..
ASimProcess
ASIM renames
2022-03-02 15:05:56 -08:00
ASimRegistry
ASIM renames
2022-03-02 15:05:56 -08:00
AWSCloudTrail
Fixing missing day due to midtime usage
2022-05-09 16:02:13 -07:00
AWSS3
Fixing missing day due to midtime usage
2022-05-09 16:02:13 -07:00
AuditLogs
Fixing typos
2022-05-20 17:34:53 -07:00
AzureActivity
Fixing typos
2022-05-20 17:34:53 -07:00
AzureDevOpsAuditing
Revert "Revert "Merge branch 'master' of https://github.com/Azure/Azure-Sentinel ""
2022-01-03 16:21:46 +02:00
AzureDiagnostics
Updated queries as per suggestions from Shain.
2022-04-05 11:02:20 -07:00
AzureStorage
Updating connector to MicrosoftThreatProtection
2022-03-07 09:52:34 -08:00
BehaviorAnalytics
typo fix on UserPrincipalName
2022-05-21 08:03:39 -07:00
CommonSecurityLog
Adding outputs
2022-06-02 15:40:00 +01:00
DnsEvents
Adding additional entity outputs as needed by other tooling and to support future automap of entities similar to Detections
2022-05-20 15:23:48 -07:00
GitHub
Removed the deprecated MITRE techniques from hunting and detection queries and updating them with the latest ones that seem most appropriate.
2021-08-12 10:58:18 -07:00
LAQueryLogs
Update CrossServiceADXQueries.yaml
2022-06-10 09:55:36 +02:00
Microsoft 365 Defender
Merge pull request #5165 from BlackB0lt/patch-6
2022-06-13 18:15:09 -07:00
MultipleDataSources
changes and fixes
2022-05-09 13:12:50 -07:00
OfficeActivity
Adding additional entity outputs as needed by other tooling and to support future automap of entities similar to Detections
2022-05-20 15:23:48 -07:00
ProofpointPOD
Fixes
2021-08-06 14:12:37 -07:00
SQLServer
Updating the name from “Azure Sentinel” to “Microsoft Sentinel” for Detection and Hunting Queries.
2021-11-09 18:41:23 -08:00
SecurityAlert
replacing deprecated parsejson with parse_json
2021-08-17 12:26:48 -07:00
SecurityEvent
Update KrbRelayUpServiceCreation
2022-05-11 20:21:18 +07:00
SigninLogs
Fixing Account entity map for AADUserId
2022-05-23 10:36:07 -07:00
Syslog
Revert "Package Creation for Syslog-- DO NOT MERGE AS 1P" ( #5140 )
2022-05-31 12:36:05 +05:30
ThreatIntelligenceIndicator
Updating TI queries based on feedback and discussions on this PR - #3477 - and I don't want preferences for a specific environment to be included. This includes generic changes that need to be done.
2021-11-29 13:58:28 -08:00
W3CIISLog
Adding additional entity outputs as needed by other tooling and to support future automap of entities similar to Detections
2022-05-20 15:23:48 -07:00
WireData
regex replace with ipv4_is_private
2022-03-14 11:10:08 -07:00
ZoomLogs
Removed the deprecated MITRE techniques from hunting and detection queries and updating them with the latest ones that seem most appropriate.
2021-08-12 10:58:18 -07:00
QUERY_TEMPLATE.md
Couple additional fixes
2021-02-01 08:22:36 -08:00
readme.md
Updating the name from “Azure Sentinel” to “Microsoft Sentinel” for Detection and Hunting Queries.
2021-11-09 18:41:23 -08:00