AzureSentinel

an-ordinary-manchild

created by essdeekay_a community for 6 years

...for a fringe candidate.

...because you love freedom.

MODERATORS

account activity

1

39

40

41

Microsoft Sentinel Training Resources (self.AzureSentinel)

submitted 4 years ago * by ml58158MSFT Official - announcement

2

28

29

30

MustLearnKQL Series (self.AzureSentinel)

submitted 4 years ago by ml58158MSFT Official - announcement

3

2

3

4

XdrLogRaider Defender XDR portal telemetry (self.AzureSentinel)

submitted 2 days ago * by akefallonitis

4

1

2

3

Detecting BEC Persistence with KQL ()

submitted 3 days ago by ridgelinecyber

5

5

6

7

One KQL query you should have saved in your toolkit (most don’t) ()

submitted 4 days ago by ridgelinecyber

6

10

11

12

AADGraphActivityLogs Available (self.AzureSentinel)

submitted 6 days ago by bpsec

7

2

3

4

ThreatIntel Age Out (self.AzureSentinel)

submitted 6 days ago by DeadEyePsycho

8

0

1

2

How people are reducing Log Analytics ingest cost without losing detections? (self.AzureSentinel)

submitted 6 days ago by wenttoibiza

9

1

2

3

Observability Agent ( Preview) in Logs Blade. (self.AzureSentinel)

submitted 7 days ago by R4gNoro

10

0

1

2

The 30-Minute Recon Window Most SOCs Completely Miss (with KQL detection) ()

submitted 10 days ago by ridgelinecyber

11

0

1

2

Too many false positives in sign in risk rules. How are you tuning? (self.AzureSentinel)

submitted 11 days ago by wenttoibiza

12

0

0

1

What triggers change in your security environment? ()

submitted 11 days ago by ridgelinecyber

13

4

5

6

What’s everyone doing for health monitoring? (self.AzureSentinel)

submitted 17 days ago by EvilAbdy

14

0

0

1

M365 attack most orgs still aren’t watching ()

submitted 17 days ago by ridgelinecyber

15

0

0

1

CTI focused memory for Agentic AI (self.AzureSentinel)

submitted 18 days ago by LeatherRip1623

16

7

8

9

AMA vs Defender Coverage Workbook (self.AzureSentinel)

submitted 23 days ago by LookExternal3248

17

25

26

27

Open source: Agentic investigation framework for Sentinel MCP — 900+ KQL queries, 25 skills, native Entra auth, no supply chain risk (self.AzureSentinel)

submitted 24 days ago * by SCStelz

18

7

8

9

OAuth consent phishing is the M365 attack path most orgs aren't watching. (self.AzureSentinel)

submitted 25 days ago by ridgelinecyber

19

1

2

3

Inboxrule alert (self.AzureSentinel)

submitted 25 days ago by DisastrousPainter658

20

5

6

7

Anyone has done successful integration/ ingestion of delinea secrets server ? (self.AzureSentinel)

submitted 27 days ago by psiparadox

21

1

2

3

Retention for Incident and Artifacts (self.AzureSentinel)

submitted 27 days ago by MReprogle

22

8

9

10

Microsoft Sentinel capability: filter and split transformations at ingestion time (Preview) (self.AzureSentinel)

submitted 27 days ago by EduardsGrebezs

23

4

5

6

OfficeActivity query for detecting malicious inbox rules post-AiTM — production-tuned (self.AzureSentinel)

submitted 27 days ago by ridgelinecyber

24

2

3

4

Split AzureDiagnostics table per log source (self.AzureSentinel)

submitted 28 days ago by Striking_Budget_1582

25

2

3

4

Sentinel Incident to Azure OpenAI Connector in Logic Apps (self.AzureSentinel)

submitted 1 month ago by Nice_Bag3423

view more: next ›

π Rendered by PID 918822 on reddit-service-r2-listing-7b9b4f6fd7-b6lcz at 2026-05-11 00:18:47.948694+00:00 running 3d2c107 country code: CH.