path	# lines of code
Entity Explorer - IP Address.ipynb	2005
Credential Scan on Azure Data Explorer.ipynb	579
Machine Learning in Notebooks Examples.ipynb	1575
Sentinel Bulk Logs Export.ipynb	498
Guided Hunting - Base64-Encoded Linux Commands.ipynb	1140
Configurate Azure ML and Azure Synapse Analytics.ipynb	1095
azure-hunting/Azure Kubernetes Service Guided Hunting.ipynb	1071
utils/check_nb_load.py	17
utils/nb_check.py	162
utils/config_reader.py	12
utils/check_nb_kernel.py	181
machine-learning-notebooks/Guided Hunting - Anomalous Process Network Connections.ipynb	1545
machine-learning-notebooks/MasqueradingProcessNameAnomaly.ipynb	907
src/data/training_incident.pkl	7
src/data/timeseries.pkl	15
src/data/data_queries.yaml	67
src/data/failed_logons_hourly.pkl	34
src/data/aad_logons.pkl	238
src/data/host_logons.pkl	29
src/data/alerts_list.pkl	1300
src/SentinelUtilities/SentinelExceptions/input_error.py	1
src/SentinelUtilities/SentinelExceptions/__init__.py	1
src/SentinelUtilities/SentinelLog/__init__.py	1
src/SentinelUtilities/SentinelLog/log.py	16
src/SentinelUtilities/__init__.py	1
src/SentinelUtilities/SentinelAzure/__init__.py	1
src/SentinelUtilities/SentinelAzure/azure_loganalytics_helper.py	8
src/SentinelUtilities/SentinelAnomalyLookup/__init__.py	2
src/SentinelUtilities/SentinelAnomalyLookup/anomaly_lookup_view_helper.py	11
src/SentinelUtilities/SentinelWidgets/__init__.py	1
src/SentinelUtilities/SentinelWidgets/widget_view_helper.py	158
src/SentinelUtilities/SentinelUtils/__init__.py	4
src/SentinelUtilities/SentinelUtils/config_reader.py	12
src/SentinelUtilities/SentinelUtils/version_management.py	44
src/SentinelUtilities/SentinelUtils/obfuscation_utility.py	15
src/SentinelUtilities/SentinelUtils/input_validation.py	6
src/SentinelUtilities/setup.py	30
src/SentinelUtilities/SentinelPortal/__init__.py	1
src/SentinelUtilities/SentinelPortal/bookmark_helper.py	210
Entity Explorer - Domain and URL.ipynb	568
Entity Explorer - Windows Host.ipynb	808
Entity Explorer - Linux Host.ipynb	808
tutorials-and-examples/example-notebooks/SigmaRuleImporter.ipynb	686
tutorials-and-examples/example-notebooks/M365 Defender - APIs ep3.ipynb	206
tutorials-and-examples/example-notebooks/data/az_net_comms_df.pkl	1832
tutorials-and-examples/example-notebooks/data/queries.yaml	74
tutorials-and-examples/example-notebooks/data/ti_results_url.pkl	31
tutorials-and-examples/example-notebooks/data/ip_locations.pkl	9
tutorials-and-examples/example-notebooks/data/data_queries.yaml	74
tutorials-and-examples/example-notebooks/data/failedLogons.pkl	18
tutorials-and-examples/example-notebooks/data/ti_results_ipv4.pkl	107
tutorials-and-examples/example-notebooks/data/az_whois.df.pkl	108
tutorials-and-examples/example-notebooks/data/process_tree.pkl	31
tutorials-and-examples/example-notebooks/data/aad_logons.pkl	238
tutorials-and-examples/example-notebooks/data/host_logons.pkl	29
tutorials-and-examples/example-notebooks/data/alerts_list.pkl	1300
tutorials-and-examples/example-notebooks/mp_data.py	54
tutorials-and-examples/example-notebooks/Example - Azure Storage VT Hash Lookup.ipynb	182
tutorials-and-examples/example-notebooks/MDE APIs Demo Notebook.ipynb	1
tutorials-and-examples/deprecated-notebooks/A Getting Started Guide For Azure Sentinel Notebooks.ipynb	931
tutorials-and-examples/how-tos/Automation Setup - Configure Azure Machine Learning Compute Cluster and Managed Identity.ipynb	457
tutorials-and-examples/how-tos/Notebook Template.ipynb	502
tutorials-and-examples/how-tos/Configurate Azure ML and Azure Synapse Analytics.ipynb	1078
tutorials-and-examples/how-tos/Azure Sentinel Query Creator.ipynb	1356
tutorials-and-examples/how-tos/Adding Secrets to Azure Key Vault.ipynb	347
tutorials-and-examples/how-tos/Adding Hunting Bookmarks.ipynb	354
tutorials-and-examples/how-tos/TroubleShootingNotebooks.ipynb	1083
tutorials-and-examples/how-tos/Automation Setup - Configure Azure Machine Learning Pipelines.ipynb	455
tutorials-and-examples/how-tos/Provisioning DSVM.ipynb	230
tutorials-and-examples/training-notebooks/Training - MSTICPy Training 1221.ipynb	1818
tutorials-and-examples/feature-tutorials/data/example.yaml	59
tutorials-and-examples/feature-tutorials/data/ip_entities.pkl	25
tutorials-and-examples/feature-tutorials/DataUploader.ipynb	832
tutorials-and-examples/feature-tutorials/Sumologic-DataConnector.ipynb	276
tutorials-and-examples/feature-tutorials/AzureSentinelAPIs.ipynb	1882
tutorials-and-examples/feature-tutorials/AzureBlobStorage.ipynb	503
tutorials-and-examples/feature-tutorials/IoCExtract.ipynb	2170
tutorials-and-examples/feature-tutorials/MordorData.ipynb	855
tutorials-and-examples/feature-tutorials/DataObfuscation.ipynb	1672
tutorials-and-examples/feature-tutorials/ResourceGraphDriver.ipynb	915
tutorials-and-examples/feature-tutorials/Splunk-DataConnector.ipynb	1222
tutorials-and-examples/feature-tutorials/MDATPQuery.ipynb	1730
tutorials-and-examples/feature-tutorials/SqlToKql.ipynb	418
Guided Hunting - Azure Resource Explorer.ipynb	1363
Guided Investigation - Azure WAF SQLI.ipynb	989
Entity Explorer - Account.ipynb	2678
Guided Investigation - Incident Triage.ipynb	1461
msticpyconfig.yaml	5
Hands-on 2. Surfing Data using Azure SDK.ipynb	346
Guided Investigation - Fusion Incident.ipynb	1755
scenario-notebooks/Hunting-Notebooks/Hunting-QueryParquetFilesAndIngestionToCustomTable.ipynb	441
scenario-notebooks/Hunting-Notebooks/LogAnalytics-CustomTableSetup.ipynb	743
scenario-notebooks/Hunting-Notebooks/AutomateTools_ParquetGenerator.ipynb	369
scenario-notebooks/Hunting-Notebooks/AIO_Hunting-AutomatedDataQueryAndIngestionToCustomTable.ipynb	512
scenario-notebooks/Hunting-Notebooks/Hunting-AzureResourceProvisioning.ipynb	476
scenario-notebooks/Hunting-Notebooks/Scheduled_Hunting-AutomatedDataQueryAndMDTIAPIAndIngestionToCustomTable.ipynb	499
scenario-notebooks/Hunting-Notebooks/Hunting-AutomatedDataQueryAndIngestionToCustomTable.ipynb	506
scenario-notebooks/Guided Hunting - Use Machine Learning to Detect Potential Low and Slow Password Sprays using Apache Spark via Azure Synapse.ipynb	2598
scenario-notebooks/UserSecurityMetadata/Utils.py	15
scenario-notebooks/UserSecurityMetadata/__init__.py	1
scenario-notebooks/UserSecurityMetadata/NodeEdge.py	25
scenario-notebooks/UserSecurityMetadata/GraphVis.py	26
scenario-notebooks/UserSecurityMetadata/Entities.py	87
scenario-notebooks/UserSecurityMetadata/Guided Analysis - User Security Metadata.ipynb	367
scenario-notebooks/AutomatedNotebooks-IncidentTriage.ipynb	1141
scenario-notebooks/Automated-Notebooks/AutomationGallery-CredentialScanOnAzureDataExplorer.ipynb	368
scenario-notebooks/Automated-Notebooks/AutomationGallery-CredentialScanOnAzureLogAnalytics.ipynb	488
scenario-notebooks/Automated-Notebooks/AutomationGallery-CredentialScanOnAzureBlobStorage.ipynb	655
scenario-notebooks/Export Historical Log Data.ipynb	1305
scenario-notebooks/Guided Investigation - MDE Webshell Alerts.ipynb	865
scenario-notebooks/Tools/PerfTools_Log Analytics Query.ipynb	350
scenario-notebooks/Tools/PerfTools_Log Analytics_CustomTable_Setup.ipynb	727
scenario-notebooks/AutomatedNotebooks-Manager.ipynb	322
scenario-notebooks/Guided Hunting - Detect potential network beaconing using Apache Spark via Azure Synapse.ipynb	1474
scenario-notebooks/Microsoft Sentinel Query Creator.ipynb	1979
mitremap-notebook/model.ps1	12
mitremap-notebook/MitreMap - Infer MITRE technique from Threat Intel Data.ipynb	282
Hands-on 1. Data Discovery using Azure REST API.ipynb	441
ConfiguringNotebookEnvironment.ipynb	1102
Guided Hunting - Anomalous Office365 Exchange Sessions.ipynb	596
Credential Scan on Azure Blob Storage.ipynb	589
Entity Explorer - Host.ipynb	804
Guided Hunting - Investigating Malicious Links Shared in Teams.ipynb	526
Credential Scan on Azure Log Analytics.ipynb	474
A Getting Started Guide For PowerShell AML Notebooks.ipynb	1352
A Tour of Cybersec notebook features.ipynb	4283
Guided Hunting - Detect potential network beaconing using Apache Spark via Azure Synapse.ipynb	1469