One of the suggested recommendations in the continuing Suggested Daily, Weekly, and Monthly Tasks for Azure Sentinel series is to keep track of updates for a variety of the Azure Sentinel components. Our GitHub repository is a valuable resource for new and updated KQL queries, Workbooks, etc. It is updated constantly by our Sentinel teams, but also is quickly becoming a valuable community component where our customers are also contributing, so keeping track of it is important.
The Azure Sentinel GitHub repository can be found at: http://aka.ms/ASGitHub
Track by RSS
One method to keep track of updates and new additions is to consume the RSS feed for the Azure Sentinel repository.
Insert the following feed into your favorite RSS feed reader: https://github.com/Azure/Azure-Sentinel/commits/master.atom
The feed results will look similar to the following…
Track by Email
Another way to be notified of updates to the Azure Sentinel GitHub repository is through notifications over GitHub or through email.
On the Azure Sentinel GitHub page, choose to be notified of new releases (Releases only) or of all conversations (Watching).
The Releases only option is preferred if you only want to be notified when new things are released. The Watching option captures more including simple updates.
If you choose the Watching option, you may want to modify the Notifications settings to push the notifications to the web or mobile because the more active the contributions, the more emails you will receive.
You’ll want to play with this to hone it to something valuable for you.