Collection of KQL queries
翻译 - KQL 查询的集合
Kusto Query Language
Azure Sentinel KQL
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
Code included as part of the MustLearnKQL blog series
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
My useful KQL and Azure Monitor workbooks (Public)
A command line tool to explore real-time streams of events.
Repository with Sample KQL Query examples for Threat Hunting
Hands on experience on Azure Data Explorer and Kusto Query Languages(KQL)
A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).