KQL Search
Search engine for KQL Queries
New queries added today: 0
Assistant
Generator
Lab
Show Advanced Filters
Table:
Select...
Author:
Select...
Keyword:
Select...
Operator:
Select...
Newsletter
Statistics
Submit query
Azure Service I Ps
Author: Rod Trent
Released: 4/24/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Sentinel Analytics Rule New CISA Know Exploited Vulnerability Added
Author: Bert-Jan Pals
Released: 4/23/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
App Traces App Service Failures
Author: Jose Sebastián Canós
Released: 4/22/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE AIP Client
Author: Alex Verboon
Released: 4/21/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
D4IOT Io T Malware Detected
Author: Alex Verboon
Released: 4/21/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
D4IOT Io T PLC Operating Mode
Author: Alex Verboon
Released: 4/21/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
D4IOT FTP Authentication Failure
Author: Alex Verboon
Released: 4/21/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
D4IOT Malicious Name Queries Detection
Author: Alex Verboon
Released: 4/21/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Graph API Suspicious User Requests
Author: Bert-Jan Pals
Released: 4/21/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
User Enrichment
Author: Bert-Jan Pals
Released: 4/20/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Collect Incident Statistics
Author: Bert-Jan Pals
Released: 4/19/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Minimum Characters For Pim Activation Justification
Author: Michalis Michalos
Released: 4/13/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Parsing Wiz Issues
Author: Jose Sebastián Canós
Released: 4/11/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
List AD Delegations
Author: Bert-Jan Pals
Released: 4/7/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Azure AD Depreicated Power Shell Module
Author: Alex Verboon
Released: 4/5/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
DCA Extract Phone Number
Author: Matt Zorich
Released: 4/4/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Table Data
Author: Rod Trent
Released: 4/4/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Data Per Computer
Author: Rod Trent
Released: 4/4/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Parse Ipv4 Malfunction
Author: Jose Sebastián Canós
Released: 4/3/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Dns Events DNS Query Resolved To Palo Alto Networks Sinkhole
Author: Jose Sebastián Canós
Released: 4/2/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AWS Cloud Trail AWS S3 Object Encrypted With External Key
Author: Jose Sebastián Canós
Released: 4/1/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Inbound SSH Connection To Vulnerable XZ Machine
Author: Bert-Jan Pals
Released: 3/30/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
CVE 2024 3094 Internet Facing Devices
Author: Michalis Michalos
Released: 3/30/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Log Analytics Query Statistics
Author: Bert-Jan Pals
Released: 3/29/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Watchlist Item Delete
Author: Rod Trent
Released: 3/28/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
EEG Storage Accounts
Author: Alex Verboon
Released: 3/26/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
EEG Critical Assets
Author: Alex Verboon
Released: 3/26/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
EEG Malicious Link
Author: Alex Verboon
Released: 3/26/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
EEG Azure Virtual Machines
Author: Alex Verboon
Released: 3/26/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Resource Container Changes Azure Subscription Modified
Author: Jose Sebastián Canós
Released: 3/26/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AD Sensitive Group Changes
Author: Alex Verboon
Released: 3/25/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE Software Uninstall
Author: Alex Verboon
Released: 3/25/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AD GPO Creation
Author: Alex Verboon
Released: 3/25/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE Parse Netsh
Author: Alex Verboon
Released: 3/25/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Summary Of Privileged Operations By Directory Role Member
Author: Thomas Naunheim
Released: 3/24/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Azure Resource Count
Author: Bert-Jan Pals
Released: 3/22/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
NTDS Dit File Modifications
Author: Bert-Jan Pals
Released: 3/21/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Sensitive Microsoft Graph Delegated Permission Access
Author: Thomas Naunheim
Released: 3/21/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Tarfilexecutions
Author: Ali Hussein
Released: 3/20/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Chromeloader Registry Value Large Size Generic
Author: Ali Hussein
Released: 3/20/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Possible Malicious Browser Extension Loaded
Author: Ali Hussein
Released: 3/20/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Audit Admin Actionsfrom Risky Users
Author: Matt Zorich
Released: 3/20/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Multiple IP Entity Power Platform Connector Activity
Author: Jose Sebastián Canós
Released: 3/19/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Multiple IP Entity Power Apps Activity
Author: Jose Sebastián Canós
Released: 3/19/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Security Event Account Created By Unexpected Account
Author: Jose Sebastián Canós
Released: 3/19/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Identity Protection Latency Issues
Author: Jose Sebastián Canós
Released: 3/19/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Device Network Events Suspicious Process Connection To Cloudfront Domain
Author: Jose Sebastián Canós
Released: 3/18/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDE Net Activities
Author: Bert-Jan Pals
Released: 3/15/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Device Network Events Suspicious Connection By COM Surrogate
Author: Jose Sebastián Canós
Released: 3/15/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Device Network Events Suspicious Connection By Wer Fault
Author: Jose Sebastián Canós
Released: 3/15/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Loading...
Privacy policy
Imprint
Made by
Ugur Koc
with ☕
KQL Community
FAQ