: This section includes the Analytics menu, where users create and manage Scheduled Query Rules and Near-Real-Time (NRT) detection rules to identify threats within logs.
For label printing and automation, the SENTINEL User Guide describes a "Kernel menu" and specialized managers: MENU SENTINELLE
: Found under the Configuration section, this menu is used to build Automation Rules that auto-assign, tag, or close incidents. Threat Management : : This section includes the Analytics menu, where
: A specialized Investigation menu provides a parallel timeline and entity mapping to understand how an attack unfolded. TEKLYNX SENTINEL Interface TEKLYNX SENTINEL Interface : Access to the Workbooks
: Access to the Workbooks menu allows security teams to create custom dashboards for monitoring SOC efficiency.
In Microsoft Sentinel, the navigation menu is the primary interface for managing security operations. It is organized into functional sections that allow users to ingest, detect, and respond to threats.
: Accessed via the Kernel menu (right-click the Kernel icon), this module allows users to create, activate, or deactivate "sentinels" that monitor and analyze data files for printing.