Kusto Collection

◆

◆

◆

◆

📦Normal

★★

“A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).”

◆

◆

◆

◆

📦Normal

★

“Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.”

◆

◆

◆

◆

📦Normal

★

“A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.”

◆

◆

◆

◆

🔮Psychic

★

“Kusto client libraries for Python”

◆

◆

◆

◆

📦Normal

★

“Accelerator for building a Microsoft Fabric data platform with reusable components and an ELT orchestration framework. Automates up to 80% of Bronze and Silver layer processing, so you can focus on business insights in the Gold layer.”

◆

◆

◆

◆

📦Normal

★

“Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.”

◆

◆

◆

◆

📦Normal

★

“In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (a SIEM tool).”

◆

◆

◆

◆

🔮Psychic

★

“C# KQL query engine with flexible I/O layers and visualization ”

◆

◆

◆

◆

📦Normal

★

“Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.”

◆

◆

◆

◆

📦Normal

★

“example queries for learning the kusto language”

◆

◆

◆

◆

🔥Fire

★

“Apache Spark Connector for Azure Kusto”

◆

◆

◆

◆

🌊Water

★

“Azure Data Explorer (Kusto) SDK for Go”

◆

◆

◆

◆

🔮Psychic

★

“Enables Kibana to query Azure Data Explorer (ADX / Kusto)”

◆

◆

◆

◆

💎Aqua

★

“JS SDK for the Kusto service”

◆

◆

◆

◆

⚡Thunder

★

“Kafka sink for Kusto”