cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community
Find out more
SOLVED

Azure Sentinel Hunting and Github - HAFNIUM

BCSecA
Copper Contributor

‎Mar 03 2021 08:08 AM

‎Mar 03 2021 08:08 AM

Azure Sentinel Hunting and Github - HAFNIUM

Hello everyone,

 

I am fairly new to Azure Sentinel and today I was hoping to take advantage of the Hunting queries in GitHub mentioned in this article

 

The problem is I have no idea on how to take something from GitHub (such as this one) and create a new hunting query from it in Sentinel.

 

This may be something stupid simple but my google-fu has failed me.

 

Any pointers would be very much appreciated.

1,533 Views
0 Likes
3 Replies
Reply
3 Replies
best response confirmed by BCSecA (Copper Contributor)
rodtrent

‎Mar 03 2021 08:49 AM

‎Mar 03 2021 08:49 AM

Solution

Re: Azure Sentinel Hunting and Github - HAFNIUM

@BCSecA Whipped this up real quick...let me know if this helps:

 

How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository – Azure Cloud & AI Domain...

0 Likes
Reply
BCSecA

‎Mar 03 2021 12:29 PM

‎Mar 03 2021 12:29 PM

Re: Azure Sentinel Hunting and Github - HAFNIUM

Now that I thoroughly feel like a noob thank you so much for that. That worked like a charm.
0 Likes
Reply
rodtrent

‎Mar 03 2021 12:31 PM

‎Mar 03 2021 12:31 PM

Re: Azure Sentinel Hunting and Github - HAFNIUM

No worries at all. I realized after you asked, we don't really cover it anywhere in the docs. And, your question led to others. You're not alone. :)
0 Likes
Reply