Sentinel Detection & Response

Interactive KQL rule creation and alerting simulator

Results: 0 records

TimeGenerated	EventID	Account	IpAddress	Activity
Click "Run Query" to process logs.

01. General & Logic

Analytics Rule Name

Rule Query (Importada desde KQL Forge)

Trigger alert when results are >

02. Incident Settings

Severity

MITRE ATT&CK Tactics