Index

Symbols

+ (Add) operator, KQL, 169

/ (Divide) operator, KQL, 169

-- (Equals) operator, KQL, 169170

> (Greater) operator, KQL, 169

>- (Greater or Equal) operator, KQL, 169170

< (Less) operator, KQL, 169

<- (Less or Equal) operator, KQL, 169

% (Modulo) operator, KQL, 169

* (Multiply) operator, KQL, 169

!- (Not equals) operator, KQL, 169

!in (Not equals to any of the elements) operator, KQL, 169

− (Subtract) operator, KQL, 169

A

AAD user, Logic Apps, 115

access control, 15

Activity Workbook, 133137

Add (+) operator, KQL, 169

adversaries, knowledge of, 8

aggregation reference, KQL (Kusto Query Language), 172

alerts

and bookmarks, 97

listing in dashboard, 5661

analysts

“single pane of glass,” 7

SOC (security operations center), 5

analytic ...

Get Microsoft Azure Sentinel: Planning and implementing Microsoft s cloud-native SIEM solution now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.