Azure-Sentinel/Hunting Queries/SecurityEvent/PotentialImpacketExecution.yaml

    id: 11c3b83c-39e6-4ad1-8067-90eac05b27b3
    name: Potential Impacket Execution
    description: |
       'As part of content migration, this file is moved to new location. you can find here: https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Attacker%20Tools%20Threat%20Protection%20Essentials/Hunting%20Queries/PotentialImpacketExecution.yaml'