microsoft / KqlToolsLinks
A command line tool to explore real-time streams of events.
☆87Updated 6 months ago
Alternatives and similar repositories for KqlTools
Users that are interested in KqlTools are comparing it to the libraries listed below
Sorting:
- ☆210Updated 2 months ago
- KQL queries☆13Updated 6 years ago
- AzureLogLibrary - repository used for Azure logging with ARM-templates, scripts, documentation to deploy DCRs, extensions, etc☆13Updated 2 years ago
- ☆67Updated 3 years ago
- This is an advanced KQL blog series and book☆118Updated 3 months ago
- Repository for public site hosting graph permissions☆28Updated last week
- Tools to create a Native Windows Audit Collection Platform. Active Directory example provided☆79Updated 5 years ago
- Assess Azure Security State☆37Updated last year
- KQL example queries for working in Azure☆34Updated last year
- Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily☆149Updated last week
- A graphical ESE (aka ESENT or JET) database viewer.☆25Updated 9 years ago
- Public content repo for ATA documentation in OPS☆74Updated 6 months ago
- A collection of scripts and works related to Azure Sentinel☆42Updated 3 years ago
- Collection of Microsoft Identity Threat Detection and Response resources.☆49Updated 2 weeks ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆79Updated 11 months ago
- KQL queries for Advanced Hunting☆174Updated 5 years ago
- A guide to using Azure Data Explorer and KQL for DFIR☆110Updated 3 years ago
- ☆38Updated 3 years ago
- Solution to deploy a Sentinel playground demo environment☆56Updated 2 years ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆37Updated 6 months ago
- Sentinel Analytics Rule converter PowerShell module☆65Updated 6 months ago
- This repository includes the parsers necessary for Microsoft Network Monitor to parse etl logs generated by Packet Monitor (Pktmon).☆21Updated 2 years ago
- Advanced Hunting Queries for Microsoft Security Products☆108Updated 2 years ago
- ☆18Updated 3 years ago
- PowerShell Script for Agentless Incident Response☆25Updated 7 years ago
- ☆92Updated this week
- Sharing my KQL queries for Azure Sentinel☆184Updated this week
- KQL queries for cyber defense and for solving daily issues☆53Updated 2 weeks ago
- Synchronize database schemas between a Kusto cluster and the local file system☆43Updated 6 months ago
- Microsoft Threat Intelligence☆188Updated this week