A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.
Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.
example queries for learning the kusto language
C# KQL query engine with flexible I/O layers and visualization
Accelerator to build a Microsoft Fabric modern data platform using pre-built reusable Fabric items and an orchestration ELT Framework
Enables Kibana to query Azure Data Explorer (ADX / Kusto)
JS SDK for the Kusto service
Quick start. Index multiple documents in a repository using HuggingFace embeddings. Save them in Chroma and / or FAISS for recall. Choose OpenAI or Azure OpenAI APIs to get answers to your questions - Q&A with OpenAI and Azure OpenAI.
Terraform script to deploy almost all Azure Data Services
A self-contained execution engine for the Kusto Query Language (KQL) written in C#
Add a description, image, and links to the kusto topic page so that developers can more easily learn about it.
To associate your repository with the kusto topic, visit your repo's landing page and select "manage topics."