Comprehensive KQL query reference for Microsoft Defender XDR and Azure Sentinel, optimized for Context7 integration

KQL Queries for Microsoft Sentinel and Microsoft Defender XDR

A beginner-friendly project that demonstrates how to set up a Windows Server 2019 VM in Hyper-V, connect it to Azure using Azure Arc, and collect event logs into Microsoft Sentinel for security monitoring and analysis using KQL.

In this repository, you will find KQL queries that can be executed in Defender EDR.