Create a Word report of all Microsoft Sentinel solution resources

Introduction

Microsoft Sentinel has solutions, under Content hub, that can be used to install multiple Microsoft Sentinel resources at one time. These resources include

• Data connectors
• Analytic Rules
• Hunting Queries
• Workbooks
• Playbooks
• Parsers

This makes is much easier to install what you need when you need it. With the upcoming change coming so that all the out-of-the-box content is moving to solutions (see Out-of-the-box (OOTB) content centralization changes – Microsoft Sentinel | Microsoft Learn for more information), it is more imperative that you know what each solution will provide or which solution to install to get the resources you want.

You can click on each solution and see what it contains, but that is a bit of a pain. With that in mind, I have created a PowerShell script that will create a Word document that contains this information.

The script, and a Word document that contains all the information, is available at garybushey/CreateSolutionReport: Create a word document showing all the resources in all the MS Sentinel solutions (github.com)

The Script

There really isn’t anything too special about this script. I did have to do some research on how to create a Word document through PowerShell, but there are plenty of web pages that provide that information. It actually took me longer to decide how to format the document (and I hope you like it) than to write the code to generate the file.

The rest of the script was just figuring out how all the information was stored.

Summary

This script will generate a Word document containing all the resources in all the Microsoft Sentinel solutions. Hope it helps!