MDATP/AzureData Support and ProcessTree Viewer

Overview

This release contains three important features:

• Query support for Microsoft Defender ATP
• Interactive Process Tree browser.
• Support for querying Azure properties for subscriptions and resources

New Features

• Microsoft Defender Query Support. Added a query provider/driver to
  query Defender alerts, machines, processes and arbitrary KQL queries of
  the Hunting data
• Template queries for MDATP for hunting and standard entities
• Process Tree Viewer - Bokeh interactive graphical view for one or
  more Process Trees in a data set. Supports both Windows and Linux.
• Process tree utilities - data library to create and query process trees.
• Azure properties of subscriptions and resources such as VMs can be
  queried from Notebooks.
• Query providers now accept ISO-string format for datatime fields
  for queries (in addition to datetime and timedelta)
• Added Progress widget to nbwidgets.

Fixes

• Miscellaneous linting/checker bugs
• Spelling and path errors in docs
• Fixing paths for https://github/Azure/Azure-Sentinel-Notebooks repo.
• Updating dependency to Bokeh 1.40
• Fixed timeline legend bug