r/AzureSentinel is a subreddit with 5k members. The most common kinds of discussions are advice requests and solution requests, and the community frequently discusses sentinel, logs, azure, microsoft, and kql.
Dedicated to Microsoft’s cloud-native SIEM solution
Popular Themes in r/AzureSentinel
#1
Advice Requests
: "Open source: Agentic investigation framework for Sentinel MCP — 900+ KQL queries, 25 skills, native Entra auth, no supply chain risk"
31 posts
#2
Solution Requests
: "How to store Defender XDR data for years in Sentinel data lake without expensive ingestion cost"
26 posts
#3
Pain & Anger
: "OAuth consent phishing is the M365 attack path most orgs aren't watching."
10 posts
#4
Money Talk
: "Reducing the costs of Azure Sentinel"
3 posts
#5
Self-Promotion
: "Microsoft Azure Sentinel 101: Update alert descriptions dynamically without limits — Unlimited meta data options with helpful content"
2 posts
#6
News
: "New Microsoft Sentinel Analytics Rules for Entra ID Conditional Access"
2 posts
#7
Ideas
: "“Must Have” Automated Playbooks"
1 post
Popular Topics in r/AzureSentinel
#1
Sentinel
: "I built a free, open-source KQL query builder. 52 tables across Defender, Sentinel, Entra ID, Azure Monitor, and more"
181 posts
#2
Logs
: "Microsoft lost Logs due to bug in September…"
53 posts
#3
Azure
: "Microsoft announced that they are moving to the next phase of the transition with a target to retire the Azure portal for Microsoft Sentinel by July 1, 2026."
40 posts
#4
Microsoft
: "New Microsoft Sentinel Analytics Rules for Entra ID Conditional Access"
29 posts
#5
Kql
: "I built a free, open-source Kql query builder. 52 tables across Defender, Sentinel, Entra ID, Azure Monitor, and more"
24 posts
#6
Connector
: "Monitoring Power Automate / Copilot Studio Connector account usage in Sentinel or Unified Audit Logs"
24 posts
#7
Incident
: "Microsoft Azure Sentinel 101: Dynamically update and change Alert/Incident Severity — based on query results with automation or logic apps for all alerts"
21 posts
#8
Queries
: "Is there additional cost to running Queries?"
19 posts
#9
Log
: "Help with Custom Log Ingestion via API into Microsoft Sentinel"
17 posts
#10
Playbook
: "Sentinel + Playbooks + graph +azure ai"
16 posts
Member Growth in r/AzureSentinel
Yearly
+1k members(40.2%)
Similar Subreddits to r/AzureSentinel
r/AZURE
209k members
16.0% / yr
r/AzureSynapseAnalytics
936 members
0.1% / yr
r/kibana
2k members
1.5% / yr
r/MicrosoftFabric
25k members
66.9% / yr
r/SIEM
5k members
9.2% / yr
r/SQLServer
65k members
13.0% / yr
About
GummySearch helps people research Reddit communities by organizing activity, growth, themes, and post-level signals into one place.
This page gives a focused view of r/AzureSentinel, including current member size, discussion patterns, product reviews, and related communities to explore.
This data is synced periodically so insights stay current and useful for ongoing research.
Last updated: June 19, 2026