Hello I was wondering if anyone had any queries that would help for a patrol that I am creating? Basically what I am using it for is a workbook for my company to have a quick glance at certain IOC's that could arise such as login failures, suspicious behavior, any use of bad apps like torrent, connection failures, and anything else you would recommend. Specifically anything related to an IOC that would be useful.
I am crating two workbooks for certain users and one for the whole company. So I need to be able to use the query for both all customers and specific ones.
I would greatly appreciate the help thank you.
