KQL Search
Search engine for KQL Queries
Assistant
Generator
Lab
Show Advanced Filters
Table:
Select...
Author:
Select...
Keyword:
Select...
Operator:
Select...
Statistics
recently-received-emails-with-phishing-related-subject-keywords
Author: Michalis Michalos
Released: 10/4/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Multiple-Container registry image MDVM vulnerability assessments
Author: Jose Sebastián Canós
Released: 10/4/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Multiple-Virtual machines MDVM vulnerability assessments
Author: Jose Sebastián Canós
Released: 10/4/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
delivered-emails-identified-as-suspicious
Author: Michalis Michalos
Released: 10/3/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
review-recent-urlclick-events
Author: Michalis Michalos
Released: 10/3/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
recently-received-emails-with-attachments
Author: Michalis Michalos
Released: 10/3/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
ListEntraIDSignIns
Author: Bert-Jan Pals
Released: 10/3/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
ImageFiles
Author: Rod Trent
Released: 10/2/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MultipleTablesNoIngest
Author: Rod Trent
Released: 10/2/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
TI Feed - MontySecurity C2 Tracker All IPs
Author: Bert-Jan Pals
Released: 10/2/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
find_new_usb_mount
Author: Daniel Card
Released: 9/30/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AuthMethods-Windows-Signin
Author: Thomas Naunheim
Released: 9/28/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AuthTokenIssuer
Author: Thomas Naunheim
Released: 9/28/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
FedCredIssuedRepoSensitiveAction
Author: Thomas Naunheim
Released: 9/28/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
ARG-LogStatusOfWindowsDevices
Author: Matt Zorich
Released: 9/28/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Visualization - AccountsLongestPeriodWithoutPasswordReset
Author: Bert-Jan Pals
Released: 9/27/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
TopNAccountsLongestPeriodWithoutPasswordReset
Author: Bert-Jan Pals
Released: 9/26/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
lumma-stealer-using-tesla-browser-useragent
Author: Michalis Michalos
Released: 9/26/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Multiple-Container registry image Azure vulnerability assessments
Author: Jose Sebastián Canós
Released: 9/25/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Parsing-UnifySignInLogs
Author: Jose Sebastián Canós
Released: 9/25/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AWSGuardDutyAlert
Author: Fabian Bader
Released: 9/23/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-DefenderAntivirusExclusions
Author: Alex Verboon
Released: 9/23/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AzureAD-Groups
Author: Alex Verboon
Released: 9/23/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AzureAD-BasicAuth
Author: Alex Verboon
Released: 9/23/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-LocalAccountCreated
Author: Alex Verboon
Released: 9/23/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
QRPhishVictim
Author: C.J. May
Released: 9/22/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
ListPublicIPs
Author: Bert-Jan Pals
Released: 9/22/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AzureTagSearch
Author: Bert-Jan Pals
Released: 9/21/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AADConnectorAccount-OutsideOfWatchList
Author: Thomas Naunheim
Released: 9/21/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Multiple-Playbook run failed
Author: Jose Sebastián Canós
Released: 9/21/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
savingperworkbook
Author: Rod Trent
Released: 9/20/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Multiple-Container registry image Qualys Trivy vulnerability assessments
Author: Jose Sebastián Canós
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AWSCloudTrail-Activity with AWS break glass user
Author: Jose Sebastián Canós
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
substitute json characters
Author: Jose Sebastián Canós
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Anomalies-Suspicious volume of logins to user account
Author: Jose Sebastián Canós
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-TVM-SecurityControls_Credential Guard
Author: Alex Verboon
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-TVM-SecurityControls_SmartScreen
Author: Alex Verboon
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-TVM-Network_NetworkProtection
Author: Alex Verboon
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-TVM-SecurityControls_ExploitGuard
Author: Alex Verboon
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-TVM-SecurityControls_Firewall
Author: Alex Verboon
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-TVM-SecurityControls_Antivirus_edr
Author: Alex Verboon
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-TVM-Accounts_LAPS
Author: Alex Verboon
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-TVM-SecurityControls_ASR
Author: Alex Verboon
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-TVM-SecurityControls_BitLocker
Author: Alex Verboon
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE-TVM-SecurityControls_AppLicationGuard
Author: Alex Verboon
Released: 9/19/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Sentinel-AzureActivityDataConnectorCoverage
Author: Alex Verboon
Released: 9/18/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Sentinel-DataConnectorHealth
Author: Alex Verboon
Released: 9/18/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Sentinel-IngestionQuota
Author: Alex Verboon
Released: 9/18/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Sentinel-AnalyticRuleUpdates
Author: Alex Verboon
Released: 9/18/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Sentinel-AutomationRulesPlaybooks
Author: Alex Verboon
Released: 9/18/2023
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Loading...
Privacy policy
Imprint
Made by
Ugur Koc
with ☕
KQL Community