Azure Sentinel Queries
This repo contains some custom queries that I wrote for Azure Sentinel in relation to threat hunting. The alerts will end with "extend IPCustomEntity = IPAddress", the others are base queries that are tested manually.
forked from robertmarshii/Azure-Sentinel-Queries
-
Notifications
You must be signed in to change notification settings - Fork 0
yves001/Azure-Sentinel-Queries
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
This repository contains some custom queries for Azure Sentinel in relation to hunting for threats and the creation of alerts.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published