Skip to content
Repository with Sample threat hunting notebooks on Security Event Log Data Sources
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
Azure Data Explorer Python Demo.ipynb
Azure Data Explorer- Kqlmagic Demo.ipynb Added kqlmagic demo - Jupyter extension for Azure Data Explorer Jan 11, 2019
Azure Data Lake with anomalize R Demo.ipynb Demo Files from Secuureworld presentation Nov 9, 2018
threat-hunting-with-ipaddress-from-logs-Public.ipynb demo notebook with ip address in logs Feb 22, 2019


Demo files associated with "Threat Hunting with Notebook technologies" presented at Secureworld conferernce in Seattle, WA


Github jupyter notebook viewer does not parse well, use online services such as nbviewer: or mybinder: to view and interact with notebooksby providing github notebook/repo URL.

Same repo is also cloned and available at azure notebooks:

Basic Data Analysis and Visualization on Failed Logon Data

  • Data Source : Azure Data Explorer
  • Language: Python

Time series anomaly detection on successful logon data using anomalize package

  • Data Source : Azure Data Lake
  • Language: R

Threat Hunting with ip address from logs

  • Data Source : csv file with 4688 along with command line logs
  • Language: Python
You can’t perform that action at this time.