Azure related content
-
Updated
Mar 14, 2023
Azure related content
This Repository provides notification to Microsoft Teams by Adaptive Card.
Terraform modules for deploying and managing Azure workbooks.
Sentinal capabilities implemented
Simple KQL query that can be run either in MD for Endpoint (Threat hunting or Custom indicator) or in Azure Sentinel (Threat hunting or analytics rule).It's looking for 4 known IOCs related to the Kaseya attack
AutoClosing-SAMPLEALERT-FromMDfC
This repository provides summarization Schedule Analytics Rules in Sentinel Incident
Collection of Azure Sentinel - Analytics Rules (Template)
Threat-Hunting KQL query which identifies machines that utilize powershell, cmd or wmic to connect to any URL that includes “cdn.discordapp.com” ,where the action was initiated by a script execution ( .vbs , .bat etc)
Microsoft related PowerShell scripts and KQL queries
A containerized Logstash ready to send data to Log Analytics or Event Hub
This project used for convert azure sentinel rules to excel
Collection of Azure Sentinel - Playbook | Logic App (Template)
Microsoft Sentinel / Azure Open AI 演習のレポジトリです。
Azure ARM (bicep) template for deploying a high availability syslog/CEF forwarder setup using Azure VMs.
This terraform module is designed to create azure Sentinel resources. Microsoft Sentinel natively incorporates proven Azure services, like Log Analytics and Logic Apps. Microsoft Sentinel enriches your investigation and detection with AI. It provides Microsoft's threat intelligence stream and enables you to bring your own threat intelligence
Collection of Azure Monitor or Sentinel Kusto Queries
Add a description, image, and links to the azure-sentinel topic page so that developers can more easily learn about it.
To associate your repository with the azure-sentinel topic, visit your repo's landing page and select "manage topics."