AzureTracksAug 29, 2024
Sentinel Tip - Use Kusto Query Language (KQL): Master KQL to create effective and efficient analytics rules. KQL is a powerful & easy to learn query language for analyzing large datasets. #KQL #Analytics #QueryLanguage #MustLearnKQL
rodtrent Jun 20, 2023

Learn Live - Introduction to Kusto Query Language https://rodtrent.com/9mh

#MustLearnKQL #KQL

Learn Live - Introduction to Kusto Query Language

YouTube
rodtrent Jun 19, 2023

View my verified achievement from Microsoft Azure Data Explorer.

https://www.credly.com/badges/93244571-f2fc-4602-bc0d-7d605400b785/public_url

#MustLearnKQL #KQL

Kusto Detective Agency – S2E3 Badge was issued by Microsoft Azure Data Explorer to Rod Trent.

Kusto Detective Agency: Case S2E3 solved!

Credly
rodtrent Jun 19, 2023

Was quick enough this time to capture a gift!

Kusto Detective Agency Season 2, Case 3 is ready!

https://rodtrent.com/1cr

#MustLearnKQL #KQL

Kusto Detective Agency

rodtrent Jun 16, 2023

DCA-DetectAADInternalsUse.kql - Detect AADInternals use, where we see a domain changed from managed to federated, and the issuer contains any.sts or the issuer suffix is 8 characters, a combination of letters and numbers

https://rodtrent.com/9li

#MicrosoftDefender #Security #MicrosoftSecurity #Cybersecurity #M365D #KQL #MustLearnKQL

Sentinel-Queries/Defender for Cloud Apps/DCA-DetectAADInternalsUse.kql at main · reprise99/Sentinel-Queries

Collection of KQL queries. Contribute to reprise99/Sentinel-Queries development by creating an account on GitHub.

GitHub
rodtrent Jun 15, 2023

KQL Queries Behind the Microsoft Sentinel Overview Page https://rodtrent.com/web

#MicrosoftSentinel #Cybersecurity #MicrosoftSecurity #Security #KQL #MustLearnKQL

KQL Queries Behind the Microsoft Sentinel Overview Page

How the sausage is made...Mmmmmm...

Rod’s Blog
rodtrent Jun 13, 2023

Email-EOP-Detection-DailyPercentage.yaml - This query shows the daily percentage of EOP detections.

https://rodtrent.com/2cr

#KQL #MustLearnKQL #MicrosoftDefender #Security #MicrosoftSecurity #Cybersecurity #M365D

KQL/KQL-XDR-Hunting/Email-Microsoft-Defender-for-Office365/Email-EOP-Detection-DailyPercentage.yaml at main · LearningKijo/KQL

Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint. - KQL/KQL-XDR-Hunting/Email-Microsoft-Defender-for-Office365/Ema...

GitHub
rodtrent Jun 12, 2023

Saas-Ransomware-0mega-hunting.kql - Detection Queries for 0mega ransomware infecting sharepoint. https://rodtrent.com/m80

#MicrosoftSentinel #Cybersecurity #MicrosoftSecurity #Security #KQL #MustLearnKQL

Microsoft-Sentinel-Queries/Saas-Ransomware-0mega-hunting.kql at main · le0li9ht/Microsoft-Sentinel-Queries

KQL queries for cyber defense and for solving daily issues - Microsoft-Sentinel-Queries/Saas-Ransomware-0mega-hunting.kql at main · le0li9ht/Microsoft-Sentinel-Queries

GitHub
rodtrent Jun 9, 2023

Did you know Kindle Unlimited subscribers can read Must Learn KQL for free?

https://amzn.to/43uDfsI

#MustLearnKQL #KQL

rodtrent Jun 6, 2023

Probably my favorite Must Learn KQL quote to date.

https://aka.ms/MustLearnKQL

#MustLearnKQL #KQL

GitHub - rod-trent/MustLearnKQL: Code included as part of the MustLearnKQL blog series

Code included as part of the MustLearnKQL blog series - GitHub - rod-trent/MustLearnKQL: Code included as part of the MustLearnKQL blog series

GitHub