Config files for my GitHub profile.
-
Updated
Mar 31, 2022
Config files for my GitHub profile.
Kusto Query Language is a powerful tool to explore your data and discover patterns, identify anomalies and outliers, create statistical modeling, and more. The query uses schema entities that are organized in a hierarchy similar to SQLs: databases, tables, and columns
Training content for course delegates.
Use KQG and generate Kusto scripts | Used with Defender ATP
A Jekyll-powered blog, to share my experience and learnings about DevOps, CyberSecurity, Edge-Computing and other Next-Generation Cloud technologies.
This repo contains content which ist related to my blog https://hoferlabs.ch/.
Use custom logs from azure vm to monitor resources and alert on events
Custom made Query which you can run in your Microsoft Defender - Advanced Hunting tool to look for network activity related to Egregor Ransomware.
A collection of custom KQL Queries that I've written for 365 Defender's 'Advanced Threat Hunting.'
Session about the Kusto query language that you can find in Azure tools such as Azure Data explorer (ADX) but also Azure Time Series Insights.
The SOC Entity Triage workbook is designed to enhance the triage process for security operation centers (SOCs) by providing a comprehensive and interactive analysis tool within Azure Sentinel. This workbook aims to streamline the investigation of entities such as IP addresses, hostnames, AD users, and email accounts,.
The Powershell script in this repository is responsible for parsing out Windows Event Log information for failed RDP attacks and using a third party API to collect geographic information about the attackers location.
MaxMind Geo and ASN Data for Kusto
Add a description, image, and links to the kql topic page so that developers can more easily learn about it.
To associate your repository with the kql topic, visit your repo's landing page and select "manage topics."