KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Query Kusto like a pro from the comfort of your Jupyter notebook

Python parser for Kibana Query Language (KQL).

Kusto and Log Analytics MCP server help you execute a KQL (Kusto Query Language) query within an AI prompt, analyze, and visualize the data.

Updated Sigma2KQL script written by @CodeByHarri + Generating Analytics & Hunting Rules ready for Sentinel Deployment

Parser for the Kibana Query Language (KQL)

📦 Azure Monitor integration with OpenTelemetry via "@distributed_trace" annotation 🔍

End-to-end streaming flight data pipeline on Microsoft Fabric: real-time ingestion with Eventstream, dual sinks to Lakehouse & Eventhouse, star-schema transforms, incremental loads into Warehouse, semantic modeling, and both live & historical dashboards.

Tools for handling ElasticSearch queries in various languages (Gitlab.com mirror).

Azure SDK-compliant Python client library for aggregating logs from multiple Microsoft Sentinel workspace

Real-time WeatherAPI ingestion via Azure Functions vs Databricks → Event Hubs → Fabric Eventstreams/Eventhouse (KQL) with Key Vault.

Real-Time Weather Data Streaming and Analytics Platform

KQL Local Manager, allows you to manage and organize KQL Queries in a central Database.

Reusable content for Microsoft Sentinel, including: KQL queries for detections and troubleshooting. Parsers for parsing log tables and displaying in a more usable format. Workbooks for visualizing security data and metrics. Logic Apps (Playbooks) for incident response automation and integrations.

Operations Security & Compliance Automated Reporter - Maximize your FREE 400 SCUs with Microsoft Security Copilot

Sentinel is an AI agent that retrieves PubMed publications using phi3.5 with phidata to generate and run a MeSH search on NCBI Entrez.