Azure Sentinel Hunting and Github - HAFNIUM

Copper Contributor

Hello everyone,


I am fairly new to Azure Sentinel and today I was hoping to take advantage of the Hunting queries in GitHub mentioned in this article


The problem is I have no idea on how to take something from GitHub (such as this one) and create a new hunting query from it in Sentinel.


This may be something stupid simple but my google-fu has failed me.


Any pointers would be very much appreciated.

3 Replies
best response confirmed by BCSecA (Copper Contributor)
Now that I thoroughly feel like a noob thank you so much for that. That worked like a charm.
No worries at all. I realized after you asked, we don't really cover it anywhere in the docs. And, your question led to others. You're not alone. :)
1 best response

Accepted Solutions
best response confirmed by BCSecA (Copper Contributor)