This website was made to simplify the process of searching for KQL Queries that are publicly shared on GitHub.
Currently supported GitHub Repositories:
- Matt Zorich: Sentinel Queries
- Rod Trent: SentinelKQL
- Jose Sebastián Canós: Sentinel_KQL
- Bert-Jan Pals: Hunting-Queries-Detection-Rules
- Daniel Card: KQL
- Ugur Koc: KQL_Intune
more will be added soon ...
I wrote a Blog about my motivation and the things I have learned with this project. You can find it here: Blog
KQL, or Kusto Query Language, is a query language used to search and analyze data in Microsoft Azure's data platform. It is used to perform ad hoc queries on data stored in Azure data services, including Azure Log Analytics, Azure Data Explorer, and Azure Monitor logs.
KQL has a syntax similar to SQL, but is designed specifically for querying and analyzing log data. It allows users to filter and aggregate data, extract specific fields, and perform a wide range of statistical and analytical operations on data sets. KQL also has a number of built-in functions and operators that can be used to manipulate and analyze data.
Microsoft Documentation: Kusto Query Language (KQL)
This project was bootstrapped with Create React App.
Runs the app in the development mode.
Open http://localhost:3000 to view it in your browser.
The page will reload when you make changes.
You may also see any lint errors in the console.