Azure Sentinel correlation rules: Active Lists out; make_list() in, the AAD/AWS correlation example
Writing alert rules using KQL is powerful but does not have to be complicated. A good example would be rules that in traditional SIEM use Active Lists. In this blog post, I will describe how to avoid Active Lists entirely using Sentinel query-based rules.Using KQL functions to speed up analysis in Azure Sentinel
Security Operations can often be a very repetitive role. As a security analyst, you will often find yourself conducting the same actions and tasks as you work through an investigation. KQL functions in Azure Sentinel provide a way in which analysts can build up a collection of investigation tools to call upon quickly and simply.
Power Query freezes in Excel
Hello, I'm having issues editing queries in Excel. Whenever I enter a Power Query window, the window opens but shows no data and all excel sheets freezes. I can highlight the tools but they do not react when I try to click them. Nor can I close the Power Query window. The only way I manage to close excel is by forcing it through task manager in windows. I believe the problem started when I updated excel from verision 1902 to 1907. I have reinstalled office and I am now running version 1908, but the problem is still present. I have tried to access power query in multiple workbooks, but with no success. Has anyone experienced a similar problem? Any suggestions on how to fix this would be very welcome. Thank you for your time!
401 (Unauthorized) When calling Sharepoint Query
Hello everyone, I am currently getting this error 401 when I try to call my Sharepoint Endpoint. It occurred after I added the following below into the header. What is the issue here? GET http://www.test.com/Shared%20Documents/query%20result%20BEFORE.xml 401 (Unauthorized) Previously, I was facing this error: Access to XMLHttpRequest at **** from origin 'http://127.0.0.1:1234' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. I added the Access-Control-Allow-Origin with a value of "*" in the HTTP Response Headers and now I am getting the 401 error. Please do help! Thank you!
