Skip to content

clivewatson/KQLpublic

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

157 Commits
KQL
KQL
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

My store for useful KQL and Azure Monitor Workbooks (public share)

KQL and Azure Monitor Workbooks you may find useful

Workbooks - how to Import and Export:

This is repeated in a file (open the instructions file in RAW mode and download to see the screenshots), see instructions in the workbooks folder:

Installation Instructions:

  1. If the file is in Github, select the [RAW] button, [Copy] the workbook file content (these are JSON files),
  • Open Azure Monitor Workbooks (from portal.azure.com) - open the “empty” Azure Monitor Workbook, in “advanced edit” mode (press the </> icon ). [paste] over any json that exists.

or

  1. To install into Sentinel, create a New Workbook: Add-Workbook --> Edit --> then use Advanced Edit (press the </> icon) then [paste] over any json that exists.
  • Then Press [apply] then [Done Editing]

Export:

Open Azure Monitor Workbooks

  1. In “advanced edit” mode (press the </> icon) - Choose "Gallery Template" for JSON file or ARM, then press the blue arrow (to the left of the [Apply] button) to download the file

About

My useful KQL and Azure Monitor workbooks (Public)

Resources

Readme

License

MIT license
Activity

Stars

110 stars

Watchers

12 watching

Forks

49 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 4

  •  
  •  
  •  
  •  

Languages