Microsoft Sentinel - How to remove automation playbook templates...

Logic APP : ActionFailed. An action failed. No dependent actions succeeded...

KQL Query to filter values based on condition...

KQL Query for creating domain list from UserPrincipalName...

Kusto Query Language - Extract all between two Characters...

Azure Kusto Query to trim multiple parts of a string...

How to correlate two entries when one of them is a number and the other is a range...

How to write a Kusto query to get previous month logs in sentinel?...

How do I connect kqlmagic to more than one Log Analytics workspace at the same time?...

KQL - return entries not matching IP from watchlist (query optimization)...

how to unpack a system.string data type into a flat string in kql...

Azure Sentinel, where are changes logged for data connectors...

Summarize 2 sets into 1 set per user KQL...

How to apply a user defined function to a range of values in KQL...

Match partial string from list with field...

Group similar column results into 1 row - KQL - Azure...

Is it possible to manipulate Azure Sentinel Watchlists through Powershell/API...

Splitting one column into multiple columns with a re-usable function in KQL...

How do I use regex to split a field value into multiple values using two different delimiters...

Creating tiles in azure sentinel workbook using KQL...

Parse string into property bag and loop through its keys to display its values in an extended column...

Is it possible to get an email notification when I close an Azure Sentinel incident?...

How can we get sentinel entities from logs what is the KQL Query we to for Entities , Sentinel ID in...

Surrounding Events in KQL or Matching on Multiple Conditions...

How to forward custom logs to Azure Sentinel...

Substring search on one column from the column of another table without IN operator...

Azure Sentinel Kusto query table with data from another query...

Routing Azure Resource Logs to Multiple Log Analytics Workspaces...

Split KQL array into multiple columns...

Can Azure Sentinel aggregates data from devices running on-premises or in any cloud?...