Here are
43 public repositories
matching this topic...
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Bi-weekly hunting queries
Repository with Sample KQL Query examples for Threat Hunting
Kirby's Query Language API combines the flexibility of Kirby's data structures, the power of GraphQL and the simplicity of REST.
KQL queries for Advanced Hunting
example queries for learning the kusto language
Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Query Kusto like a pro from the comfort of your Jupyter notebook
Updated
Apr 12, 2022
Python
Parse pfSense/OPNSense logs using Logstash, GeoIP tag entities, add additional context to logs, then send to Azure Sentinel for analysis.
Collection of Azure Resource Graph queries for use in Portal and via PowerShell - by
@jesseloudon
A collection of sample dashboards, custom labels, mustaches, SQL scripts and PowerShell scripts to help you get the most out of SquaredUp. #community-powered
Updated
Apr 12, 2022
PowerShell
Microsoft 365 Advanced Hunting Queries
A collection of things I've created or found that I think is useful for Azure Sentinel.
Updated
Jul 5, 2022
Jupyter Notebook
A self-contained execution engine for the Kusto Query Language (KQL) written in C#
A technical blog about Kusto
Awesome KQL queries for KQL Ninjas
Golang interpreter for the Kibana Query Language (KQL)
Kirby as a Headless CMS (Kirby + KQL)
Microsoft related PowerShell scripts and KQL queries
Updated
Jan 3, 2022
PowerShell
Windows Service of Syslog listener and send the messages to Azure Monitor
KQL queries for monitor log analytics
Everything around the topic of KQL in Azure.
SvelteKit frontend for Kirby CMS + KQL backend
Updated
Jun 27, 2021
JavaScript
Defender for Endpoint Advanced Hunting Queries
Simple KQL query that can be run either in MD for Endpoint (Threat hunting or Custom indicator) or in Azure Sentinel (Threat hunting or analytics rule).It's looking for 4 known IOCs related to the Kaseya attack
A collection of MDE KQL hunting queries useful for incident response and threat hunting.
Static class method, Uniform-Guard and Field-Method to filter your "dirty" HTML inputs to "clean" HTML.
Improve this page
Add a description, image, and links to the
kql
topic page so that developers can more easily learn about it.
Curate this topic
Add this topic to your repo
To associate your repository with the
kql
topic, visit your repo's landing page and select "manage topics."
Learn more
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.