microsoft / KqlToolsLinks
A command line tool to explore real-time streams of events.
☆87Updated 7 months ago
Alternatives and similar repositories for KqlTools
Users that are interested in KqlTools are comparing it to the libraries listed below
Sorting:
- ☆67Updated 3 years ago
- KQL queries☆13Updated 6 years ago
- AzureLogLibrary - repository used for Azure logging with ARM-templates, scripts, documentation to deploy DCRs, extensions, etc☆13Updated 2 years ago
- Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily☆155Updated last week
- Assess Azure Security State☆37Updated last year
- Solution to deploy a Sentinel playground demo environment☆56Updated 2 years ago
- ☆213Updated 3 months ago
- Collection of Microsoft Identity Threat Detection and Response resources.☆49Updated last month
- Repository for public site hosting graph permissions☆28Updated 2 months ago
- ☆18Updated 3 years ago
- A collection of scripts and works related to Azure Sentinel☆41Updated 3 years ago
- KQL example queries for working in Azure☆34Updated last year
- KQL queries for Advanced Hunting☆175Updated 5 years ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆39Updated last week
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆78Updated last year
- ClientInspectorV2 - Unleashing the power of Azure LogAnalytics, Azure Data Collection Rules, Log Ingestion API by doing client inventory …☆25Updated 2 years ago
- Sentinel Analytics Rule converter PowerShell module☆65Updated 8 months ago
- Deploying and Managing Azure Sentinel – Ninja style☆32Updated 4 years ago
- PowerShell Module for managing Microsoft Defender Advanced Threat Protection☆73Updated 2 years ago
- ☆39Updated 4 years ago
- Public content repo for ATA documentation in OPS☆75Updated 7 months ago
- PowerShell module to manage Azure Active Directory app credentials.☆119Updated last year
- KQL queries for cyber defense and for solving daily issues☆52Updated 2 months ago
- M365 MDATP Live Response sample scripts☆79Updated 11 months ago
- Sharing my KQL queries for Azure Sentinel☆186Updated last week
- Defender for Endpoint☆27Updated last year
- Microsoft Defender ATP Manageability and Maintenance scripts☆27Updated 2 years ago
- Microsoft Entra ID App Audit Solution (AADAppAudit)☆83Updated last year
- Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC☆48Updated this week
- Docs and samples for privileged identity and access management in Microsoft Azure and Microsoft Entra.☆173Updated 2 weeks ago