Creating a workspace using PowerShell or the CLI
There are times when you need to be able to consistently recreate an Microsoft Sentinel environment. Perhaps you are just testing all the various configuration options, creating environments for many different subscriptions for an international company, or creating instances for customers. No matter the reason, if you need to create many Microsoft Sentinel environments that are all the same, using PowerShell or the Command-Line Interface (CLI) is a better option than doing it in the Azure portal.
Creating an Azure Resource Management template
When creating a new Log Analytics workspace using PowerShell in this lab, you will use an Azure Resource Management (ARM) template to perform the actual configuration. While you can create the workspace directly using either of the technologies, using an ARM template provides additional benefits, including being able to easily recreate the workspace, use the ARM template in a DevOps workflow...
