https://kqlquery.com/2026-03-01T15:48:46+01:00https://kqlquery.com/posts/2026-03-01T15:48:46+01:00https://kqlquery.com/posts/dxbp-part1/2026-02-23T00:48:42+01:00https://kqlquery.com/categories/2026-02-23T00:48:42+01:00https://kqlquery.com/categories/detection-engineering/2026-02-23T00:48:42+01:00https://kqlquery.com/tags/kql/2026-02-23T00:48:42+01:00https://kqlquery.com/categories/kql/2026-02-23T00:48:42+01:00https://kqlquery.com/tags/2026-02-23T00:48:42+01:00https://kqlquery.com/categories/threat-hunting/2026-02-23T00:48:42+01:00https://kqlquery.com/categories/defender-for-endpoint/2026-01-26T00:10:00+01:00https://kqlquery.com/posts/defender-endpoint-timeline-internals/2026-01-26T00:10:00+01:00https://kqlquery.com/categories/incident-response/2026-01-26T00:10:00+01:00https://kqlquery.com/categories/soc/2026-01-26T00:10:00+01:00https://kqlquery.com/categories/automation/2026-01-19T17:10:21+02:00https://kqlquery.com/categories/defender-xdr/2026-01-19T17:10:21+02:00https://kqlquery.com/posts/monitor-new-actions-sentinel-defender-xdr/2026-01-19T17:10:21+02:00https://kqlquery.com/categories/sentinel/2026-01-19T17:10:21+02:00https://kqlquery.com/posts/kql-sources-2026/2026-01-05T00:00:05+01:00https://kqlquery.com/posts/graphapiauditevents/2025-08-19T00:16:11+02:00https://kqlquery.com/posts/logicapp-kql-api/2025-07-15T00:00:47+02:00https://kqlquery.com/posts/hunting-api-kql/2025-06-11T00:00:55+02:00https://kqlquery.com/tags/powershell/2025-06-11T00:00:55+02:00https://kqlquery.com/posts/investigate-clickfix/2025-05-06T00:51:12+02:00https://kqlquery.com/posts/monitor-new-actions/2025-01-30T00:28:31+01:00https://kqlquery.com/posts/kql-sources-2025/2025-01-02T00:10:07+01:00https://kqlquery.com/posts/ioc-hunting-at-scale/2026-01-04T12:00:00+02:00https://kqlquery.com/categories/vulnerability-management/2026-01-04T12:00:00+02:00https://kqlquery.com/posts/unified-audit-logs-coverage-gaps/2024-11-14T00:00:32+01:00https://kqlquery.com/posts/devicetvminfogathering/2024-10-10T00:47:49+02:00https://kqlquery.com/posts/sentinel-summary-rules/2024-09-11T00:34:27+02:00https://kqlquery.com/events/2024-08-20T18:05:30+02:00https://kqlquery.com/posts/automatic-cisa-vulnerability-notifications/2024-08-14T00:35:20+02:00https://kqlquery.com/posts/audit-defender-xdr/2026-01-04T12:00:00+02:00https://kqlquery.com/posts/graphactivitylogs/2024-05-02T00:52:46+02:00https://kqlquery.com/posts/sentinel-automation-part1/2026-01-04T15:50:00+01:00https://kqlquery.com/posts/detecting-post-exploitation-behaviour/2024-02-29T00:38:21+01:00https://kqlquery.com/categories/azure-data-explorer/2024-02-14T00:51:33+01:00https://kqlquery.com/posts/incident-response-powershell-v2/2024-02-14T00:51:33+01:00https://kqlquery.com/categories/powershell/2024-02-14T00:51:33+01:00https://kqlquery.com/posts/kql-sources-2024-update/2024-01-14T00:10:07+01:00https://kqlquery.com/posts/prioritize-vulnerabilities-cisa/2023-12-21T00:46:44+01:00https://kqlquery.com/posts/from-threat-report-to-hunting-query/2023-11-29T00:40:54+01:00https://kqlquery.com/tags/enrichment/2023-11-06T00:39:01+02:00https://kqlquery.com/posts/kql-for-network-operations/2023-11-06T00:39:01+02:00https://kqlquery.com/categories/networking/2023-11-06T00:39:01+02:00https://kqlquery.com/tags/soc/2023-11-06T00:39:01+02:00https://kqlquery.com/posts/leveraging-live-response/2023-10-26T00:00:47+02:00https://kqlquery.com/posts/kql-incident-response-everything-else/2023-10-13T00:00:47+02:00https://kqlquery.com/posts/kql-incident-response/2023-09-29T00:00:47+02:00https://kqlquery.com/posts/hunting-encoded-powershell/2023-09-21T01:00:00+02:00https://kqlquery.com/posts/kql-for-security-operations/2023-09-15T11:39:01+02:00https://kqlquery.com/posts/kql_sources/2023-09-07T22:38:33+02:00https://kqlquery.com/projects/2026-01-04T16:02:00+01:00https://kqlquery.com/whoami/2023-08-02T23:12:22+02:00