Skip to content
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github/ISSUE_TEMPLATE Update issue templates Dec 22, 2018
Dashboards Update DashboardsMetadata.json Mar 14, 2019
Detections Addition of potential IIS brute force into hunting for now, may move … ( Mar 19, 2019
Exploration Queries Changed technique tag to tactic tag Mar 13, 2019
Functions
Hunting Queries Update ssh_brute_force.md Mar 27, 2019
Notebooks Add files via upload Mar 27, 2019
Parsers Create Readme Aug 30, 2018
Playbooks
QueryLanguageSamples
docs
.gitignore Notebook fixes + Sample notebooks with data + vis Feb 27, 2019
CODEOWNERS Update CODEOWNERS Feb 28, 2019
LICENSE Initial commit Aug 18, 2018
README.md

README.md

Azure Sentinel

Welcome to the Azure Sentinel repository! This repository contains out of the box detections, exploration queries, hunting queries, dashboards and playbooks to help you get ramped up with Azure Sentinel and provide you security content to secure your environment and hunt for threats. You can also submit any issues or feature requests as you onboard to Azure Sentinel. For questions and feedback, please contact AzureSentinel@microsoft.com

Resources

Getting started with GitHub

Azure Sentinel documentation

Azure Sentinel Techcommunity

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

You can’t perform that action at this time.