Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Перейти к файлу
EranToledano d41d6504ca
use unique ids for qualys logo (#861)
2020-07-15 10:36:51 -07:00
.azure-pipelines Documentation links should not include locale - fix and add validations (#678) 2020-05-13 15:07:12 +03:00
.github Rename PULL_REQUEST_TEMPLATE/pull_request_template.md to .github/PULL_REQUEST_TEMPLATE/pull_request_template.md 2019-04-02 10:46:50 +03:00
.script update PR validation readme file (#682) 2020-05-14 12:37:17 +03:00
.vscode Add infrastructure for PR validation (#456) 2020-01-30 15:47:21 +02:00
BYOML Updated library version. 2019-11-08 10:20:57 -08:00
Dashboards Update DashboardsMetadata.json 2019-07-31 19:01:59 +03:00
DataConnectors fix sophos parser link (#860) 2020-07-15 09:30:51 -07:00
Detections Update MalwareAttachmentDelivered.yaml 2020-07-15 10:20:40 -07:00
Exploration Queries Fixed metadata DataSources 2020-07-13 17:13:41 +03:00
Functions Functions to check if daylight savings in US/EU 2020-04-08 11:36:45 -07:00
Hunting Queries fixed Displayname error and change UPN parsing location (#859) 2020-07-15 11:15:59 +03:00
Logos use unique ids for qualys logo (#861) 2020-07-15 10:36:51 -07:00
Notebooks@4d7a341abf Update notebooks 2020-07-08 16:50:32 -07:00
Parsers ACNCD_DataConnectors_final (#767) 2020-07-07 15:25:53 -07:00
Playbooks Merge pull request #800 from Azure/dicolanl-27 2020-07-14 16:47:02 +03:00
QueryLanguageSamples Adding current items (#11) 2019-01-18 14:20:01 +00:00
Sample Data Indicator publish: 7/14/2020 4:49:06 PM 2020-07-14 09:49:07 -07:00
Solutions/Azure Sentinel DevOps Template Merge pull request #854 from Azure/CrisRomeo 2020-07-14 09:36:30 -04:00
Tools quick readme update (#836) 2020-07-08 11:02:36 -07:00
Workbooks use unique ids for qualys logo (#861) 2020-07-15 10:36:51 -07:00
docs Add files via upload 2019-02-28 02:08:02 -08:00
.gitignore Merge branch 'master' into master 2020-06-28 22:10:54 -07:00
.gitmodules Adding Azure-Sentinel-Notebooks as submodule of Azure-Sentinel 2020-04-30 10:47:38 -07:00
CODEOWNERS Update CODEOWNERS 2020-04-07 08:10:42 -04:00
LICENSE Initial commit 2018-08-17 19:25:18 -07:00
README.md Update README.md 2020-02-27 07:57:36 -08:00
azure-pipelines.yml Documentation links should not include locale - fix and add validations (#678) 2020-05-13 15:07:12 +03:00
package-lock.json Documentation links should not include locale - fix and add validations (#678) 2020-05-13 15:07:12 +03:00
package.json Documentation links should not include locale - fix and add validations (#678) 2020-05-13 15:07:12 +03:00
tsconfig.json fix tsconfig.json file (#416) 2019-12-19 02:36:56 +02:00

README.md

Azure Sentinel

Welcome to the Azure Sentinel repository! This repository contains out of the box detections, exploration queries, hunting queries, workbooks, playbooks and much more to help you get ramped up with Azure Sentinel and provide you security content to secure your environment and hunt for threats. You can also submit to issues for any samples or resources you would like to see here as you onboard to Azure Sentinel. This repository welcomes contributions and refer to this repository's wiki to get started. For questions and feedback, please contact AzureSentinel@microsoft.com

Resources

We value your feedback. Here are some channels to help surface your questions or feedback:

  1. General product specific Q&A – Join in the Azure Sentinel Tech Community conversations
  2. Product specific feature requests – Upvote or post new on Azure Sentinel feedback forums
  3. Report product or contribution bugs – File a GitHub Issue using Bug template
  4. General feedback on community and contribution process – File a GitHub Issue using Feature Request template

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

Add in your new or updated contributions to GitHub

Brand new or update to a contribution via these methods:

Pull Request

  • After you push your changes, you will need to submit the Pull Request (PR)
  • After submission, check the Pull Request for comments
  • Make changes as suggested and update your branch or explain why no change is needed. Resolve the comment when done.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

For information on what you can contribute and further details, refer to the "get started" section on the project's wiki.