Tag Archives: kqlmagic

Authenticate with Log Analytics workspace interactively in Azure Sentinel notebooks

One of the common steps before a SecOps analyst starts investigating and writing hunting query is to authenticate with the Log Analytics workspace where security data and event log are stored, using kqlmagic. Most common way is to let Azure … Continue reading

Posted in Security Automation | Tagged , | Leave a comment