KQL Query
Posts
Categories
whoami
Projects
Events
KQL News
KQL Query
Cancel
Posts
Categories
whoami
Projects
Events
KQL News
Sentinel
2024
UAL = Unaligned Activity Logs
11-14
Use Cases For Sentinel Summary Rules
09-11
Sentinel Automation Part 2: Automate CISA Known Exploited Vulnerability Notifications
08-14
Investigating Microsoft Graph Activity Logs
05-02
Sentinel Automation Part 1: Enriching Sentinel Incidents with KQL Results
04-10
Detecting Post-Exploitation Behaviour
02-29
KQL Security Sources - 2024 Update
01-14
2023
From Threat Report to (KQL) Hunting Query
11-29
Incident Response Part 1: IR on Microsoft Security Incidents (KQL edition)
09-29
Threat Hunting: Encoded PowerShell
09-21
KQL Functions For Security Operations
09-15