Azure Notebooks for Azure Sentinel
What is Azure Notebooks?
Azure Notebooks is a free hosted service to develop and run Jupyter notebooks in the cloud with no installation. Jupyter is an open source project that lets you easily combine markdown text, executable code (Python, R, and F#), persistent data, graphics, and visualizations onto a single, sharable canvas called a notebook.
How do Azure Notebooks work?
Interactive Azure Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors. Each Azure Notebook is purpose-built with a self-contained workflow for a specific use case. Visualizations are included in each Azure Notebook for faster data exploration and threat hunting. Click on the button below to clone our prebuilt investigation and hunting Azure Notebooks into projects that belong to you. Modify and tailor your projects to your environment. Either run the Azure Notebooks for free or, for better performance, run them on a dedicated virtual host. Click here to learn more
Using the Notebooks locally or in other environments
Azure Sentinel will provision notebooks and supporting modules for you in Azure Notebooks. You can also download the notebooks and modules and use them locally in a supported Python environment (Anaconda Distribution is recommended) or another notebook hosting environment such as Azure Databricks or a JupyterHub environment that supports Python 3.6 or later.
Interactive in Azure (requires logging in):
Get Started notebookView
- View sample notebooks in the Sample-Notebooks folder
- How tos and Troubleshooting in the How-Tos folder
For questions or feedback, please contact AzureSentinel@microsoft.com