by mukul975
analyzing-azure-activity-logs-for-threats skill for querying Azure Monitor activity logs and sign-in logs to spot suspicious admin actions, impossible travel, privilege escalation, and resource tampering. Built for incident triage with KQL patterns, an execution path, and practical Azure log table guidance.
by microsoft
azure-monitor-query-py helps Python developers query Azure Monitor logs and metrics with azure-monitor-query. Use it for Log Analytics workspaces, Azure resource metrics, backend monitoring, diagnostics, and observability automation. It fits the azure-monitor-query-py skill when you already have workspace IDs, resource URIs, and Azure credentials.
by mukul975
building-cloud-siem-with-sentinel is a practical guide for deploying Microsoft Sentinel as a cloud SIEM and SOAR layer. It covers multi-cloud log ingestion, KQL detections, incident investigation, and Logic Apps response playbooks for Security Audit and SOC operations. Use this building-cloud-siem-with-sentinel skill when you need a repo-backed starting point for centralized cloud security monitoring.
