Community
Classroom
Members
Leaderboards
About
19h • 💬 General Chat
Azure Sign In Investigation
Yesterday, I have shared on LinkedIn, how you can investigate user's sign in history.
I will share a link to KQL query, which will tell you
  • What IP addresses user used in the past 7 days
  • If he signed from them in the past 90 days
  • Did he sign from the country? Was device managed?
If you are investigating user's activity, it's a great first check you can do and very useful for AI agents during incident response.
https://github.com/Pavel-Hrabec/KQL-Queries/blob/main/Sign-In%20Login%20History
0
0 comments
Pavel Hrabec
3
Azure Sign In Investigation
powered by
AI Security & Automation
skool.com/cloud-ai-security-academy-4626
Learn AI, automation and security tools reshaping modern SOC and cyber careers.
Suggested communities
AI Automation Society
Clief Notes
AI Cyber Value Creators
Agentic AI for Founders
Story Hacker AI
Build your own community
Bring people together around your passion and get paid.
Powered by