microsoft / KqlToolsLinks
A command line tool to explore real-time streams of events.
☆85Updated 3 months ago
Alternatives and similar repositories for KqlTools
Users that are interested in KqlTools are comparing it to the libraries listed below
Sorting:
- This is an advanced KQL blog series and book☆114Updated last month
- Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily☆137Updated this week
- A collection of scripts and works related to Azure Sentinel☆42Updated 2 years ago
- ☆38Updated 3 years ago
- Sharing my KQL queries for Azure Sentinel☆173Updated this week
- A guide to using Azure Data Explorer and KQL for DFIR☆103Updated 3 years ago
- example queries for learning the kusto language☆100Updated 3 years ago
- KQL queries for Advanced Hunting☆172Updated 5 years ago
- ☆67Updated 3 years ago
- AzureLogLibrary - repository used for Azure logging with ARM-templates, scripts, documentation to deploy DCRs, extensions, etc☆13Updated last year
- KQL queries for cyber defense and for solving daily issues☆50Updated last week
- Repository for public site hosting graph permissions☆28Updated this week
- ☆188Updated last month
- This repository includes the parsers necessary for Microsoft Network Monitor to parse etl logs generated by Packet Monitor (Pktmon).☆21Updated 2 years ago
- PowerShell module to manage Azure Active Directory app credentials.☆117Updated last year
- Public content repo for ATA documentation in OPS☆74Updated 3 months ago
- Collection of Microsoft Identity Threat Detection and Response resources.☆44Updated this week
- M365 MDATP Live Response sample scripts☆71Updated 7 months ago
- Docs and samples for privileged identity and access management in Microsoft Azure and Microsoft Entra.☆159Updated last week
- A collection of ARM-based detections for Azure/AzureAD based TTPs☆86Updated last year
- Microsoft Defender ATP Manageability and Maintenance scripts☆27Updated last year
- Deploying and Managing Azure Sentinel – Ninja style☆31Updated 4 years ago
- In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…☆123Updated last week
- Sentinel Analytics Rule converter PowerShell module☆62Updated 4 months ago
- Assess Azure Security State☆36Updated last year
- Extension (Magic) to Jupyter notebook and Jupyter lab, that enable notebook experience working with Kusto, ApplicationInsights, and LogAn…☆89Updated 8 months ago
- Sample queries for Advanced hunting in Microsoft Defender ATP☆37Updated 3 years ago
- ☆42Updated 4 years ago
- This is a repository for the Microsoft Defender Masterclass series.☆30Updated 3 years ago
- Solution to deploy a Sentinel playground demo environment☆56Updated last year