You can either have an automated Cyber Threat Intelligence feed (STIX/TAXII) or your threat indicators can be added manually in the form of IP, Domain, URL File hash. Let's run through the manual process.
All CTI entries aren't just available to view in the "Threat Intelligence" page - they are stored in the Log Analytics Workspace table "ThreatIntelligenceIndicator". Here you will find the manually submissions, but also any automated feeds from STIX/TAXII.
General Availability of Azure Sentinel Threat Intelligence in Public and Azure Government cloud