Microsoft-365-Defender-Hunting-Queries icon indicating copy to clipboard operation
Microsoft-365-Defender-Hunting-Queries copied to clipboard

Published 20 hours ago verified publisher icon microsoft

Metadata

Sample queries for Advanced hunting in Microsoft 365 Defender

Results 48 Microsoft-365-Defender-Hunting-Queries issues
Sort by recently updated
recently updated
newest added

added vpn-exploits.md

Part of a series of pull requests, placing queries from the TA reports in the repo. Some of the column names may be outdated, as some of the reports are...

martyav avatar martyav

Incident Query and Isolation history query

Hi I want to query about "Incidents" list, but can't find any query also can't find Action history query. such as isolation, virus scan...

bobose avatar bobose

Create DNS Server Report.csl

2 comment

mjmelone avatar mjmelone

Create Device Logon Statistics by Account.csl

mjmelone avatar mjmelone

Create Dns Resolution Statistics.csl

mjmelone avatar mjmelone

Create Network Spray Detector.csl

mjmelone avatar mjmelone

Created IdentifyingRareProcesses.csl

Initial check-in. Identifies rare processes based on different factors

mjmelone avatar mjmelone

Create accountlogon.txt

2 comment

mattiasborg82 avatar mattiasborg82

Metadata

1.9k
Stars
509
Forks
Watchers

Owner

verified publisher icon microsoft

Metadata

Sample queries for Advanced hunting in Microsoft 365 Defender

Back