You are collecting events from Azure virtual machines to an Azure Log Analytics workspace.
You plan to create alerts based on the collected events.
You need to identify which Azure services can be used to create the alerts.
Which two services should you identify? Each correct answer presents a complete solution
NOTE: Each correct selection is worth one point.
Click on the arrows to vote for the correct answer
A. B. C. D. E.AD
To create alerts based on collected events in an Azure Log Analytics workspace, you can use Azure Monitor and Azure Sentinel.
Azure Monitor is a service that provides monitoring and alerting capabilities across various Azure services. It can collect, analyze, and act on telemetry data from different sources, including virtual machines, containers, and other Azure resources. With Azure Monitor, you can create alerts based on metrics, logs, and activity logs, and integrate with various notification channels, such as email, SMS, and webhook.
Azure Sentinel is a cloud-native security information and event management (SIEM) service that uses machine learning and artificial intelligence to detect and respond to threats across your organization's environments. It can collect data from different sources, including Azure Monitor, and use pre-built or custom detection rules to identify suspicious activities. Azure Sentinel also provides built-in automation and orchestration capabilities to help you respond to threats quickly and efficiently.
Azure Security Center is a unified infrastructure security management system that provides threat protection across your hybrid cloud workloads. While it can help you identify and mitigate security risks, it is not primarily designed for creating alerts based on collected events.
Azure Analytics Services and Azure Advisor are not designed for creating alerts based on collected events in an Azure Log Analytics workspace.
Therefore, the correct answers are:
A. Azure Monitor D. Azure Sentinel