home.social

#kusto — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #kusto, aggregated by home.social.

  1. *Read it like an infomercial*

    Are you tired of working with logs that contain arrays with multiple JSON like this?

    Have you tried creating a new column with the value you want only to find out that this value has no fixed position in the array?

    Now your problems are over! With this 5 line KQL snippet, written by a real human, you can finally have the peace of mind that all the fields are populated correctly and everything is neat inside a single JSON!

    github.com/0x-cde/Threat-Hunti

    #kusto #kustoquery #kql #threathunting #threat_hunting #dfir #digitalforensics

  2. *Read it like an infomercial*

    Are you tired of working with logs that contain arrays with multiple JSON like this?

    Have you tried creating a new column with the value you want only to find out that this value has no fixed position in the array?

    Now your problems are over! With this 5 line KQL snippet, written by a real human, you can finally have the peace of mind that all the fields are populated correctly and everything is neat inside a single JSON!

    github.com/0x-cde/Threat-Hunti

    #kusto #kustoquery #kql #threathunting #threat_hunting #dfir #digitalforensics

  3. *Read it like an infomercial*

    Are you tired of working with logs that contain arrays with multiple JSON like this?

    Have you tried creating a new column with the value you want only to find out that this value has no fixed position in the array?

    Now your problems are over! With this 5 line KQL snippet, written by a real human, you can finally have the peace of mind that all the fields are populated correctly and everything is neat inside a single JSON!

    github.com/0x-cde/Threat-Hunti

    #kusto #kustoquery #kql #threathunting #threat_hunting #dfir #digitalforensics

  4. *Read it like an infomercial*

    Are you tired of working with logs that contain arrays with multiple JSON like this?

    Have you tried creating a new column with the value you want only to find out that this value has no fixed position in the array?

    Now your problems are over! With this 5 line KQL snippet, written by a real human, you can finally have the peace of mind that all the fields are populated correctly and everything is neat inside a single JSON!

    github.com/0x-cde/Threat-Hunti

    #kusto #kustoquery #kql #threathunting #threat_hunting #dfir #digitalforensics

  5. *Read it like an infomercial*

    Are you tired of working with logs that contain arrays with multiple JSON like this?

    Have you tried creating a new column with the value you want only to find out that this value has no fixed position in the array?

    Now your problems are over! With this 5 line KQL snippet, written by a real human, you can finally have the peace of mind that all the fields are populated correctly and everything is neat inside a single JSON!

    github.com/0x-cde/Threat-Hunti

    #kusto #kustoquery #kql #threathunting #threat_hunting #dfir #digitalforensics

  6. 🐣 HAPPY EASTER CAPSTONE! 🛡️

    My KQL courses now include a complete attack scenario to test your skills — end to end.

    🎯 Hands-on labs
    📉 20% OFF for a limited time!
    Crack it open 👇

    #KQL #Kusto #ThreatHunting #DetectionEngineering #DFIR

    academy.bluraven.io

  7. 🎁 NEW UPDATE:

    I've added a small challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course.

    More will be coming soon!

    #KQL #Kusto #MicrosoftDefender #MicrosoftSentinel
    👇
    academy.bluraven.io/course/int

  8. 🚨 FREE unlimited lab access to "Introduction to KQL for Security Analysis" course!

    Thrilled to announce that my Intro to KQL for Security Analysis lab environment is now completely free with no time restrictions!

    academy.bluraven.io/course/int

    #KQL #Kusto #ThreatHunting #Infosec

  9. KQL

    Kusto Query Language (KQL) is a powerful query language that is used to query Azure Data Explorer (ADX) and Azure Monitor log data. KQL is used to query data in tables, summarize d(...)

    #adx #anomalydetection #azure #kql #kusto

    taoofmac.com/space/dev/kql

  10. 🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
    🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
    🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.

    academy.bluraven.io/advanced-h

    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse

  11. 🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
    🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
    🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.

    academy.bluraven.io/advanced-h

    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse

  12. 🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
    🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
    🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.

    academy.bluraven.io/advanced-h

    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse

  13. 🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
    🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
    🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.

    academy.bluraven.io/advanced-h

    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse

  14. 🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before.
    🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
    🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.

    academy.bluraven.io/advanced-h

    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse

  15. Self-Hosting Kusto

    This is going to be an unusual one, partly because it is about a Microsoft thing (which I typically avoid) and because it’s going to be a bit of a brain dump.(...)

    #adx #ai #azure #docker #jupyter #kql #kusto #ml #parquet #polars

    taoofmac.com/space/blog/2024/0

  16. 🚀 FREE Hands-On KQL for Security Analysis Course is now available! 🚀
    ✅ 50 seats bi-monthly
    ✅ Certificate of completion
    ✅ 14-day lab with real-world Microsoft Sentinel and Defender XDR logs 🔥🔥
    Enroll for #FREE 👇
    academy.bluraven.io/intro-to-k
    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity #KQLForSecurityAnalysts #training

  17. 🚀 FREE Hands-On KQL for Security Analysis Course is now available! 🚀
    ✅ 50 seats bi-monthly
    ✅ Certificate of completion
    ✅ 14-day lab with real-world Microsoft Sentinel and Defender XDR logs 🔥🔥
    Enroll for #FREE 👇
    academy.bluraven.io/intro-to-k
    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity #KQLForSecurityAnalysts #training

  18. 🚀 FREE Hands-On KQL for Security Analysis Course is now available! 🚀
    ✅ 50 seats bi-monthly
    ✅ Certificate of completion
    ✅ 14-day lab with real-world Microsoft Sentinel and Defender XDR logs 🔥🔥
    Enroll for #FREE 👇
    academy.bluraven.io/intro-to-k
    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity #KQLForSecurityAnalysts #training

  19. 🚀 FREE Hands-On KQL for Security Analysis Course is now available! 🚀
    ✅ 50 seats bi-monthly
    ✅ Certificate of completion
    ✅ 14-day lab with real-world Microsoft Sentinel and Defender XDR logs 🔥🔥
    Enroll for #FREE 👇
    academy.bluraven.io/intro-to-k
    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity #KQLForSecurityAnalysts #training

  20. 🚀 FREE Hands-On KQL for Security Analysis Course is now available! 🚀
    ✅ 50 seats bi-monthly
    ✅ Certificate of completion
    ✅ 14-day lab with real-world Microsoft Sentinel and Defender XDR logs 🔥🔥
    Enroll for #FREE 👇
    academy.bluraven.io/intro-to-k
    #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity #KQLForSecurityAnalysts #training

  21. Have just discovered why some KQL in Defender has been erroring and I am in disbelief.

    You cannot have a line break between a let statement and the next line of code!

    e.g.
    let myName=“TJ”;

    |EmailEvents
    | where …

    will cause a “No Tabular expression statement found” error. removing that linebreak between let and |EmailEvents fixes the issues.

    KQL is weird :)

    #KQL #Defender #m365defender #cybersecurity #kusto

  22. Come join us at DFWSMUG winter meeting for sessions on #AI, #Azure Arc, #Kusto and a lot more. Oh, and cookies too.

    eventbrite.com/e/dfwsmug-winte

  23. Adversary-in-The-Middle & Business Email Compromisedthreat hunting with KQL

    Find out essential points for threat hunting, focusing on how to track "potential" AiTM/BEC activities using Kusto Query Language (KQL) in Microsoft 365 Defender

    techcommunity.microsoft.com/t5

    #bec #AiTM #hunting #m365defender #microsoft365defender #threathunting #microsoft #azure #soc #phishing #kql #kusto #cloudsecurity

  24. New post: "Cross-Platform Compatibility Made Easy with Multi-Platform Docker Images: Azure Data Explorer Sink Connector & Kafka Connect"

    Docker has revolutionized the way we package and deploy software applications.

    However, it's challenging to maintain a single image that can work across multiple platforms.

    This blog post explores the steps required to build and deploy multi-platform Docker images.

    nielsberglund.com/post/2023-04

  25. New post: "Develop a Real-Time Leaderboard Using Kafka and Azure Data Explorer - II"

    This is the third post about using Kafka and @azuredataexplorer (ADX) to develop a real-time leaderboard for online gaming.

    In this post, you will see more about ingesting data into ADX and some "cool stuff" related to that. Specifically, what to do if you need to update/transform the data you ingest.

    nielsberglund.com/post/2023-04

  26. 🚨 Attention all #Azure enthusiasts! 🚨 Want to learn how to easily retrieve available IP addresses in your Azure Virtual network and subnets using #AzureResourceGraph? Check out my latest blog post now!

    stefanstranger.github.io/2023/

    #kusto

  27. I just wrote one of the most complicated #kusto queries I've written until now, retrieving the total number of available IP addresses for Azure Virtual Networks and subnets. 🎉🎉

    Anyone interested in me sharing this #Azure Resource Graph Kusto query?

  28. New post: "Interesting Stuff - Week 11, 2023".

    This week:

    * Learn all about @azuredataexplorer and , thanks to Akshay Dixit.
    * I finally finished the second post in the Leaderboard, Kafka, and ADX series
    * ChatGPT and dialogue prompting. Very interesting
    * An old colleague of mine -Ted Neward - ponders the impact of AI on developers.
    * Where has all the Big Data gone?

    Read all about it:

    nielsberglund.com/post/2023-03

  29. Data Analysis in @azuredataexplorer using

    In this learning path, you will learn through 6 training modules, how to analyze data in () using the Query Language ().

    learn.microsoft.com/en-us/trai

    (Reshared from another site 😀)

  30. Right semi join in @AzDataExplorer
    Day52

    Right semi-join returns all records from the right side that match a record from the left side. Only columns from the right side are returned.

    Try: lnkd.in/dze9kFTe
    More: lnkd.in/dBznzFTy

  31. Left Semi join in @AzDataExplorer
    Day51

    Left semi-join returns all records from the left side that match a record from the right side. Only columns from the left side are returned.

    Try: lnkd.in/dKNy6VKd
    Learn More: lnkd.in/dJrmh-DV