Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
Images Delete f5.svg Jul 4, 2019
AWS_network_activities.json Update AWS_network_activities.json Jun 24, 2019
AWS_user_activities.json Update AWS_user_activities.json Apr 18, 2019
Attivo.json Removed logo May 15, 2019
Azure_AD_Audit_Logs.json Update Azure_AD_Audit_Logs.json Apr 18, 2019
Azure_AD_Signins.json Update Azure_AD_Signins.json Jun 10, 2019
Azure_Active_Directory.json add telemetry Apr 18, 2019
Azure_Activity.json add telemetry Apr 18, 2019
Azure_Firewall.json Update Azure_Firewall.json May 1, 2019
Azure_Information_Protection_Usage.json Update Azure_Information_Protection_Usage.json Jul 17, 2019
Check_Point_Software_Technologies.json add telemetry Apr 18, 2019
CyberArk_Dashboard.json Update CyberArk_Dashboard.json Jul 4, 2019
Cylance.json add telemetry Apr 18, 2019
DNS.json add telemetry Apr 18, 2019
DashboardsMetadata.json Update DashboardsMetadata.json Jul 31, 2019
Exchange_Online.json add telemetry Apr 18, 2019
F5NetworksDashboard.json Update F5NetworksDashboard.json Jul 31, 2019
FortiGate.json add telemetry Apr 18, 2019
Identity_and_Access.json add telemetry Apr 18, 2019
Insecure_Protocols.json Update Insecure_Protocols.json Jul 24, 2019
Juniper.json add telemetry Apr 18, 2019
Linux_machines.json add telemetry Apr 18, 2019
Microsoft_WAF.json add telemetry Apr 18, 2019
Office_365.json add telemetry Apr 18, 2019
Palo_Alto.json add telemetry Apr 18, 2019
Palo_Alto_Networks_Threat_Dashboard.json add telemetry Apr 18, 2019 Update May 6, 2019
SharePoint_and_OneDrive.json add telemetry Apr 18, 2019
Symantec_Security_Overview_Dashboard.json Update Symantec_Security_Overview_Dashboard.json Jul 1, 2019
Symantec_URL_threats_overview_dashboard.json Update Symantec_URL_threats_overview_dashboard.json Jun 25, 2019
Symantec_file_threats_overview_dashboard.json Update Symantec_file_threats_overview_dashboard.json Jun 27, 2019
Symantec_threats_overview_dashboard.json Update Symantec_threats_overview_dashboard.json Jun 25, 2019
Threat_Intelligence_Dashboard.json Update Threat_Intelligence_Dashboard.json Jun 10, 2019


  • This repo contains the Azure Sentinel dashboard gallery.

  • This page describe how to add a new dashboard to the public Azure Sentinel dashboards gallery.

Step 1 - Create Azure Sentinel dashboard:

Follow these instructions to create a new dashboard using a Log Analytics query

Azure Log Analytics Query Language Reference

  • Make sure that you save a 1x1 square for the Azure Sentinel button in the top left corner (this button navigates back to the Azure Sentinel dashboard gallery).

  • Use the Markdown tile for the dashboard standalone titles and the logos.

  • Do not define any time filters on your charts.

Step 2 - Export the dashboard into a JSON file:

  • From the dashboard view, click "Download" - this will download a JSON file to your computer.

  • Edit the JSON file to hide your personal details:

  • Replace the following fields:

Change your subscription ID to "{Subscription_ID}"

Change your resource group to "{Resource_Group}"

Change your name (your workspace ID) to "{Workspace_Name}"

Step 3 - Share the Dashboard JSON with the Azure Sentinel community

In this step you will upload the dashboard JSON, logo, screenshots, and description.

To do this create a single pull request containing the following:

  1. Upload the dashboard JSON file to Azure-Sentinel/Dashboards/ repo (make sure the file name is in the format: Text_Text.json).

  2. Upload the logo to Azure-Sentinel/Dashboards/Images/Logos/ repo, the logo must be in SVG format (make sure the file name is in the format: text_text.svg).

  3. (Optional) Capture two or more screenshots of the dashboard, where at least one is in the white theme and another in the dark theme. Upload the screenshots to Azure-Sentinel/Dashboards/Images/Preview/ repo (make sure the name of the files is in the format: text_text_white1.png, text_text_black1.png )

  4. Add a short paragraph that describes the purpose of your dashboard in the pull request comment.

You can’t perform that action at this time.