Home

Quick Question

%3CLINGO-SUB%20id%3D%22lingo-sub-446011%22%20slang%3D%22en-US%22%3EQuick%20Question%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-446011%22%20slang%3D%22en-US%22%3E%3CP%3EHI%2C%20quick%20question%2C%3C%2FP%3E%3CP%3Ecan%20i%20import%20all%20detection%20and%20queries%20from%20GitHub%20in%20one%20go.%20Seems%20like%20I%20have%20to%20do%20that%20manually.%3C%2FP%3E%3CP%3ESecondly%2C%20how%20do%20i%20get%20logs%20from%20Windows%20system%20without%20installing%20an%20agent.%3C%2FP%3E%3CP%3ERegards%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-456236%22%20slang%3D%22en-US%22%3ERe%3A%20Quick%20Question%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-456236%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F320169%22%20target%3D%22_blank%22%3E%40MKhan001_%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F293879%22%20target%3D%22_blank%22%3E%40Ofer_Shezaf%3C%2FA%3E%20%3A%20Is%20this%20is%20something%20you%20can%20speak%20to%3F%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F89690%22%20target%3D%22_blank%22%3E%40Chris%20Boehm%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
MKhan001_
Occasional Visitor

HI, quick question,

can i import all detection and queries from GitHub in one go. Seems like I have to do that manually.

Secondly, how do i get logs from Windows system without installing an agent.

Regards

 

2 Replies

@MKhan001_ 

 

@Ofer_Shezaf : Is this is something you can speak to?

@Chris Boehm 

@MKhan001_ 

 

Currently you have to manually import each one at a time, we're already looking into improving this. - No ETA at this time

 

As for your second question regarding Windows System logs - something will have to export the logs for you into Azure Sentinel. Examples given here : https://docs.microsoft.com/en-us/azure/sentinel/connect-data-sources#data-connection-methods 

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
46 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies