Azure-Sentinel

Граф коммитов

Автор	SHA1	Сообщение	Дата
v-atulyadav	7e0c50c538	Standalone metadata updates (#7914 ) * Standalone metadata updates * Update WorkbooksMetadata.json * Updated kind * Update kind	2023-04-28 10:10:42 +05:30
v-atulyadav	01f7bb730e	Duplicate Content (#7786 ) * Duplicate Content * Update WorkbooksMetadata.json	2023-04-12 10:04:25 +05:30
v-dvedak	850a95b987	Merge pull request #7295 from Azure/v-vdixit/KQL-hunting-queries-validation-tests Hunting Queries KQL Validation tests	2023-04-04 18:37:59 +05:30
Pete Bryan	735a9d926d	Merge pull request #7608 from Azure/pebryan/2023_3_20_NewQueries New queries for AAD Connect and OAuth app abuse	2023-03-28 07:03:53 -07:00
Pete Bryan	85a5fa653d	Moved to use inbuilt query	2023-03-27 15:12:12 -07:00
v-vdixit	7d2f05f47d	Merge branch 'master' into v-vdixit/KQL-hunting-queries-validation-tests	2023-03-27 12:37:37 +05:30
Pete Bryan	0325cf17a8	New queries	2023-03-20 16:51:25 -07:00
v-rbajaj	7108144ae4	Repackaging Microsoft 365	2023-03-20 19:18:16 +05:30
Samik Roy	625914dd11	Update Active Directory Sensitive Group Modifications.yaml Bug fix for #7529	2023-03-14 23:52:51 +05:30
v-dvedak	86a9c70dcd	Merge pull request #7398 from yangsa666/patch-1 Adding hint.strategy=native to support more partitions	2023-03-03 12:25:49 +05:30
v-dvedak	8347232f97	Merge pull request #7413 from Azure/v-vdixit/file-path-update3 File path update for hunting queries	2023-03-01 15:02:51 +05:30
v-vdixit	377fc2478e	updating path1	2023-03-01 13:55:05 +05:30
v-vdixit	aa8d29521c	updating AzureVirtualNetworkSubnets	2023-03-01 13:50:52 +05:30
v-dvedak	da1cf1041b	Merge pull request #7282 from Azure/v-vdixit/KQL-validation-fix-for-Multiple-solutions KQL validations for Hunting Queries for multiple solutions	2023-03-01 12:32:20 +05:30
v-dvedak	be6b439e8e	Merge pull request #6925 from referefref/patch-1 Update AWSBucketAPILogs-SuspiciousDataAccessToS3BucketsfromUnknownIP.…	2023-03-01 10:43:37 +05:30
DixitVedanshi	0277f7811b	updating whitespaces	2023-02-28 19:31:27 +05:30
v-vdixit	c1061631e5	Merge branch 'master' into v-vdixit/file-path-update3	2023-02-28 18:54:19 +05:30
DixitVedanshi	debfbfb031	Updating description	2023-02-28 18:46:12 +05:30
DixitVedanshi	cf41450869	updating quotes	2023-02-28 18:37:37 +05:30
v-vdixit	adf2433a8d	Updating ProofpointPODHighScoreAdultValue.yaml	2023-02-28 18:03:56 +05:30
v-vdixit	d9c8af19eb	Updating UseragentExploitPentest	2023-02-28 18:02:53 +05:30
v-vdixit	76dac88a91	Updating quotes	2023-02-28 18:01:57 +05:30
v-vdixit	491992bb8f	updating quotes	2023-02-28 18:01:32 +05:30
v-vdixit	99a4f75d27	update RiskyCommandB64EncodedInUrl.yaml	2023-02-28 17:59:55 +05:30
v-vdixit	724e15e086	Updating quotes	2023-02-28 17:59:19 +05:30
v-vdixit	42a2b2d4e8	updating quotes	2023-02-28 17:58:45 +05:30
v-dvedak	43be861c9b	Merge pull request #7414 from Azure/v-vdixit/file-path-update4 Hunting Queries files' path update	2023-02-28 16:56:14 +05:30
v-vdixit	cfb24961d3	updating commas	2023-02-28 16:37:12 +05:30
v-vdixit	97c86eeb76	Updating text in solution update	2023-02-27 13:56:21 +05:30
v-dvedak	8b13172b24	Merge pull request #7156 from pensivepaddle/patch-3 Update Endpoint Agent Health Status Report.yaml	2023-02-27 13:41:56 +05:30
DixitVedanshi	af79e08eec	Hunting Queries files path update	2023-02-23 15:10:55 +05:30
DixitVedanshi	03b2157173	File path update hunting queries	2023-02-23 14:55:16 +05:30
Sa Yang	b5c8ed5370	Adding hint.strategy=native in partition operator to support more partitions Current query only supports ReportId partitions less than 64. But normal scenario is over 64. Adding hint.strategy=native in partition operator to address this. Reference: https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/partitionoperator	2023-02-22 13:56:33 +08:00
v-atulyadav	aa23c7ca8f	Update Endpoint Agent Health Status Report.yaml	2023-02-22 09:21:54 +05:30
pensivepaddle	6b65351987	Update Endpoint Agent Health Status Report.yaml contains -> has	2023-02-17 15:18:23 +01:00
v-dvedak	560ebc6fbe	Updated OfficeMailForwarding_hunting.yaml for correct link (#7303 ) * Updated OfficeMailForwarding_hunting.yaml for correct link * Path update for hunting queries --------- Co-authored-by: PrasadBoke <v-prasadboke@microsoft.com>	2023-02-09 19:12:09 +05:30
ref	0407141d9c	Update AWSBucketAPILogs-SuspiciousDataAccessToS3BucketsfromUnknownIP.yaml Resolved missing field in base query (Line 22) by changing data source to AWSS3BucketAPILogParsed	2023-02-08 13:40:51 +08:00
DixitVedanshi	9b4832f52c	Hunting Queries KQL Validations	2023-02-07 16:48:24 +05:30
DixitVedanshi	0b848f0d64	KQL-validations-failures-fixed-for-multiple-solutions	2023-02-06 19:25:04 +05:30
mkchiliveri	f81a3e98f6	Fixed Hunting Queries.	2023-02-02 17:27:09 +05:30
pensivepaddle	7814ae527b	Update Endpoint Agent Health Status Report.yaml Changed from NULL to N/A for added logic for aggregation.	2023-01-27 11:02:30 +01:00
v-sabiraj	ff2435f869	Updating reference for solutions	2023-01-27 14:42:59 +05:30
pensivepaddle	c3d89dd54c	Update Endpoint Agent Health Status Report.yaml Extened query to include Linux and macOS evaluations where applicable.	2023-01-26 12:15:50 +01:00
ref	3b4ee45d3c	Update AWSBucketAPILogs-SuspiciousDataAccessToS3BucketsfromUnknownIP.yaml Removed timegenerated from line 23 as not required	2023-01-13 13:23:42 +08:00
v-dvedak	c184159639	Merge pull request #6901 from Azure/fix_invalid_yaml Fix invalid yaml issues in "Find Software By Name and Version.yaml"	2023-01-11 10:40:13 +05:30
aprakash13	0a4bc57acd	Merge pull request #6908 from BlackB0lt/patch-7 Create detect-av-edr-privileged-delete-vulnerability.yaml	2023-01-05 00:04:50 -08:00
v-sabiraj	82b55ce83d	Merge branch 'master' into v-sabiraj-SyslogTemplateSpecSolution	2023-01-02 20:14:31 +05:30
Sittikorn S	c4a85e5952	Update detect-av-edr-privileged-delete-vulnerability.yaml	2022-12-30 21:22:35 +07:00
v-sabiraj	66fbce079b	Adding files for hunting queries	2022-12-30 12:58:14 +05:30
v-sabiraj	0c5745576a	Update NetworkConnectionldap_log4j.yaml	2022-12-30 12:42:45 +05:30

1 2 3 4 5 ...

1827 Коммитов