Skip to content

KQL Cafe

KQL Cafe - 31. February 2024

Initializing search

Welcome to KQL Cafe
Code of Conduct
KustoCon
Shownotes

KQL Cafe

Welcome to KQL Cafe
Code of Conduct
KustoCon
KustoCon
- KustoCon 2024
- KustoCon 2025
Shownotes
Shownotes
- KQL Cafe - Month 2025
- 2022
  2022
- 2023
  2023
- 2024
  2024
  - KQL Cafe - April 2024
  - KQL Cafe - August 2024
  - KQL Cafe - 27. February 2024
  - KQL Cafe - 31. February 2024 KQL Cafe - 31. February 2024
    Table of contents
    
    Recording and Presentation
    
    Hosts
    
    Guests
    
    News
    
    Learn
    
    What did you do with KQL this month?
  - KQL Cafe - June 2024
  - KQL Cafe - 26. March 2024
  - KQL Cafe - May 2024
  - KQL Cafe - November 2024
  - KQL Cafe - October 2024
- 2025
  2025
  - KQL Cafe - January 2025

Table of contents

Recording and Presentation
Hosts
Guests
News
Learn
What did you do with KQL this month?

KQL Cafe - 31. February 2024

Recording and Presentation

Recording
Presentation

Hosts

Gianni
Alex

Guests

Ilana Waitser
Elyran Malka

News

The Definitive Guide to KQL: Using Kusto Query Language for Operations, Defending, and Threat Hunting
K7Cyber
KQL Security Sources - 2024 Update
A Deep Dive into the KQL Union Operator
Extracting Nested Fields in Kusto
Harnessing threat intelligence using externaldata operator
Query data in Azure Monitor using Azure Data Explorer

Learn

What are SIGMA Rules
Converting Sigma to KQL Online
Sigma to KQL Backend

What did you do with KQL this month?

Microsoft Defender for Endpoint – Streamlined Connectivity Monitoring
Microsoft Defender XDR – Threat Protection Reporting
Detecting Defender 365 Forwarding Rules policy changes
HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks

Made with Material for MkDocs