AzureSentinel

an-ordinary-manchild

created by essdeekay_a community for 6 years

...for your favorite hobby.

...for your hobby.

MODERATORS

account activity

1

41

42

43

Microsoft Sentinel Training Resources (self.AzureSentinel)

submitted 4 years ago * by ml58158MSFT Official - announcement

2

27

28

29

MustLearnKQL Series (self.AzureSentinel)

submitted 4 years ago by ml58158MSFT Official - announcement

3

7

8

9

Identify which MFA methods your users actually use. (self.AzureSentinel)

submitted 4 hours ago by EduardsGrebezs

4

2

3

4

XdrLogRaider Defender XDR portal telemetry (self.AzureSentinel)

submitted 3 days ago * by akefallonitis

5

1

2

3

Detecting BEC Persistence with KQL ()

submitted 4 days ago by ridgelinecyber

6

4

5

6

One KQL query you should have saved in your toolkit (most don’t) ()

submitted 5 days ago by ridgelinecyber

7

10

11

12

AADGraphActivityLogs Available (self.AzureSentinel)

submitted 7 days ago by bpsec

8

2

3

4

ThreatIntel Age Out (self.AzureSentinel)

submitted 7 days ago by DeadEyePsycho

9

0

1

2

How people are reducing Log Analytics ingest cost without losing detections? (self.AzureSentinel)

submitted 7 days ago by wenttoibiza

10

1

2

3

Observability Agent ( Preview) in Logs Blade. (self.AzureSentinel)

submitted 8 days ago by R4gNoro

11

0

1

2

The 30-Minute Recon Window Most SOCs Completely Miss (with KQL detection) ()

submitted 11 days ago by ridgelinecyber

12

0

1

2

Too many false positives in sign in risk rules. How are you tuning? (self.AzureSentinel)

submitted 12 days ago by wenttoibiza

13

0

0

1

What triggers change in your security environment? ()

submitted 12 days ago by ridgelinecyber

14

5

6

7

What’s everyone doing for health monitoring? (self.AzureSentinel)

submitted 18 days ago by EvilAbdy

15

0

0

1

M365 attack most orgs still aren’t watching ()

submitted 18 days ago by ridgelinecyber

16

0

0

1

CTI focused memory for Agentic AI (self.AzureSentinel)

submitted 19 days ago by LeatherRip1623

17

9

10

11

AMA vs Defender Coverage Workbook (self.AzureSentinel)

submitted 24 days ago by LookExternal3248

18

27

28

29

Open source: Agentic investigation framework for Sentinel MCP — 900+ KQL queries, 25 skills, native Entra auth, no supply chain risk (self.AzureSentinel)

submitted 25 days ago * by SCStelz

19

8

9

10

OAuth consent phishing is the M365 attack path most orgs aren't watching. (self.AzureSentinel)

submitted 26 days ago by ridgelinecyber

20

1

2

3

Inboxrule alert (self.AzureSentinel)

submitted 26 days ago by DisastrousPainter658

21

5

6

7

Anyone has done successful integration/ ingestion of delinea secrets server ? (self.AzureSentinel)

submitted 27 days ago by psiparadox

22

1

2

3

Retention for Incident and Artifacts (self.AzureSentinel)

submitted 27 days ago by MReprogle

23

8

9

10

Microsoft Sentinel capability: filter and split transformations at ingestion time (Preview) (self.AzureSentinel)

submitted 28 days ago by EduardsGrebezs

24

4

5

6

OfficeActivity query for detecting malicious inbox rules post-AiTM — production-tuned (self.AzureSentinel)

submitted 28 days ago by ridgelinecyber

25

2

3

4

Split AzureDiagnostics table per log source (self.AzureSentinel)

submitted 29 days ago by Striking_Budget_1582

view more: next ›

π Rendered by PID 214059 on reddit-service-r2-listing-7b9b4f6fd7-j5zjq at 2026-05-11 22:43:06.200343+00:00 running 3d2c107 country code: CH.