is it possible to administrate Azure Sentinel Watchlists through Powershell, like Rules with Az.SecurityInsights?
Aim is to keep Watchlist references in outer VCS for simpler manipulation, and sync it with Powershell to remote.
Thanks,
Work on this seems to be coming, recently announced Microsoft Sentinel Repositories allows your VCS (GitHub or Azure DevOps) to sync to Sentinel:
With some small modifications, (edit the files in the .sentinel/ folder you can deploy watchlist as well. at this moment only additions are processed through this trick, but real support might be coming.
Some more info: https://www.oppedijk.com/2021/11/18/Sentinel-CD-Repository.html