Note: Please refer to the following before installing the solution:

• Review the solution Release Notes

• There may be known issues pertaining to this Solution, please refer to them before installing.

The Azure DevOps Auditing solution for Microsoft Sentinel allows monitoring Azure DevOps audit events to enable detection of malicious and/or unauthorized access and modification in the repository or pipelines. The streaming of Azure DevOps Audit logs to Azure Monitor must be configured to start ingesting audit events.

NOTE: Microsoft recommends installation of Azure DevOps Audit Logs (via Codeless Connector Platform) (Preview). This connector is build on the Codeless Connector Platform (CCP), which uses the Log Ingestion API, which replaces ingestion via the deprecated HTTP Data Collector API. CCP-based data connectors also support Data Collection Rules (DCRs) offering transformations and enrichment.

Learn more about Microsoft Sentinel | Learn more about Solutions