Skip to content
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Branch: master
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github/ISSUE_TEMPLATE Update issue templates Dec 22, 2018
Dashboards Update DashboardsMetadata.json Mar 14, 2019
Detections Addition of potential IIS brute force into hunting for now, may move … ( Mar 19, 2019
Exploration Queries Changed technique tag to tactic tag Mar 13, 2019
Hunting Queries Update Mar 27, 2019
Notebooks Add files via upload Mar 27, 2019
Parsers Create Readme Aug 30, 2018
.gitignore Notebook fixes + Sample notebooks with data + vis Feb 27, 2019
LICENSE Initial commit Aug 18, 2018

Azure Sentinel

Welcome to the Azure Sentinel repository! This repository contains out of the box detections, exploration queries, hunting queries, dashboards and playbooks to help you get ramped up with Azure Sentinel and provide you security content to secure your environment and hunt for threats. You can also submit any issues or feature requests as you onboard to Azure Sentinel. For questions and feedback, please contact


Getting started with GitHub

Azure Sentinel documentation

Azure Sentinel Techcommunity


This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact with any additional questions or comments.

You can’t perform that action at this time.