Microsoft Defender Threat Intelligence and Sentinel integration deep dive

Yes we do provide some sample TI hunting queries that all start with "TI map" keyword. The TI Map hunting queries are all part of the "Threat Intelligence" solution on the content hub. You can get these queries by installing the solution. The queries are completely customizable incase you need to run them against a particular data type. The queries get all indicators from the ThreatIntelligenceIndicators table in log analytics and the MDTI indicators are part of the table when you enable the MDTI connector.