Azure
/
Azure-Sentinel
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
1 916 коммитов 3 317 Ветки 0 Теги 10 GiB
Граф коммитов

79 Коммитов

Автор SHA1 Сообщение Дата
Ian Hellen 503e6413ba Updated Readme to point users to new GitHub location 2019-11-01 16:22:01 -07:00
yoshiomura 8af92bd7bf
added nbwidgets to load properly 2019-10-16 13:57:17 +09:00
Sridhar Periyasamy ee74fc6256 Fix typo in command 2019-10-09 13:17:54 -07:00
Sridhar Periyasamy 12b9666f3d Address feedback to use config.json to get tenantid and workspaceid. 2019-10-09 13:14:10 -07:00
Sridhar Periyasamy f8cb8da3c7 Enable highlighting of neigbouring nodes on 'click' event. 
Also add 'azure-cli-core' package dependency.
 2019-10-08 17:26:07 -07:00
Sridhar Periyasamy 1efc7d4025 Initial commit for User Security Metadata notebook 
This notebook will provide a step-by-step instrucstions on how to consume and understand the analytics data in Sentinel.
 2019-10-07 14:25:58 -07:00
Zhipeng Zhao 903d07b36d Changes based on comments 2019-10-03 13:18:44 -07:00
Zhipeng Zhao 9ae4c99f28 Hunting Bookmark Library 2019-10-01 16:56:31 -07:00
Zhipeng Zhao 98580f7db4 Drop AAD as well 2019-09-23 13:54:53 -07:00
Zhipeng Zhao 5b46e1e23a Enable notebooks end-to-end test and clean up python modules 2019-09-20 16:55:32 -07:00
Zhipeng Zhao 136b237916 Update Anomaly Lookup due to Azure Cli changes 2019-08-28 11:08:44 -07:00
Zhipeng Zhao 122a922fdb Anomaly lookup query update 2019-08-26 16:12:05 -07:00
Zhipeng Zhao 050a2b6ab1 Adding Anomaly Lookup notebook 2019-07-31 11:16:22 -07:00
Zhipeng Zhao ec68aaba62 Renaming for PR 2019-07-30 14:38:05 -07:00
Zhipeng Zhao ed356a799c Python modules update for GA 2019-07-30 09:08:55 -07:00
Zhipeng Zhao d25eead4ee Remove notebooks 2019-06-14 11:33:57 -07:00
Zhipeng Zhao 0af727477d Update Anomaly Lookup query and flow 2019-06-12 09:45:30 -07:00
Zhipeng Zhao efe16f8d00 Add Forensics notebooks 2019-06-10 14:40:23 -07:00
zhzhao8888 df24aff12f
Merge pull request #172 from Azure/zhzhao8888/feature/forensics_mod 
Initial check in for forensics python modules
 2019-06-07 16:08:20 -07:00
Zhipeng Zhao 070313cafd Add short documentation to modules 2019-06-07 14:44:40 -07:00
Zhipeng Zhao 593cc115a1 Initial check in for forensics python modules 2019-06-05 15:57:11 -07:00
Ian Hellen ed682b155f Import, browse, convert and run Sigma rules in Azure Sentinel 2019-05-31 11:14:47 -07:00
Ian Hellen 6e452f8108 Changes for part 3 of blog 2019-05-13 09:52:51 +03:00
juliango2100 b47cc9a9af
Removed wording 
Removed wording regarding large enterprises...
 2019-04-24 17:15:18 -07:00
Zhipeng Zhao 283e80754a change all notebooks to 3.6 2019-04-23 17:17:49 -07:00
shainw b63baac09d Adding a couple of interesting queries I threw together while doing r… (#142) 
* Adding a couple of interesting queries I threw together while doing research
* minor reformatting. put smaller table on LHS of join.
 2019-04-15 13:57:44 +01:00
Ian Hellen af1c58a953 Partial update of example notebook for blog. 
Adding generic setup mini-notebook to remove repetetive code from start of notebooks.
 2019-04-09 16:19:12 -07:00
Ian Hellen 53f4d0bf3c Updates to sample notebook for blog 2019-04-05 19:43:59 -07:00
zhzhao8888 c516357aac
Add files via upload 2019-03-26 17:29:34 -07:00
zhzhao8888 8f7c2aa036
Add files via upload 2019-03-26 17:28:54 -07:00
zhzhao8888 8d949c16cd
Add files via upload 2019-03-26 17:28:28 -07:00
zhzhao8888 f7346d6ccb
Adding notebook for PowerShell 2019-03-19 17:24:21 -07:00
Ian Hellen c57c96b9b2 Bug/reliability fixes for RSA based on new demo environment data and … (#118) 
* Bug/reliability fixes for RSA based on new demo environment data and alert formats.

Added two reliable demo notebooks - Demo - Guided Hunting - Linux-Windows-Office and Demo - Guided Investigation - Process-Alerts - both reference V4 environment.
Change pip installs to always reference user locations - DSVM prevents machine installs if user is not admin.

* Couple of omissions
 2019-03-04 11:47:46 +00:00
juliango2100 d14ca15b78
Update README.md 2019-02-28 09:13:22 -08:00
zhzhao8888 7bf3b4580a
Add files via upload 2019-02-27 16:41:48 -08:00
zhzhao8888 78d2313a99
Add files via upload 2019-02-27 16:41:22 -08:00
Ian Hellen 50d6b4b645 Removed msticpy tools 2019-02-27 14:18:59 -08:00
Ian Hellen 4cee5d2cdb Stripping VT key from the example notebook 2019-02-27 13:06:21 -08:00
Ian Hellen 6b62310aef Merge remote-tracking branch 'origin/master' into Notebook_fixes_#3 
# Conflicts:
#	Notebooks/Get Started.ipynb
 2019-02-27 12:49:34 -08:00
Ian Hellen 9b9ec17cef Notebook fixes + Sample notebooks with data + vis 2019-02-27 11:49:17 -08:00
Zhipeng Zhao 620be5b4ce Change it back 2019-02-26 17:51:42 -08:00
zhzhao8888 6b114c2aff
Add files via upload 2019-02-26 13:38:33 -08:00
Julian Gonzalez 37579ee321 Name changes for notebooks 2019-02-25 15:48:22 -08:00
Ian Hellen 35e4b217ff Updated notebooks with GeoIP warning. 
Also added instruction to restart the kernel if they install new versions of libraries
Also added Azure Notebooks - Configure Python Version notebook.
 2019-02-25 12:54:31 -08:00
Ian Hellen 7cfe82efd1 O365Explorer and WindowsHostExplorer notebooks 
Fixes for Alert Investigation - Process Alerts notebook.
Minor updates to Demo notebook.
Also added requirements.txt for configuring AzureNotebooks projects.
 2019-02-24 20:47:44 -08:00
Zhipeng Zhao 076986d2ed Title font 2019-02-22 12:48:47 -08:00
zhzhao8888 bfb9d3a6bd
Add files via upload 2019-02-22 12:47:56 -08:00
Zhipeng Zhao 83675bdcd8 Adding help.md 2019-02-22 11:27:39 -08:00
Ian Hellen 0d3cda83bd Additional notebook fixes 
Added demo notebook - Demo - Linux-Windows-Office Investigation.ipynb
 2019-02-21 22:18:19 -08:00
Ian Hellen 7002aad3bd Undeleted critical line from both notebooks! 2019-02-20 20:50:59 -08:00