├── 01 Custom HTTP Data Collector API ├── ADObjectsToALA_v1.4.ps1 └── domainlist.csv ├── 02 Log Analytics Parser functions ├── VASWAdminAuditParser.kusto ├── VASWComputersParser.kusto ├── VASWGroupParser.kusto ├── VASWPawAuditParser.kusto └── VASWUsersParser.kusto ├── 03 Workbook ├── Visual Auditing Security Workbook - AMA - v1.5.workbook └── readme.md ├── LICENSE └── README.md /01 Custom HTTP Data Collector API/ADObjectsToALA_v1.4.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmrellan/Visual-Auditing-Security-Workbook-with-Microsoft-Sentinel/HEAD/01 Custom HTTP Data Collector API/ADObjectsToALA_v1.4.ps1 -------------------------------------------------------------------------------- /01 Custom HTTP Data Collector API/domainlist.csv: -------------------------------------------------------------------------------- 1 | dc,isLAPSDeployed 2 | DomainControllerFQDN,1 -------------------------------------------------------------------------------- /02 Log Analytics Parser functions/VASWAdminAuditParser.kusto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmrellan/Visual-Auditing-Security-Workbook-with-Microsoft-Sentinel/HEAD/02 Log Analytics Parser functions/VASWAdminAuditParser.kusto -------------------------------------------------------------------------------- /02 Log Analytics Parser functions/VASWComputersParser.kusto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmrellan/Visual-Auditing-Security-Workbook-with-Microsoft-Sentinel/HEAD/02 Log Analytics Parser functions/VASWComputersParser.kusto -------------------------------------------------------------------------------- /02 Log Analytics Parser functions/VASWGroupParser.kusto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmrellan/Visual-Auditing-Security-Workbook-with-Microsoft-Sentinel/HEAD/02 Log Analytics Parser functions/VASWGroupParser.kusto -------------------------------------------------------------------------------- /02 Log Analytics Parser functions/VASWPawAuditParser.kusto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmrellan/Visual-Auditing-Security-Workbook-with-Microsoft-Sentinel/HEAD/02 Log Analytics Parser functions/VASWPawAuditParser.kusto -------------------------------------------------------------------------------- /02 Log Analytics Parser functions/VASWUsersParser.kusto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmrellan/Visual-Auditing-Security-Workbook-with-Microsoft-Sentinel/HEAD/02 Log Analytics Parser functions/VASWUsersParser.kusto -------------------------------------------------------------------------------- /03 Workbook/Visual Auditing Security Workbook - AMA - v1.5.workbook: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmrellan/Visual-Auditing-Security-Workbook-with-Microsoft-Sentinel/HEAD/03 Workbook/Visual Auditing Security Workbook - AMA - v1.5.workbook -------------------------------------------------------------------------------- /03 Workbook/readme.md: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmrellan/Visual-Auditing-Security-Workbook-with-Microsoft-Sentinel/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmrellan/Visual-Auditing-Security-Workbook-with-Microsoft-Sentinel/HEAD/README.md --------------------------------------------------------------------------------