Microsoft reveals pricing for its cloud-based Azure Sentinel SIEM service

Microsoft announces general availability for its Azure Sentinel security event and log analytics service

Credit: ID 147564143 © Illuminaphoto |

Microsoft has announced general availability of its Azure Sentinel cloud security analytics platform. 

Microsoft announced Azure Sentinel earlier this year in preview and this week announced general availability as well as pricing that Australian customers will be paying for the service. 

Azure Sentinel is a Azure cloud-based alternative to locally hosted Security Information and Event Management (SIEM) tools.

SIEM solutions help security teams collect and analyze log data generated from an organization’s systems, applications, firewalls and antivirus systems to help them then identify and categorize security events. 

SIEM has become popular because of the analytics capabilities that offer threat intelligence capabilities. Top SIEM vendors historically have included HPE, IBM, Splunk, LogRhythm, Micro Focus, Solar Winds, and Trustwave. 

But now both Microsoft and Google parent Alphabet, via Google Cloud’s Backstory, have entered the market with their own cloud SIEM offerings. Backstory, which was announced in March, differentiates its service by offering unlimited data versus SIEMs that charge by data storage volumes or usage. 

Microsoft is billing customers based how much data is ingested for analysis in Azure Sentinel and how much data is stored in the Azure Monitor Log Analytics workspace for analysis. There are also data retention costs.

The company is offering customers discounted reserved capacity pricing as well as pay-as-you-go prices. 

The pay-as-you-go option for Australian customers using Azure Sentinel in Microsoft’s Australia East region costs $3.99 per GB. 

Pay-as-you-go for Azure Monitor Log Analytics allows for 5GB of free data ingestion after which the rate is $4.585 per GB. Data retention for analysis has free limits of 31 days or 90 days and after that rates apply.    

Customers using Microsoft’s reserved capacity pricing are looking at $199.09 per day for 100 GB space in the Australia East region, equating to a discount of 50%. A 60% discount is available for reserved capacity of 500 GB per day. 

“Infrastructure costs are reduced since you automatically scale resources as you need, and you only pay for what you use,” said Ann Johnson, corporate vice president of Microsoft’s Cybersecurity Solutions Group.

“Or you can save up to 60 percent compared to pay-as-you-go pricing by taking advantage of capacity reservation tiers. You receive predictable monthly bills and the flexibility to change capacity tier commitments every 31 days. On top of that, bringing in data from Office 365 audit logs, Azure activity logs and alerts from Microsoft Threat Protection solutions doesn’t require any additional payments,” she added. 

Tags SIEMMicrosoftazure

Show Comments