the onboarding quickstart is your key here.  

Step 2. Then, start setting up data so that you can try out different use cases in Azure Sentinel and get ideas for your submission. There are multiple options here. These are all optional and you can choose from one or many of these depending on the variety of data you wish to explore. 

    a.  Azure-Sentinel2Go expedites the deployment of an Azure Sentinel lab along with other Azure resources and a data ingestion pipeline to consume pre-recorded datasets for Microsoft products for research purposes. This ingests pre-recorded datasets from the Mordor project right at deployment time.

    b. Ingest sample data from some non-Microsoft security products without having access to those products. This is using the Azure Sentinel custom log ingest tool that helps ingest these in Azure Log Analytics workspace as custom logs. You can also use the tool to bring in your own data in Azure Sentinel as well as custom logs. Go through the steps in the ingest tool readme for this.  

    c. Connect with different types of Microsoft as well as non-Microsoft data by following steps in the documentation. To enable this for Microsoft data sources, you can leverage one or more the following free trials to get started:

Documentation

  • Azure Sentinel documentation – Learn about Azure Sentinel product and use cases
  • Azure Sentinel contribution/content development guidelines – Captures links to different content/contribution types and how it fits in Azure Sentinel use cases along with how to develop these and relevant product documentation as well. This also includes links to helpful resources like Kusto Query Language guide, etc. that can help with creating different types of queries in Azure Sentinel.

Training Videos

  • Azure Sentinel level 400 training – Summarizes videos and webinars that can get you ramped up on Azure Sentinel and covers in depths on different Azure Sentinel use cases. These cover a range of training videos starting with content development on Azure Sentinel all the way to extending and integrating with Azure Sentinel.

Get Inspiration

Community

Got Questions?

  • Post a question in the Discussions forum if you need help!
  • We’ll organize a couple of online Office hours to help with answering any questions or to connect on the Hackathon in general. Tune in for further updates on this.

Find a team

No one is an expert at everything, so you may want to consider looking for a teammate to help you iron out the kinks and fill in the blanks of your submission. We’ve got a few tips for finding a teammate in case you need them.

Use the competition Participants page to connect

In our experience, it’s more fun to code with a friend. On the Participants tab, you can:

  • Look for teammates by introducing yourself to the community. Mention any ideas you have and what kind of teammates you’re looking for.
  • Sort participants by the number of projects and followers they have or by registration date.
  • Search participants by name, skills, and portfolio info.
  • Reach out to potential teammates and get to know each other.
  • Collaborate on something amazing!