Azure related content
-
Updated
Mar 14, 2023
Azure related content
This Repository provides notification to Microsoft Teams by Adaptive Card.
MaxMind Geo and ASN Data for Kusto
This repository offers tools and scripts for mapping and visualizing Microsoft Sentinel data. It includes utilities for extracting, analyzing, and presenting security information from Sentinel, helping to create detailed security maps and dashboards for improved threat analysis.
Terraform modules for deploying and managing Azure workbooks.
Sentinal capabilities implemented
KQL Local Manager, allows you to manage and organize KQL Queries in a central Database.
Simple KQL query that can be run either in MD for Endpoint (Threat hunting or Custom indicator) or in Azure Sentinel (Threat hunting or analytics rule).It's looking for 4 known IOCs related to the Kaseya attack
AutoClosing-SAMPLEALERT-FromMDfC
This repository provides summarization Schedule Analytics Rules in Sentinel Incident
Threat-Hunting KQL query which identifies machines that utilize powershell, cmd or wmic to connect to any URL that includes “cdn.discordapp.com” ,where the action was initiated by a script execution ( .vbs , .bat etc)
Collection of Azure Sentinel - Analytics Rules (Template)
This repository provides a comprehensive guide and scripts for setting up and managing Microsoft Sentinel. It includes step-by-step instructions and automation tools for configuring Sentinel, integrating data sources, and creating security alerts and dashboards for enhanced threat detection.
Microsoft related PowerShell scripts and KQL queries
A containerized Logstash ready to send data to Log Analytics or Event Hub
This project used for convert azure sentinel rules to excel
Microsoft Sentinel / Azure Open AI 演習のレポジトリです。
Add a description, image, and links to the azure-sentinel topic page so that developers can more easily learn about it.
To associate your repository with the azure-sentinel topic, visit your repo's landing page and select "manage topics."