{"id":42128,"date":"2021-08-03T16:00:30","date_gmt":"2021-08-03T16:00:30","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=95166"},"modified":"2021-08-03T16:00:30","modified_gmt":"2021-08-03T16:00:30","slug":"how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/","title":{"rendered":"How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2021\/08\/MSC21_Getty_officeMeeting_1084167626.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>With every week bringing new headlines about crippling cyberattacks, and with organizations growing increasingly distributed, security teams are constantly asked to do more with less. Moving to cloud-native security information and event management (SIEM) can help security teams analyze data with the scale of the cloud, and empowers them to focus on protecting the organization, not managing infrastructure. As the industry\u2019s first cloud-native security operation and automated response (SIEM+SOAR), <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/azure-sentinel\/\" target=\"_blank\" rel=\"noopener\">Azure Sentinel<\/a> provides security analytics across the organization to fight today\u2019s sophisticated cyber threats. It does this by collecting data across the digital estate\u2014including on-premises systems, software as a service (SaaS) applications, and non-Microsoft cloud environments such as Amazon Web Services (AWS), Linux, or firewalls\u2014and cross-correlating it using AI and machine learning, enabling security operations (SecOps) teams to stop threats before they do damage.<\/p>\n<p>In part one of this three-part series, we explored the <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/07\/06\/preparing-for-your-migration-from-on-premises-siem-to-azure-sentinel\/\" target=\"_blank\" rel=\"noopener\">first three steps<\/a>&nbsp;every SecOps team should take to help ensure a successful migration to Azure Sentinel. For part two, we\u2019ll look at ways to manage the transitional phase of your migration. Specifically, we\u2019ll compare the pros and cons of a short-term versus long-term side-by-side deployment, including an examination of the five types of side-by-side configurations, and which one maximizes value from both Azure Sentinel and your traditional SIEM.<\/p>\n<h2>What is the transitional phase in a cloud-native SIEM migration?<\/h2>\n<p>For an organization using an on-premises SIEM, migration to the cloud typically requires a three-stage process:<\/p>\n<ol>\n<li>Planning and starting the migration.<\/li>\n<li>Running Azure Sentinel side-by-side with your on-premises SIEM (transitional phase).<\/li>\n<li>Completing the migration (moving completely off the on-premises SIEM).<\/li>\n<\/ol>\n<p>Step 2, the transitional phase, involves running Azure Sentinel in a side-by-side configuration either as a short-term solution or as a medium-to-long-term operational model. Both approaches culminate in a completely cloud-hosted SIEM architecture; the difference is: how long does it serve your interests to remain tethered to your traditional SIEM?<\/p>\n<h3>Transitional side-by-side (recommended)<\/h3>\n<p>This approach involves running Azure Sentinel side-by-side with your traditional SIEM just long enough to complete the migration to Azure Sentinel.<\/p>\n<p><strong>Pros:<\/strong> Gives your staff time to adapt to new processes as workloads and analytics migrate. Gains deep correlation across all data sources for hunting scenarios; eliminates having to do swivel-chair analytics between SIEMs or author forwarding rules (and close investigations) in two places. Also enables your SecOps team to quickly downgrade traditional SIEM solutions, eliminating infrastructure and licensing costs.<\/p>\n<p><strong>Cons:<\/strong> Can require a shortened learning curve for SecOps staff.<\/p>\n<h3>Medium-to-long-term side-by-side<\/h3>\n<p>Involves leveraging both SIEMs side-by-side to analyze different subsets of data indefinitely. In this model, some organizations choose to take an extended side-by-side approach over a long period of time, or even plan to run side-by-side permanently.<\/p>\n<p><strong>Pros:<\/strong> Leverage Azure Sentinel\u2019s key benefits\u2014including AI, machine learning, and investigation capabilities\u2014without moving completely away from your traditional SIEM. Saves money compared to your traditional SIEM by analyzing your cloud or Microsoft data in Azure Sentinel.<\/p>\n<p><strong>Cons:<\/strong> Separating analytics across two different databases results in greater complexity (for example split case management and investigations for multi-environment incidents). Greater staff and infrastructure costs. Requires staff to be knowledgeable in two different SIEM solutions. It also results in a much longer time to universal value for Azure Sentinel if the intention is to ultimately migrate to a single SIEM.<\/p>\n<h2>What\u2019s the best approach for side-by-side SIEM deployment?<\/h2>\n<p>There are five basic deployment models for the side-by-side phase of the migration process. Some of these approaches may seem easier to implement but can introduce unwanted complexity in the long run. Let\u2019s run through the advantages and drawbacks of each:<\/p>\n<h3>Approach 1: Moving logs from Azure Sentinel to your traditional SIEM<\/h3>\n<p>In this configuration, organizations use Azure Sentinel only as a log relay, forwarding logs to their existing on-premises SIEM. This approach is not recommended, since running Azure Sentinel strictly as a log-relay means you\u2019ll continue to experience the same cost and scale challenges as with your on-premises SIEM. In addition, you\u2019ll be paying for data ingestion in Azure Sentinel along with storage costs in your traditional SIEM. Another drawback: using Azure Sentinel merely as a log relay means you\u2019ll miss out on Azure Sentinel\u2019s full SIEM+SOAR capabilities, including detections, analytics, AI, investigation, and automation tools.<\/p>\n<h3>Approach 2: Moving logs from your traditional SIEM to Azure Sentinel<\/h3>\n<p>In this approach, your SecOps team forwards logs from your traditional SIEM to Azure Sentinel. For reasons similar to the above, this approach is not recommended. While you\u2019ll be able to benefit from the full functionality of Azure Sentinel without the capacity limitations of an on-premises SIEM, your organization still will be paying for data ingestion to two different vendors. In addition to adding architecture complexity, this model can result in higher costs for your business.<\/p>\n<h3>Approach 3: Using Azure Sentinel and your traditional SIEM as separate solutions<\/h3>\n<p>In this model, your team uses Azure Sentinel to analyze cloud data while continuing to use your on-premises SIEM to analyze other data sources. This setup allows for clear boundaries regarding when to use which solution, and it avoids the duplication of costs. However, cross-correlation between the two becomes difficult; so this scenario is not recommended. In today\u2019s landscape\u2014where threats often move laterally across the organization\u2014such gaps in visibility pose a significant risk.<\/p>\n<h3>Approach 4: Sending alerts and enriched incidents from Azure Sentinel to your traditional SIEM<\/h3>\n<p>In this approach, you\u2019ll analyze cloud data in Azure Sentinel, then send the alerts generated to your traditional SIEM. There, you can continue to use your traditional SIEM as your single pane of glass and do any cross-correlation on alerts generated by Azure Sentinel. Though it avoids duplicating costs while giving you the freedom to migrate at your own pace, this configuration is still suboptimal. Simply forwarding enriched incidents to your traditional SIEM limits the value you could be getting from Azure Sentinel\u2019s investigation, hunting, and automation capabilities.<\/p>\n<h3>Approach 5: Sending alerts from your traditional SIEM to Azure Sentinel<\/h3>\n<p>In this configuration, your SecOps team will ingest and analyze cloud data within Azure Sentinel while using the traditional SIEM to analyze on-premises data\u2014generating alerts back to Azure Sentinel. In this way, your team is free to do cross-correlation and investigation within Azure Sentinel as your single pane of glass, and still access your traditional SIEM for deeper investigation if needed. This is our recommended side-by-side migration method because it allows you to get full value from Azure Sentinel while migrating data at a pace that\u2019s right for your organization.<\/p>\n<h2>Coming soon in part 3: Use case migration<\/h2>\n<p>In the third and final post in this series, we\u2019ll examine best practices for migrating your data sources and detections, including how to get the most from Azure Sentinel\u2019s powerful automation capabilities. We\u2019ll also offer some tips for finishing the migration and moving completely off your traditional SIEM. <strong>For a complete overview of the migration journey, download the white paper: <a href=\"https:\/\/azure.microsoft.com\/mediahandler\/files\/resourcefiles\/azure-sentinel-migration-fundamentals\/Azure%20Sentinel%20Migration%20Fundamentals.pdf\" target=\"_blank\" rel=\"noopener\">Azure Sentinel Migration Fundamentals<\/a>.<\/strong><\/p>\n<p>To learn more about Microsoft Security solutions,&nbsp;<a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/solutions\" target=\"_blank\" rel=\"noopener\">visit our&nbsp;website<\/a>.&nbsp;Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\" target=\"_blank\" rel=\"noopener\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us at&nbsp;<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noopener\">@MSFTSecurity<\/a>&nbsp;for the latest news and updates on cybersecurity.<\/p>\n<p> READ MORE <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/08\/03\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Learn whether a transitional or long-term side-by-side deployment can best serve your migration to Microsoft\u2019s cloud-native SIEM.<br \/>\nThe post How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel appeared first on Microsoft Security Blog. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":42129,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[347],"class_list":["post-42128","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-03T16:00:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"801\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel\",\"datePublished\":\"2021-08-03T16:00:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/\"},\"wordCount\":1225,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel.jpg\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/\",\"name\":\"How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel.jpg\",\"datePublished\":\"2021-08-03T16:00:30+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel.jpg\",\"width\":1200,\"height\":801},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/cybersecurity\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/","og_locale":"en_US","og_type":"article","og_title":"How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-08-03T16:00:30+00:00","og_image":[{"width":1200,"height":801,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel","datePublished":"2021-08-03T16:00:30+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/"},"wordCount":1225,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel.jpg","keywords":["Cybersecurity"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/","url":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/","name":"How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel.jpg","datePublished":"2021-08-03T16:00:30+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel.jpg","width":1200,"height":801},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/how-to-manage-a-side-by-side-transition-from-your-traditional-siem-to-azure-sentinel\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/www.threatshub.org\/blog\/tag\/cybersecurity\/"},{"@type":"ListItem","position":3,"name":"How to manage a side-by-side transition from your traditional SIEM to Azure Sentinel"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/42128","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=42128"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/42128\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/42129"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=42128"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=42128"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=42128"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}