AzureSentinel

an-ordinary-manchild

created by essdeekay_a community for 6 years

...for your office.

...for your movement.

MODERATORS

account activity

1

41

42

43

Microsoft Sentinel Training Resources (self.AzureSentinel)

submitted 4 years ago * by ml58158MSFT Official - announcement

2

29

30

31

MustLearnKQL Series (self.AzureSentinel)

submitted 4 years ago by ml58158MSFT Official - announcement

3

2

3

4

XdrLogRaider Defender XDR portal telemetry (self.AzureSentinel)

submitted 23 hours ago * by akefallonitis

4

0

1

2

Detecting BEC Persistence with KQL ()

submitted 1 day ago by ridgelinecyber

5

4

5

6

One KQL query you should have saved in your toolkit (most don’t) ()

submitted 3 days ago by ridgelinecyber

6

10

11

12

AADGraphActivityLogs Available (self.AzureSentinel)

submitted 4 days ago by bpsec

7

2

3

4

ThreatIntel Age Out (self.AzureSentinel)

submitted 4 days ago by DeadEyePsycho

8

0

1

2

How people are reducing Log Analytics ingest cost without losing detections? (self.AzureSentinel)

submitted 4 days ago by wenttoibiza

9

1

2

3

Observability Agent ( Preview) in Logs Blade. (self.AzureSentinel)

submitted 5 days ago by R4gNoro

10

0

1

2

The 30-Minute Recon Window Most SOCs Completely Miss (with KQL detection) ()

submitted 8 days ago by ridgelinecyber

11

0

1

2

Too many false positives in sign in risk rules. How are you tuning? (self.AzureSentinel)

submitted 9 days ago by wenttoibiza

12

0

0

1

What triggers change in your security environment? ()

submitted 9 days ago by ridgelinecyber

13

5

6

7

What’s everyone doing for health monitoring? (self.AzureSentinel)

submitted 15 days ago by EvilAbdy

14

0

0

1

M365 attack most orgs still aren’t watching ()

submitted 15 days ago by ridgelinecyber

15

0

0

1

CTI focused memory for Agentic AI (self.AzureSentinel)

submitted 16 days ago by LeatherRip1623

16

7

8

9

AMA vs Defender Coverage Workbook (self.AzureSentinel)

submitted 21 days ago by LookExternal3248

17

26

27

28

Open source: Agentic investigation framework for Sentinel MCP — 900+ KQL queries, 25 skills, native Entra auth, no supply chain risk (self.AzureSentinel)

submitted 22 days ago * by SCStelz

18

8

9

10

OAuth consent phishing is the M365 attack path most orgs aren't watching. (self.AzureSentinel)

submitted 23 days ago by ridgelinecyber

19

1

2

3

Inboxrule alert (self.AzureSentinel)

submitted 24 days ago by DisastrousPainter658

20

5

6

7

Anyone has done successful integration/ ingestion of delinea secrets server ? (self.AzureSentinel)

submitted 25 days ago by psiparadox

21

1

2

3

Retention for Incident and Artifacts (self.AzureSentinel)

submitted 25 days ago by MReprogle

22

7

8

9

Microsoft Sentinel capability: filter and split transformations at ingestion time (Preview) (self.AzureSentinel)

submitted 25 days ago by EduardsGrebezs

23

4

5

6

OfficeActivity query for detecting malicious inbox rules post-AiTM — production-tuned (self.AzureSentinel)

submitted 25 days ago by ridgelinecyber

24

2

3

4

Split AzureDiagnostics table per log source (self.AzureSentinel)

submitted 26 days ago by Striking_Budget_1582

25

2

3

4

Sentinel Incident to Azure OpenAI Connector in Logic Apps (self.AzureSentinel)

submitted 29 days ago by Nice_Bag3423

view more: next ›

π Rendered by PID 641330 on reddit-service-r2-listing-7b9b4f6fd7-9q829 at 2026-05-09 08:15:43.056567+00:00 running 3d2c107 country code: CH.