KQLCafe's Avatar

KQLCafe

@kqlcafe

A Community to make the world a better place with KQL | Learn, share and practice the KQL language #KQL #Security #ThreatHunting #LogAnalytics #DataExplorer https://kqlcafe.com/

86
Followers 2
Following 5
Posts 18.11.2024
Joined
Posts Following

Latest posts by KQLCafe @kqlcafe

KustoCon 2025
KustoCon 2025 YouTube video by KQL Cafe

Countdown to #KustoCon

youtu.be/VQI9WgG--Xs?...

19.10.2025 08:08 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Sessions | KustoConEvent Timetable

πŸŽ‰ KustoCon 2025 is official!

Watch the announcement video and register now for the main event or join us onsite in Zurich for also the hands-on detection engineering workshop!

Info & sign-up: kustocon.com/sessions/

#KustoCon #KQL #KustoFans

02.06.2025 21:25 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
KQL Cafe If you'd like to share your query with the community, feel free to share it via kqlsearch.com Submit Query

Interested to learn more about Azure Fabric? Join us at the KQLCafe tomorrow Tuesday February 25, 18:00 CET with guest speaker Uri Barash

More information and registration here: kqlcafe.com#upcoming-shows

#kql #AzureFabric #Kusto

24.02.2025 19:13 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Microsoft is retiring the MFA Fraud alert in favor of the replacement feature "Report Suspicious Activity" here's a KQL query to detect these events.
github.com/alexverboon/...

#KQL #EntraID #mvpbuzz #MFA

22.01.2025 19:58 πŸ‘ 3 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

[New KQL Query] Detect changes to Microsoft Entra ID Self Service Password Reset configuration settings

github.com/alexverboon/...

#KQL #EntraID #SSPR #mvpbuzz

22.01.2025 19:58 πŸ‘ 2 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0

#100DaysOfKQL

Day 18 - Unique DLL With Low Prevalence Loaded From Commonly Abused Folder

Could probably still be fine-tuned further, but it should detect campaigns/malware such as the ones listed in the Description.

May also find unwanted software πŸ‘€

github.com/SecurityAura...

19.01.2025 03:30 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Hello #KQL Fans & Geeks,

We are taking a short break, but we'll be back in January 2025. Check out our lineup of guest speakers here: kqlcafe.com#our-mission

And in case you missed it, the KustoCon Conference session recordings are available now. kqlcafe.com/KustoCon/Kus...

02.12.2024 23:15 πŸ‘ 5 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0

Time to get a #KQL query from the shelve: Potential Adversary in the middle Phishing

If you have High-Risk users and axios useragents in the results please revoke some sessions.

🏹 github.com/Bert-JanP/Hu...

Query is available for both SigninLogs and AADSignInEventsBeta.

02.12.2024 17:37 πŸ‘ 6 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
LinkedIn This link will take you to a page that’s not on LinkedIn

πŸš€ Relive KustoCon 2024! 🧠🌐 Our 6 expert-led sessions are now available for you to watch on-demand. Dive into the latest KQL insights from top community experts. πŸ“Ή

πŸ‘‰ Watch here: lnkd.in/edeRJQtd

26.11.2024 18:48 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

Do you like #KQL ? Then follow us here and check out our monthly meetup schdule kqlcafe.com

#mvpbuzz #Community #Learn #Share #Practice #KQL #KustoQueryLanguage

18.11.2024 22:12 πŸ‘ 4 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0