Skip to content

Notebooks

This is not a feature I have personally used, but essentially it's a way of using Jupyter notebooks within Sentinel. Jupyter is something I have used both in personal projects and professional projects, so I plan to do some work with them in the near future to provide some more lively information on them!

For now, if you have Python experience and are looking to add some further capabilities within Sentinel, potentially for investigations take a look at Notebooks. Some benefits over KQL:

  • It's Python, that opens up a lot of possibilities
  • More complex graphical diagrams are possible
  • Access other APIs and data sources
  • Microsoft notes the possibility for some machine learning!