Azure-Sentinel/Hunting Queries
v-atulyadav 2d338f2024
Merge pull request #10324 from Azure/v-shukore/HQ
Missing file extension
2024-04-18 16:07:02 +05:30
..
ASimProcess up ver 2023-09-20 14:53:19 +03:00
ASimRegistry Remaining tagging 2022-11-01 18:42:28 +05:30
AWSCloudTrail Skip validations for hunting Queries and Analytic Rules 2022-10-13 16:28:02 +05:30
AuditLogs Azure Active Directory to Entra ID 2023-11-11 16:56:17 +05:30
AzureActivity Corrects cloudshell query logic (OperationName field is always empty). 2023-06-28 15:19:09 +03:00
AzureDevOpsAuditing Azure Active Directory to Entra ID 2023-11-11 16:56:17 +05:30
AzureDiagnostics Packaging Web Shells Threat Protection 2023-05-23 11:29:35 +05:30
AzureStorage Azure Active Directory to Entra ID 2023-11-11 16:56:17 +05:30
BehaviorAnalytics Azure Active Directory to Entra ID 2023-11-11 16:56:17 +05:30
CommonSecurityLog updating whitespaces 2023-02-28 19:31:27 +05:30
DnsEvents File path update hunting queries 2023-02-23 14:55:16 +05:30
GitHub Updated HQ description for 255 char limit 2023-08-11 17:30:43 +05:30
LAQueryLogs Hunting Queries KQL Validations 2023-02-07 16:48:24 +05:30
Microsoft 365 Defender Merge pull request #10324 from Azure/v-shukore/HQ 2024-04-18 16:07:02 +05:30
MultipleDataSources Update PrivilegedAccountPasswordChanges.yaml 2023-12-15 11:16:46 +05:30
OfficeActivity BEC threat ceentric Solution Packaging 2023-08-04 16:49:31 +05:30
ProofpointPOD Updating description 2023-02-28 18:46:12 +05:30
SQLServer updating commas 2023-02-28 16:37:12 +05:30
SecurityAlert Updating versions 2023-05-03 11:40:31 +05:30
SecurityEvent Azure Active Directory to Entra ID 2023-11-11 16:56:17 +05:30
SigninLogs Revert "Repackaging BusineessEmail Solution" 2024-03-04 19:39:25 +05:30
Syslog Updated versions 2023-08-11 18:05:05 +05:30
ThreatIntelligenceIndicator Merge branch 'master' into v-vdixit/file-path-update3 2023-02-28 18:54:19 +05:30
W3CIISLog Updated for review comments 2023-08-17 09:47:55 +05:30
WireData Updated versions 2023-08-11 18:05:05 +05:30
ZoomLogs Updated versions 2023-08-11 18:05:05 +05:30
QUERY_TEMPLATE.md Couple additional fixes 2021-02-01 08:22:36 -08:00
readme.md Updating the name from “Azure Sentinel” to “Microsoft Sentinel” for Detection and Hunting Queries. 2021-11-09 18:41:23 -08:00

readme.md

About

This folder contains Hunting Queries based on different types of data sources that you can leverage in order to perform broad threat hunting in your environment.

For general information please start with the Wiki pages.

More Specific to Hunting Queries:

Feedback

For questions or feedback, please contact AzureSentinel@microsoft.com