Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Перейти к файлу
kfirbehar 8aa82021a3 Fix IoT workbook template bugs 2020-07-09 10:56:03 +03:00
.azure-pipelines Documentation links should not include locale - fix and add validations (#678) 2020-05-13 15:07:12 +03:00
.github Rename PULL_REQUEST_TEMPLATE/pull_request_template.md to .github/PULL_REQUEST_TEMPLATE/pull_request_template.md 2019-04-02 10:46:50 +03:00
.script update PR validation readme file (#682) 2020-05-14 12:37:17 +03:00
.vscode Add infrastructure for PR validation (#456) 2020-01-30 15:47:21 +02:00
BYOML Updated library version. 2019-11-08 10:20:57 -08:00
Dashboards Update DashboardsMetadata.json 2019-07-31 19:01:59 +03:00
DataConnectors Update Beyond Security beSECURE.json 2020-07-08 18:08:13 -07:00
Detections adding Eset SMC parser (#476) 2020-07-08 17:55:11 -07:00
Exploration Queries update description 2020-07-08 08:50:10 +03:00
Functions Moved parsers to Parsers directory, and reworked crypto currency miners hunting query into yaml and placed in Hunting Queries directory 2020-04-17 09:55:41 +00:00
Hunting Queries updated missing connectorId and datatypes 2020-07-06 10:39:35 -07:00
Logos adding Eset SMC parser (#476) 2020-07-08 17:55:11 -07:00
Notebooks@4d7a341abf Update notebooks 2020-07-08 16:50:32 -07:00
Parsers ACNCD_DataConnectors_final (#767) 2020-07-07 15:25:53 -07:00
Playbooks Change date, using old testing date 2020-06-18 14:27:50 -04:00
QueryLanguageSamples Adding current items (#11) 2019-01-18 14:20:01 +00:00
Sample Data adding Eset SMC parser (#476) 2020-07-08 17:55:11 -07:00
Tools quick readme update (#836) 2020-07-08 11:02:36 -07:00
Workbooks Fix IoT workbook template bugs 2020-07-09 10:56:03 +03:00
docs Add files via upload 2019-02-28 02:08:02 -08:00
.gitignore Merge branch 'master' into master 2020-06-28 22:10:54 -07:00
.gitmodules Adding Azure-Sentinel-Notebooks as submodule of Azure-Sentinel 2020-04-30 10:47:38 -07:00
CODEOWNERS Update CODEOWNERS 2020-04-07 08:10:42 -04:00
LICENSE Initial commit 2018-08-17 19:25:18 -07:00
README.md Update README.md 2020-02-27 07:57:36 -08:00
azure-pipelines.yml Documentation links should not include locale - fix and add validations (#678) 2020-05-13 15:07:12 +03:00
package-lock.json Documentation links should not include locale - fix and add validations (#678) 2020-05-13 15:07:12 +03:00
package.json Documentation links should not include locale - fix and add validations (#678) 2020-05-13 15:07:12 +03:00
tsconfig.json fix tsconfig.json file (#416) 2019-12-19 02:36:56 +02:00

README.md

Azure Sentinel

Welcome to the Azure Sentinel repository! This repository contains out of the box detections, exploration queries, hunting queries, workbooks, playbooks and much more to help you get ramped up with Azure Sentinel and provide you security content to secure your environment and hunt for threats. You can also submit to issues for any samples or resources you would like to see here as you onboard to Azure Sentinel. This repository welcomes contributions and refer to this repository's wiki to get started. For questions and feedback, please contact AzureSentinel@microsoft.com

Resources

We value your feedback. Here are some channels to help surface your questions or feedback:

  1. General product specific Q&A – Join in the Azure Sentinel Tech Community conversations
  2. Product specific feature requests – Upvote or post new on Azure Sentinel feedback forums
  3. Report product or contribution bugs – File a GitHub Issue using Bug template
  4. General feedback on community and contribution process – File a GitHub Issue using Feature Request template

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

Add in your new or updated contributions to GitHub

Brand new or update to a contribution via these methods:

Pull Request

  • After you push your changes, you will need to submit the Pull Request (PR)
  • After submission, check the Pull Request for comments
  • Make changes as suggested and update your branch or explain why no change is needed. Resolve the comment when done.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

For information on what you can contribute and further details, refer to the "get started" section on the project's wiki.