In this installment of the Graph Activity Log series, we uncover how attackers exploit OAuth app consent to silently access Microsoft 365 data. Using targeted KQL queries and PowerShell automation, this blog shows how to detect, investigate, and respond to these stealthy identity-based threats. The post Investigating OAuth App Abuse with the Graph Activity Log appeared first on Practical 365.| Practical 365
Go beyond stale reports – build real-time, event-driven architectures with Microsoft Fabric in this hands-on masterclass at the Fabric Conference Europe 2025 with Devang Shah & Sander van de Velde:✅ Stream, process & act on events instantly✅ Power IoT, telemetry & dashboards in real time✅ Leave with a working solution you can deploy! I’m proud … Doorgaan met het lezen van Fabric Conference Europe 2025: Masterclass in building event-driven architectures using Microsoft Fabric (Hand...| Sander van de Velde
In this small blog post, I will try to give you some insights on what Advanced hunting´s custom detection rules is – and how you can use it! Introduction Microsoft Defender XDR is a powerful security platform that uses AI, machine learning, and behavioral analytics to detect and respond to threats in real time. One […] The post Microsoft Defender XDR – Advanced Hunting – Custom Detection rules appeared first on Mindcore Techblog.| Mindcore Techblog
In the last couple of months, I have written about various ways to work with Microsoft Fabric Real-Time Intelligence data, both about ingesting, enriching, and representing. Adding Microsoft Fabric…| Sander van de Velde
Learn how to use KQL to retrieve geolocation data from IP addresses for effective auditing and monitoring of workspace activities| Sandeep Pawar | Microsoft Fabric
Microsoft Fabric is an all-in-one analytics solution for enterprises that covers everything from data movement to data science, Real-Time intelligence, and business intelligence. It offers a no-code/low-code and AI experience for self-service data engineering. If you follow my blog, you should have noticed that many blog posts are about Microsoft Fabric Real-Time Intelligence and/or Azure IoT. … Doorgaan met het lezen van Microsoft Fabric RTI: Real-Time weather data source| Sander van de Velde
Here I will share with you my the new edition of my book, Learn KQL in one month.| Syst & Deploy
Microsoft Fabric is an all-in-one analytics solution for enterprises that covers everything from data movement to data science, Real-Time intelligence, and business intelligence. It offers a n…| Sander van de Velde
A long-awaited feature is now finally available as part of Intune Advanced Analytics (part of Intune Suite). The KQL based device query feature, allows now to write queries for multiple devices. Device Query for Multiple Devices| Mike's MDM Blog
T-SQL Tuesday #171 asks us to describe the most recent issue we closed. I talk about my learning ADX and KQL to parse giant logs.| MlakarTechTalk
You might have heard about the General Availability of Virtual Network Flow Logs in Azure, and even read the announcement blog post. When writing that post with Harsha CS I had the chance to play a…| Cloudtrooper
In a lot of Microsoft Intune environments there is often the requirement to monitor configuration changes and taking action based on changes. The most simple and common action is to send someone or a group of people an email that a policy was modified. These monitoring requirements are often given for special purpose devices like…| Modern IT – Cloud – Workplace
Fun With KQL Windowing Functions – Row_Window_Session| Arcane Code
Fun With KQL Windowing Functions – Row_Rank_Dense| Arcane Code
Fun With KQL Windowing Functions – Row_Rank_Min| Arcane Code
Fun With KQL Windowing Functions – Row_CumSum| Arcane Code
Fun With KQL Windowing Functions – Prev and Next| Arcane Code
Fun With KQL Windowing Functions – Serialize and Row_Number| Arcane Code
Fun With KQL – Datatable and Calculations| Arcane Code
Azure Data Explorer makes it possible to ingest data from external sources in many ways. This can be done using eg. the database data connections, using programming code via the SDKs, or using the …| Sander van de Velde
