This repository is a curated collection of Kusto Query Language (KQL) queries built during my experience as a SOC analyst in primarily a Microsoft environment. These queries aim to assist in the triage and analysis of security logs, events, and alerts, facilitating faster and more effective responses to potential threats. References to query creators will be included in the query page if I do not create them myself.
tresscross/KQLQueries
Curated collection of Kusto Query Language (KQL) queries built during my experience as a SOC analyst in primarily a Microsoft environment.