Deploying Your First Microsoft Sentinel Workspace on Azure
Learn to set up Microsoft Sentinel workspace, connect it to a Log Analytics workspace, and prepare for advanced security monitoring and threat detection.

Lab overview
Microsoft Sentinel is a powerful, cloud-native SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) solution that helps organizations monitor, detect, and respond to security threats in real time. This lab introduces you to Microsoft Sentinel by walking you through the creation of your first Sentinel workspace and connecting it to a Log Analytics workspace. These foundational steps prepare your environment for advanced security monitoring and analytics.
Objectives
Upon completion of this lab, you will be able to:
- Understand the purpose and architecture of Microsoft Sentinel.
- Create and configure a Sentinel workspace in the Azure portal.
- Connect Sentinel to a Log Analytics workspace for data ingestion.
- Prepare your Sentinel workspace for connecting data sources and creating detection rules.
Who is this Lab For?
This lab is ideal for:
- Beginners who are new to Microsoft Sentinel and want to understand its setup and configuration.
- Security professionals looking to explore Microsoft Sentinel as part of their organization's security operations.
- Developers and IT administrators seeking to enhance their skills in cloud security monitoring.
Verified against your live environment
An automated validation engine inspects your actual resources and configurations as you work. Completion means the task was performed — not multiple choice, real-world proficiency.
More labs like this
Creating and Deploying Azure Functions using Azure Functions Core Tools
In this lab, you will learn how to create and deploy Azure Functions using Azure Functions Core Tools.
Implement Network Security Groups (NSGs) and Application Security Groups (ASGs) in Azure
Secure Azure VMs using Network Security Groups and Application Security Groups. Create rules, control traffic flow, and implement least privilege access.
Creating a Web App on Azure App Service using Azure Portal
Learn how to create, configure, and deploy a web application using Azure App Service through the Azure Portal's interface.
Related reading
Environment
Every lab includes
- Real environment, pre-credentialed
- Automated checks on every step
- Isolated sandbox, auto cleanup
- AI-recommended next steps
Lab curriculum
- 01
Logging into Azure Account using Azure Portal
- 02
Deploying Your First Microsoft Sentinel Workspace
1 automated check
- 03
Exploring Microsoft Sentinel
Not the lab you were looking for?
Browse 150+ hands-on labs across AWS, Azure, Kubernetes, Docker, and cloud security.