A colletion of KQL use case queries to suppliment out of the box Sentinel.
- AD Active Directory
- ADO Active Directory
- Azure Azure
- CA CloudApp Events
- Entra Azure EntraID
- IDE Identity Directory Events
- MCAS Microsoft Cloud App Security
- MDE Microsoft Defender for Endpoint
- OA Office Activity
- PA Palo Alto