reprise99 / Sentinel-Queries

Collection of KQL queries

reprise99/Sentinel-Queries Issues

Licensing Policy for the repository
Closed 6 months ago1
Query no longer works
Closed a year ago6
Azure queries
Updated 2 years ago
Help
Closed 2 years ago1
Comparison vs. Assigment
Closed 2 years ago3
Suggestion
Updated 2 years ago
filter out legitimate Telemetry traffic to avoid false posiitves
Closed 2 years ago2
Sentinel-Queries/Azure Active Directory/Identity-AADRiskEventCorrelation.kql
Closed 2 years ago2
Suggestion: changes to /Active Directory/SecurityEvent-IACFlagParser.kql
Closed 2 years ago1
Sentinel-Queries/Office 365/OfficeActivity-NewTeamsAppInstalled.kql join type incorrect?
Closed 3 years ago4
updated updated issues
Closed 3 years ago
issue updated
Closed 3 years ago