Configure Microsoft Sentinel connectors for Microsoft 365 Defender and Microsoft Defender for Cloud
Design and configure Syslog and CEF event collections
Design and configure Windows Security event collections
Configure custom threat intelligence connectors
Design and configure analytics rules
Activate Microsoft security analytics rules
Configure built-in scheduled queries
Define incident creation logic
Configure custom scheduled queries
Manage and use watchlists
Manage and use threat indicators
Classify and analyze data by using entities
Create custom logs in Azure Log Analytics to store custom data
Query Microsoft Sentinel data by using Advanced SIEM Information Model (ASIM) parsers
Develop and manage ASIM parsers
Configure automation rules