Azure OpenAI Playbook created for Microsoft Sentinel
This playbook is designed to integrate Microsoft Sentinel with Azure OpenAI and is a work in progress.
Requirements:
- Azure OpenAI (Deployed from Azure subscription)
- Microsoft Sentinel SIEM Solution (Deployed from Azure subscription as well)
(If you need Azure OpenAI, please follow the directions on the Setup page.)
In order to use it, you will need to change the following variables:
Azure OpenAI API Key: Your Azure OpenAI API Key
Azure OpenAPI URI Endpoint: This is your deployment link for Azure OpenAI.
(Example: https://.openai.azure.com/openai/deployments//chat/completions?api-version=2023-03-15-preview")
You need to replace the variable with your endpoint and with your model deployment name.
To find these pieces of information, please see below:
-
API Key and Endpoint URI
This is found in the Keys and Endpoint section on your Azure OpenAI deployment.
-
Deployment Name
This is found inside Azure AI Studio when you setup your deployment.
