azure / Azure-Sentinel
File Age & Freshness

File age measurements show the distribution of file ages (days since the first commit) and the file freshness (days since the latest commit).

Summary
File Change History Overall
File Age Distribution Overall
Days since first update
  • There are 6,161 files with 393,808 lines of code in files.
    • 5,226 files that are 366+ days old (313,848 lines of code)
    • 667 files that are 181-365 days old (55,477 lines of code)
    • 109 files that are 91-180 days old (7,590 lines of code)
    • 101 files that are 31-90 days old (13,507 lines of code)
    • 58 files that are 1-30 days old (3,386 lines of code)
79% | 14% | 1% | 3% | <1%
Legend:
366+
181-365
91-180
31-90
1-30

explore: grouped by folders | grouped by age
File Freshness Distribution Overall
Days since last update
  • There are 6,161 files with 393,808 lines of code in files.
    • 1,646 files have been last changed 366+ days ago (67,931 lines of code)
    • 2,784 files have been last changed 181-365 days ago (187,651 lines of code)
    • 411 files have been last changed 91-180 days ago (36,526 lines of code)
    • 980 files have been last changed 31-90 days ago (64,948 lines of code)
    • 340 files have been last changed 1-30 days ago (36,752 lines of code)
17% | 47% | 9% | 16% | 9%
Legend:
366+
181-365
91-180
31-90
1-30

explore: grouped by folders | grouped by freshness
File Change History per File Extension
json, yaml, md, py, svg, txt, ps1, cs, ts, psd1, pyi, rb, sh, csproj, gitignore, js, tf, go, 01, csl, xml, ipynb, h, spec, psm1, gemspec, ini, 02, 03, mod, 04, 05, 06, 07, html, gitattributes, rst, cfg, liquid, properties
File Age Distribution per Extension
Days since first update
366+
181-365
91-180
31-90
1-30
yaml84% | 9% | 2% | 1% | 1%
py63% | 35% | <1% | <1% | 0%
ps176% | 1% | <1% | 21% | 0%
cs100% | 0% | 0% | 0% | 0%
rb100% | 0% | 0% | 0% | 0%
csl100% | 0% | 0% | 0% | 0%
js100% | 0% | 0% | 0% | 0%
tf30% | 6% | 0% | 62% | 0%
psd196% | 3% | 0% | 0% | 0%
psm127% | 72% | 0% | 0% | 0%
ts100% | 0% | 0% | 0% | 0%
xml100% | 0% | 0% | 0% | 0%
gemspec100% | 0% | 0% | 0% | 0%
html100% | 0% | 0% | 0% | 0%
liquid100% | 0% | 0% | 0% | 0%
spec100% | 0% | 0% | 0% | 0%
go0% | 100% | 0% | 0% | 0%
File Freshness Distribution per Extension
Days since last update
366+
181-365
91-180
31-90
1-30
yaml16% | 53% | 9% | 16% | 5%
ps129% | 27% | 2% | 2% | 37%
py11% | 40% | 13% | 24% | 10%
cs54% | 35% | 0% | 10% | 0%
rb41% | 41% | 9% | 7% | 0%
csl100% | 0% | 0% | 0% | 0%
js88% | 11% | 0% | 0% | 0%
psd152% | 47% | 0% | 0% | 0%
xml100% | 0% | 0% | 0% | 0%
ts63% | 36% | 0% | 0% | 0%
html100% | 0% | 0% | 0% | 0%
gemspec48% | 0% | 0% | 51% | 0%
spec100% | 0% | 0% | 0% | 0%
psm10% | 100% | 0% | 0% | 0%
tf0% | 30% | 0% | 6% | 62%
liquid0% | 100% | 0% | 0% | 0%
go0% | 0% | 0% | 100% | 0%
File Change History per Logical Decomposition
primary
primary (file age distribution)
Days since first update
366+
181-365
91-180
31-90
1-30
Solutions74% | 16% | 2% | 4% | 1%
Parsers81% | 17% | <1% | 0% | 0%
Hunting Queries89% | 9% | 0% | 1% | 0%
Tools96% | 2% | <1% | 0% | 0%
Detections99% | <1% | 0% | 0% | 0%
DataConnectors93% | <1% | <1% | 5% | 0%
ASIM97% | 2% | 0% | 0% | 0%
Exploration Queries100% | 0% | 0% | 0% | 0%
Watchlists100% | 0% | 0% | 0% | 0%
Tutorials100% | 0% | 0% | 0% | 0%
Playbooks39% | 15% | 3% | 41% | 0%
Summary rules0% | 0% | 0% | 100% | 0%
primary (file freshness distribution)
Days since last update
366+
181-365
91-180
31-90
1-30
Solutions10% | 48% | 7% | 21% | 11%
Hunting Queries53% | 35% | <1% | 8% | 1%
Parsers16% | 48% | 24% | 10% | 0%
DataConnectors43% | 32% | 1% | 6% | 16%
Tools30% | 34% | 5% | 5% | 24%
ASIM29% | 44% | 0% | 26% | 0%
Exploration Queries61% | 37% | 0% | 1% | 0%
Detections4% | 89% | 2% | 3% | <1%
Watchlists100% | 0% | 0% | 0% | 0%
Tutorials100% | 0% | 0% | 0% | 0%
Playbooks12% | 27% | 0% | 18% | 41%
Summary rules0% | 0% | 0% | 0% | 100%
Oldest Files (Top 50)
File# lines# unitscreatedlast modified# changes
(days)		# contributorsfirst
contributor		latest
contributor
cef_troubleshoot.py
in DataConnectors/CEF
 653 43 2019-07-23 2024-07-18 145 101 46102293+morshabi@users.nor... 164491672+shishirdw@users.n...
cef_installer.py
in DataConnectors/CEF
 554 34 2019-07-23 2024-07-18 129 94 46102293+morshabi@users.nor... 164491672+shishirdw@users.n...
GroupCreatedAddedToPrivlegeGroup_1h.yaml
in Detections/SecurityEvent
 150 - 2019-08-13 2024-08-19 202 140 sagamzu@microsoft.com v-prasadboke@microsoft.com
UserAccountCreatedDeleted_10m.yaml
in Detections/SecurityEvent
 148 - 2019-08-13 2024-08-19 190 141 sagamzu@microsoft.com v-prasadboke@microsoft.com
UserCreatedAddedToBuiltinAdmins_1d.yaml
in Detections/SecurityEvent
 141 - 2019-08-13 2024-07-18 164 126 sagamzu@microsoft.com 164491672+shishirdw@users.n...
gte_6_FailedLogons_10m.yaml
in Detections/SecurityEvent
 140 - 2019-08-13 2024-07-18 226 159 sagamzu@microsoft.com 164491672+shishirdw@users.n...
UserAccountAdd-Removed.yaml
in Detections/SecurityEvent
 129 - 2019-08-13 2024-07-18 174 131 sagamzu@microsoft.com 164491672+shishirdw@users.n...
123 - 2019-08-13 2024-08-19 188 139 sagamzu@microsoft.com v-prasadboke@microsoft.com
PotentialKerberoast.yaml
in Detections/SecurityEvent
 118 - 2019-08-13 2024-08-19 188 137 sagamzu@microsoft.com v-prasadboke@microsoft.com
UserAccountAddedToPrivlegeGroup_1h.yaml
in Detections/SecurityEvent
 112 - 2019-08-13 2024-08-19 234 155 sagamzu@microsoft.com v-prasadboke@microsoft.com
MalformedUserAgents.yaml
in Detections/MultipleDataSources
 109 - 2019-08-13 2024-08-19 203 144 sagamzu@microsoft.com v-prasadboke@microsoft.com
password_never_expires.yaml
in Detections/SecurityEvent
 107 - 2019-08-13 2024-08-12 193 137 sagamzu@microsoft.com 62938807+haim-na@users.nore...
HighFailedLogonCountByUser.yaml
in Detections/W3CIISLog
 99 - 2019-08-13 2024-07-18 141 107 sagamzu@microsoft.com 164491672+shishirdw@users.n...
92 - 2019-08-13 2024-08-19 156 116 sagamzu@microsoft.com v-prasadboke@microsoft.com
92 - 2019-08-13 2025-01-21 154 111 sagamzu@microsoft.com 128674128+v1managedservices...
HighPortCountByClientIP.yaml
in Detections/W3CIISLog
 80 - 2019-08-13 2024-08-19 139 104 sagamzu@microsoft.com v-prasadboke@microsoft.com
SigninFirewallCorrelation.yaml
in Detections/MultipleDataSources
 67 - 2019-08-13 2024-08-19 201 140 sagamzu@microsoft.com v-prasadboke@microsoft.com
NewUserAgentLast24h.yaml
in Detections/MultipleDataSources
 5 - 2019-08-13 2024-07-18 143 107 sagamzu@microsoft.com 164491672+shishirdw@users.n...
NetworkEndpointCorrelation.yaml
in Detections/MultipleDataSources
 5 - 2019-08-13 2024-07-18 171 120 sagamzu@microsoft.com 164491672+shishirdw@users.n...
KeyvaultMassSecretRetrieval.yaml
in Detections/AzureDiagnostics
 5 - 2019-08-13 2024-07-18 174 125 sagamzu@microsoft.com 164491672+shishirdw@users.n...
TimeSeriesKeyvaultAccessAnomaly.yaml
in Detections/AzureDiagnostics
 5 - 2019-08-13 2024-07-18 145 117 sagamzu@microsoft.com 164491672+shishirdw@users.n...
KeyVaultSensitiveOperations.yaml
in Detections/AzureDiagnostics
 5 - 2019-08-13 2024-07-18 146 119 sagamzu@microsoft.com 164491672+shishirdw@users.n...
malware_in_recyclebin.yaml
in Detections/SecurityEvent
 5 - 2019-08-13 2024-07-18 155 113 sagamzu@microsoft.com 164491672+shishirdw@users.n...
SecurityEventLogCleared.yaml
in Detections/SecurityEvent
 5 - 2019-08-13 2024-07-18 162 120 sagamzu@microsoft.com 164491672+shishirdw@users.n...
powershell_empire.yaml
in Detections/SecurityEvent
 5 - 2019-08-13 2024-07-18 176 131 sagamzu@microsoft.com 164491672+shishirdw@users.n...
TimeSeriesAnomaly-ProcessExecutions.yaml
in Detections/SecurityEvent
 5 - 2019-08-13 2024-07-18 151 120 sagamzu@microsoft.com 164491672+shishirdw@users.n...
password_not_set.yaml
in Detections/SecurityEvent
 5 - 2019-08-13 2024-07-18 134 106 sagamzu@microsoft.com 164491672+shishirdw@users.n...
execute_base64_decodedpayload.yaml
in Detections/SecurityEvent
 5 - 2019-08-13 2024-07-18 142 108 sagamzu@microsoft.com 164491672+shishirdw@users.n...
base64_encoded_pefile.yaml
in Detections/SecurityEvent
 5 - 2019-08-13 2024-07-18 142 108 sagamzu@microsoft.com 164491672+shishirdw@users.n...
ExcessiveLogonFailures.yaml
in Detections/SecurityEvent
 5 - 2019-08-13 2024-07-18 136 105 sagamzu@microsoft.com 164491672+shishirdw@users.n...
5 - 2019-08-13 2024-07-18 134 105 sagamzu@microsoft.com 164491672+shishirdw@users.n...
DNS_Miners.yaml
in Detections/DnsEvents
 5 - 2019-08-13 2024-07-18 136 108 sagamzu@microsoft.com 164491672+shishirdw@users.n...
5 - 2019-08-13 2024-07-18 124 101 sagamzu@microsoft.com 164491672+shishirdw@users.n...
DNS_TorProxies.yaml
in Detections/DnsEvents
 5 - 2019-08-13 2024-07-18 135 106 sagamzu@microsoft.com 164491672+shishirdw@users.n...
DistribPassCrackAttempt.yaml
in Detections/SigninLogs
 5 - 2019-08-13 2024-07-18 166 126 sagamzu@microsoft.com 164491672+shishirdw@users.n...
SigninBruteForce-AzurePortal.yaml
in Detections/SigninLogs
 5 - 2019-08-13 2024-07-18 191 137 sagamzu@microsoft.com 164491672+shishirdw@users.n...
BypassCondAccessRule.yaml
in Detections/SigninLogs
 5 - 2019-08-13 2024-07-18 159 124 sagamzu@microsoft.com 164491672+shishirdw@users.n...
5 - 2019-08-13 2024-07-18 157 123 sagamzu@microsoft.com 164491672+shishirdw@users.n...
5 - 2019-08-13 2024-07-18 143 116 sagamzu@microsoft.com 164491672+shishirdw@users.n...
FailedLogonToAzurePortal.yaml
in Detections/SigninLogs
 5 - 2019-08-13 2024-07-18 178 135 sagamzu@microsoft.com 164491672+shishirdw@users.n...
5 - 2019-08-13 2024-07-18 160 123 sagamzu@microsoft.com 164491672+shishirdw@users.n...
ssh_potentialBruteForce.yaml
in Detections/Syslog
 5 - 2019-08-13 2024-07-18 144 107 sagamzu@microsoft.com 164491672+shishirdw@users.n...
squid_cryptomining_pools.yaml
in Detections/Syslog
 5 - 2019-08-13 2024-07-18 130 100 sagamzu@microsoft.com 164491672+shishirdw@users.n...
5 - 2019-08-13 2024-07-18 143 108 sagamzu@microsoft.com 164491672+shishirdw@users.n...
squid_tor_proxies.yaml
in Detections/Syslog
 5 - 2019-08-13 2024-07-18 130 100 sagamzu@microsoft.com 164491672+shishirdw@users.n...
CiscoASA-ThreatDetectionMessage.yaml
in Detections/CommonSecurityLog
 5 - 2019-08-13 2024-07-18 100 88 sagamzu@microsoft.com 164491672+shishirdw@users.n...
PaloAlto-NetworkBeaconing.yaml
in Detections/CommonSecurityLog
 5 - 2019-08-13 2024-07-18 107 98 sagamzu@microsoft.com 164491672+shishirdw@users.n...
CiscoASA-AvgAttackDetectRateIncrease.yaml
in Detections/CommonSecurityLog
 5 - 2019-08-13 2024-07-18 90 83 sagamzu@microsoft.com 164491672+shishirdw@users.n...
PaloAlto-PortScanning.yaml
in Detections/CommonSecurityLog
 5 - 2019-08-13 2024-07-18 118 102 sagamzu@microsoft.com 164491672+shishirdw@users.n...
AWS_ChangeToVPC.yaml
in Detections/AWSCloudTrail
 5 - 2019-08-13 2024-07-18 150 117 sagamzu@microsoft.com 164491672+shishirdw@users.n...
Files Not Recently Changed (Top 50)
File# lines# unitscreatedlast modified# changes
(days)		# contributorsfirst
contributor		latest
contributor
mes_request.py
in Solutions/Lookout/Data Connectors/LookoutAPISentinelConnector
 186 6 2021-05-04 2022-09-30 29 25 rajendra.khabiya@gate6.com 53319081+chkp-jguo@users.no...
SentinelOneUninstalledAgents.yaml
in Solutions/SentinelOne/Hunting Queries
 23 - 2021-12-17 2023-01-13 27 25 sp@socprime.com koos@lenswork.nl
CyberArkEPMRenamedWindowsBinary.yaml
in Solutions/CyberArkEPM/Analytic Rules
 23 - 2022-04-12 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
CyberArkEPMUnexpectedExecutableLocation.yaml
in Solutions/CyberArkEPM/Analytic Rules
 23 - 2022-04-12 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
CyberArkEPMSuspiciousActivityAttempts.yaml
in Solutions/CyberArkEPM/Hunting Queries
 23 - 2022-04-12 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
GCPDNSUnexpectedTLD.yaml
in Solutions/GoogleCloudPlatformDNS/Hunting Queries
 24 - 2021-12-17 2023-01-13 19 22 sp@socprime.com koos@lenswork.nl
GCPDNSSourceHighErrors.yaml
in Solutions/GoogleCloudPlatformDNS/Hunting Queries
 24 - 2021-12-17 2023-01-13 19 22 sp@socprime.com koos@lenswork.nl
TrendMicroCASRansomwareThreats.yaml
in Solutions/Trend Micro Cloud App Security/Hunting Queries
 24 - 2021-12-10 2023-01-13 15 15 sp@socprime.com koos@lenswork.nl
TrendMicroCASRiskyUsers.yaml
in Solutions/Trend Micro Cloud App Security/Hunting Queries
 24 - 2021-12-10 2023-01-13 15 15 sp@socprime.com koos@lenswork.nl
TrendMicroCASUserDLPViolations.yaml
in Solutions/Trend Micro Cloud App Security/Hunting Queries
 24 - 2021-12-10 2023-01-13 16 15 sp@socprime.com koos@lenswork.nl
JiraUpdatedProjects.yaml
in Solutions/AtlassianJiraAudit/Hunting Queries
 24 - 2021-12-29 2023-01-13 14 17 sp@socprime.com koos@lenswork.nl
JiraWorkflowAddedToProject.yaml
in Solutions/AtlassianJiraAudit/Hunting Queries
 24 - 2021-12-29 2023-01-13 14 17 sp@socprime.com koos@lenswork.nl
JiraUpdatedWorkflowSchemes.yaml
in Solutions/AtlassianJiraAudit/Hunting Queries
 24 - 2021-12-29 2023-01-13 14 17 sp@socprime.com koos@lenswork.nl
JiraProjectVersionsReleased.yaml
in Solutions/AtlassianJiraAudit/Hunting Queries
 24 - 2021-12-29 2023-01-13 14 17 sp@socprime.com koos@lenswork.nl
JiraUpdatedProjectVersions.yaml
in Solutions/AtlassianJiraAudit/Hunting Queries
 24 - 2021-12-29 2023-01-13 14 17 sp@socprime.com koos@lenswork.nl
JiraUpdatedWorkflows.yaml
in Solutions/AtlassianJiraAudit/Hunting Queries
 24 - 2021-12-29 2023-01-13 14 17 sp@socprime.com koos@lenswork.nl
BitglassApplications.yaml
in Solutions/Bitglass/Hunting Queries
 24 - 2021-12-03 2023-01-13 14 15 sp@socprime.com koos@lenswork.nl
BitglassRiskyUsers.yaml
in Solutions/Bitglass/Hunting Queries
 24 - 2021-12-03 2023-01-13 14 15 sp@socprime.com koos@lenswork.nl
CyberArkEPMUnexpectedExecutableExtension.yaml
in Solutions/CyberArkEPM/Analytic Rules
 24 - 2022-04-12 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
CyberArkEPMProcessesAccessedInternet.yaml
in Solutions/CyberArkEPM/Hunting Queries
 24 - 2022-04-12 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
ImpervaNonWebApplication.yaml
in Solutions/ImpervaCloudWAF/Hunting Queries
 24 - 2021-11-15 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
ImpervaRequestsFromBots.yaml
in Solutions/ImpervaCloudWAF/Hunting Queries
 24 - 2021-11-15 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
ImpervaInsecureWebProtocolVersion.yaml
in Solutions/ImpervaCloudWAF/Hunting Queries
 24 - 2021-11-15 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
SnowflakeUnknownQueryType.yaml
in Solutions/Snowflake/Hunting Queries
 24 - 2021-12-03 2023-01-13 14 15 sp@socprime.com koos@lenswork.nl
SentinelOneSourcesByAlertCount.yaml
in Solutions/SentinelOne/Hunting Queries
 25 - 2021-12-17 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
SentinelOneAgentStatus.yaml
in Solutions/SentinelOne/Hunting Queries
 25 - 2021-12-17 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
SentinelOneRulesDeleted.yaml
in Solutions/SentinelOne/Hunting Queries
 25 - 2021-12-17 2023-01-13 27 25 sp@socprime.com koos@lenswork.nl
SentinelOneScannedHosts.yaml
in Solutions/SentinelOne/Hunting Queries
 25 - 2021-12-17 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
SentinelOneAlertTriggers.yaml
in Solutions/SentinelOne/Hunting Queries
 25 - 2021-12-17 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
SentinelOneNewRules.yaml
in Solutions/SentinelOne/Hunting Queries
 25 - 2021-12-17 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
TrendMicroCASTopFilesRecievedViaEmail.yaml
in Solutions/Trend Micro Cloud App Security/Hunting Queries
 25 - 2021-12-10 2023-01-13 15 15 sp@socprime.com koos@lenswork.nl
TrendMicroCASVAThreats.yaml
in Solutions/Trend Micro Cloud App Security/Hunting Queries
 25 - 2021-12-10 2023-01-13 16 15 sp@socprime.com koos@lenswork.nl
TrendMicroCASSuspiciousFilesSharepoint.yaml
in Solutions/Trend Micro Cloud App Security/Hunting Queries
 25 - 2021-12-10 2023-01-13 15 15 sp@socprime.com koos@lenswork.nl
CiscoDuoAuthenticationErrorReasons.yaml
in Solutions/CiscoDuoSecurity/Hunting Queries
 25 - 2021-11-22 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
JiraBlockedTasks.yaml
in Solutions/AtlassianJiraAudit/Hunting Queries
 25 - 2021-12-29 2023-01-13 14 17 sp@socprime.com koos@lenswork.nl
JiraNewUsers.yaml
in Solutions/AtlassianJiraAudit/Hunting Queries
 25 - 2021-12-29 2023-01-13 14 17 sp@socprime.com koos@lenswork.nl
BitglassTopUsersWithBlocks.yaml
in Solutions/Bitglass/Hunting Queries
 25 - 2021-12-03 2023-01-13 14 15 sp@socprime.com koos@lenswork.nl
BitglassUncategorizedResources.yaml
in Solutions/Bitglass/Hunting Queries
 25 - 2021-12-03 2023-01-13 14 15 sp@socprime.com koos@lenswork.nl
BitglassNewApplications.yaml
in Solutions/Bitglass/Hunting Queries
 25 - 2021-12-03 2023-01-13 14 15 sp@socprime.com koos@lenswork.nl
BitglassUserDevices.yaml
in Solutions/Bitglass/Hunting Queries
 25 - 2021-12-03 2023-01-13 15 15 sp@socprime.com koos@lenswork.nl
CyberArkEPMElevationRequests.yaml
in Solutions/CyberArkEPM/Hunting Queries
 25 - 2022-04-12 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
CyberArkEPMRareProcessesRunByUsers.yaml
in Solutions/CyberArkEPM/Hunting Queries
 25 - 2022-04-12 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
CyberArkEPMProcessNewHash.yaml
in Solutions/CyberArkEPM/Hunting Queries
 25 - 2022-04-12 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
CyberArkEPMRareProcVendors.yaml
in Solutions/CyberArkEPM/Hunting Queries
 25 - 2022-04-12 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
CyberArkEPMPowershellExecutionParameters.yaml
in Solutions/CyberArkEPM/Hunting Queries
 25 - 2022-04-12 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
CyberArkEPMPowershellDownloads.yaml
in Solutions/CyberArkEPM/Hunting Queries
 25 - 2022-04-12 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
ImpervaTopSourcesErrors.yaml
in Solutions/ImpervaCloudWAF/Hunting Queries
 25 - 2021-11-15 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
ImpervaRareClientApplications.yaml
in Solutions/ImpervaCloudWAF/Hunting Queries
 25 - 2021-11-15 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
ImpervaRareApplications.yaml
in Solutions/ImpervaCloudWAF/Hunting Queries
 25 - 2021-11-15 2023-01-13 15 16 sp@socprime.com koos@lenswork.nl
SnowflakeFailedLogins.yaml
in Solutions/Snowflake/Hunting Queries
 25 - 2021-12-03 2023-01-13 14 15 sp@socprime.com koos@lenswork.nl
Most Recently Created Files (Top 50)
File# lines# unitscreatedlast modified# changes
(days)		# contributorsfirst
contributor		latest
contributor
DomainEntity_PaloAlto.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 108 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_imNetworkSession.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 106 - 2025-04-15 2025-04-29 5 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
imDns_DomainEntity_DnsEvents.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 83 - 2025-04-15 2025-04-30 9 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
imDns_IPEntity_DnsEvents.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 80 - 2025-04-15 2025-04-29 8 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
URLEntity_PaloAlto.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 79 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_SecurityEvent.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 75 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_DnsEvents.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 74 - 2025-04-15 2025-04-29 9 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_Syslog.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 73 - 2025-04-15 2025-04-29 9 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_CloudAppEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 72 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
FileHashEntity_SecurityEvent.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 71 - 2025-04-15 2025-04-29 9 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AppServiceHTTPLogs.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 69 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AzureFirewall.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 69 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_SecurityAlert.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 67 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AzureActivity.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 67 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
URLEntity_SecurityAlerts.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 67 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AzureSQL.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 66 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_SigninLogs.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 66 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_EmailUrlInfo_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 66 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_SecurityAlert.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 65 - 2025-04-15 2025-04-29 9 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_OfficeActivity.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 64 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AWSCloudTrail.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 64 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_SigninLogs_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 64 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_DnsEvents.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 63 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
FileHashEntity_CommonSecurityLog.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 63 - 2025-04-15 2025-04-29 9 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_W3CIISLog.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 63 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
URLEntity_EmailUrlInfo_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 62 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
URLEntity_UrlClickEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 62 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AzureNetworkAnalytics.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 62 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_VMConnection.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 61 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
URLEntity_AuditLogs.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 61 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AzureKeyVault.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 61 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_OfficeActivity.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 58 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
URLEntity_DeviceNetworkEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 58 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_DuoSecurity.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 57 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_imWebSession.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 57 - 2025-04-15 2025-04-29 9 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_PaloAlto.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 57 - 2025-04-15 2025-04-29 9 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_DeviceNetworkEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 55 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_AzureActivity.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 55 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_Workday_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 53 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_EmailEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 52 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
ThreatIntelIndicatorsv2.yaml
in Solutions/Threat Intelligence (NEW)/Parsers
 51 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
Threat Intel Matches to GitHub Audit Logs.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 50 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_CommonSecurityLog.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 50 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_DeviceNetworkEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 50 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_EmailEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 50 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
FileEntity_SecurityEvent.yaml
in Solutions/Threat Intelligence (NEW)/Hunting Queries
 49 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
FileEntity_Syslog.yaml
in Solutions/Threat Intelligence (NEW)/Hunting Queries
 48 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
FileEntity_VMConnection.yaml
in Solutions/Threat Intelligence (NEW)/Hunting Queries
 48 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
FileEntity_OfficeActivity.yaml
in Solutions/Threat Intelligence (NEW)/Hunting Queries
 47 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_imWebSession.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 47 - 2025-04-15 2025-04-29 5 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
Most Recently Changed Files (Top 50)
File# lines# unitscreatedlast modified# changes
(days)		# contributorsfirst
contributor		latest
contributor
imDns_DomainEntity_DnsEvents.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 83 - 2025-04-15 2025-04-30 9 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_SecurityEvent.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 75 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_CloudAppEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 72 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AppServiceHTTPLogs.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 69 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AzureFirewall.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 69 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AzureActivity.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 67 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
URLEntity_SecurityAlerts.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 67 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AzureSQL.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 66 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_SigninLogs.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 66 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_OfficeActivity.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 64 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AWSCloudTrail.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 64 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_SigninLogs_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 64 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_DnsEvents.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 63 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_W3CIISLog.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 63 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
URLEntity_UrlClickEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 62 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AzureNetworkAnalytics.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 62 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_VMConnection.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 61 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_AzureKeyVault.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 61 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_OfficeActivity.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 58 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
URLEntity_DeviceNetworkEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 58 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_DuoSecurity.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 57 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_DeviceNetworkEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 55 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_AzureActivity.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 55 - 2025-04-15 2025-04-30 10 8 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_Workday_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 53 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
Threat Intel Matches to GitHub Audit Logs.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 50 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_DeviceNetworkEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 50 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_EmailEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 50 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
EmailEntity_CloudAppEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 45 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_CustomSecurityLog.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 42 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_CloudAppEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 4 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
URLEntity_CloudAppEvents_Updated.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 4 - 2025-04-15 2025-04-30 7 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
commonFunctions.ps1
in Tools/Create-Azure-Sentinel-Solution/common
 3350 - 2023-06-28 2025-04-29 280 133 demehra@microsoft.com v-atulyadav@microsoft.com
createCCPConnector.ps1
in Tools/Create-Azure-Sentinel-Solution/common
 921 - 2023-11-04 2025-04-29 104 50 v-amolpatil@microsoft.com v-shukore@microsoft.com
message_factory.py
in Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib
 526 8 2024-02-22 2025-04-29 32 29 maciej.antkiewicz@withsecur... v-atulyadav@microsoft.com
run.ps1
in Solutions/QualysVM/Data Connectors/AzureFunctionQualysVM_V2
 285 - 2022-08-19 2025-04-29 34 31 v-ntripathi@microsoft.com v-atulyadav@microsoft.com
CommonAwsPolicies.ps1
in DataConnectors/AWS-S3/Utils
 224 - 2021-10-12 2025-04-29 100 86 t-shfeli@microsoft.com v-atulyadav@microsoft.com
__init__.py
in Solutions/ImpervaCloudWAF/Data Connectors/ImpervaWAFCloudSentinelConnector
 221 12 2021-06-29 2025-04-29 113 91 ov@socprime.com v-atulyadav@microsoft.com
withsecure_client.py
in Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib
 146 12 2024-02-22 2025-04-29 33 29 maciej.antkiewicz@withsecur... v-atulyadav@microsoft.com
DomainEntity_PaloAlto.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 108 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
IPEntity_imNetworkSession.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 106 - 2025-04-15 2025-04-29 5 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
NetworkPortSweepFromExternalNetwork.yaml
in Solutions/Network Session Essentials/Analytic Rules
 91 - 2023-02-03 2025-04-29 86 75 demehra@microsoft.com v-atulyadav@microsoft.com
QualysHostDetection.yaml
in Solutions/QualysVM/Parsers
 88 - 2023-08-22 2025-04-29 39 35 mkchiliveri@gmail.com v-atulyadav@microsoft.com
function_app.py
in Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction
 80 3 2024-02-22 2025-04-29 32 29 maciej.antkiewicz@withsecur... v-atulyadav@microsoft.com
imDns_IPEntity_DnsEvents.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 80 - 2025-04-15 2025-04-29 8 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
URLEntity_PaloAlto.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 79 - 2025-04-15 2025-04-29 5 6 v-shukore@microsoft.com v-atulyadav@microsoft.com
CiscoASA-AvgAttackDetectRateIncrease.yaml
in Solutions/CiscoASA/Analytic Rules
 78 - 2022-08-09 2025-04-29 67 53 105694882+v-laanjana@users.... v-atulyadav@microsoft.com
ConfluenceAudit.yaml
in Solutions/AtlassianConfluenceAudit/Parsers
 76 - 2023-08-22 2025-04-29 40 36 mkchiliveri@gmail.com v-atulyadav@microsoft.com
DomainEntity_DnsEvents.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 74 - 2025-04-15 2025-04-29 9 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
DomainEntity_Syslog.yaml
in Solutions/Threat Intelligence (NEW)/Analytic Rules
 73 - 2025-04-15 2025-04-29 9 7 v-shukore@microsoft.com v-atulyadav@microsoft.com
NewAgentAddedToPoolbyNewUserorofNewOS.yaml
in Solutions/AzureDevOpsAuditing/Analytic Rules
 72 - 2022-09-21 2025-04-29 97 72 v-mchatla@microsoft.com v-atulyadav@microsoft.com