How can we improve Microsoft Azure Security Center?

Allow custom flexible Security events filtering

Security solution now allows filter security events: https://blogs.technet.microsoft.com/msoms/2016/11/08/filter-the-security-events-the-oms-security-collects/

It will be good if this solution also support a "Custom" option to allow customers to specify what events to collect (in addition to pre-configured lists). Also it will be good if the customer supplied filter supports wildcards and RegEx support.

38 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Tao Yang shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    6 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Sameer commented  ·   ·  Flag as inappropriate

        Yes, you are right. Sometimes people get confused. Having "Custom" option can turn them to the right track and the user experience will also become good.
        https://ultraapk.com/

      • Zim Ali commented  ·   ·  Flag as inappropriate

        You may also notice the new “Templates” button in the bottom left of the screen. This allows to save the settings on both the Include and Exclude tabs as a template which you can re-use when creating new feeds, or as a convenient way of bringing the same settings to your other existing feeds. One more thing – if there are noise events you’d like to filter out but you’re not sure how to craft that into a script, just head over to our online help desk and submit a ticket; we’ll be happy to help!
        https://dltutuapp.com/
        https://9apps.ooo/
        https://aptoide.vip/

      • K Justin commented  ·   ·  Flag as inappropriate

        Providing specific threat analytics to login attacks (like ADFS events 299,500,501) would also help versus grabbing 6-10GB of Security logs on the common setting

      Feedback and Knowledge Base