How to write faster Sentinel queries. KQL best practices with real world examples
All the shortcuts you need to make you a Sentinel GUI Wizard
Using jaccard index in KQL to find threats hidden in the patterns
How to write KQL Sentinel Summary Rules with 3 real world examples.
Neurology, technology, and Sentinel Summary rules. Explaining the intuition and process of building summary rules from scratch.
Parsing the same firewall log message in 4 different formats (JSON, CEF, BSD Syslog, and Syslog RFC 5424) with full KQL breakdown
