Blog | water IT Security GmbH

My name is Phillipe, and I work in IT Security as a IT Security Consultant. I have deep expertise in Microsoft Sentinel as well as the broader Microsoft Defender XDR. I help organisations sharpen their security posture by architecting and implementing advanced detection-and-response strategies. From designing data-ingestion pipelines and fine-tuning log parsers to building KQL-based analytics rules, workbooks and automated playbooks, I deliver pragmatic solutions to complex security challenges. My mission is to build a cost-efficient Sentinel deployments that still surface all the insights a company needs to stay secure against modern threats.

06.06.2025

Ingesting custom logs from Microsoft Sentinel Auxiliary tables using Logstash

On July 25, 2024 Microsoft announced the public preview for auxiliary logs. To date (May 2025) no general availability launch has been announced, however it can be used by anyone as it is in public preview. Since then, Sentinel Professionals have been trying their hand at working implementations for Auxiliary Logs.

Back to all blogs