nb_files = !dir /b /s ..\*.ipynb
root_path = nb_files[0].rsplit("\\", maxsplit=1)[0]
nb_files = [nb_file.replace(root_path, "").replace("\\", "/") for nb_file in nb_files]
nb_files[:10]
['/A Getting Started Guide For Azure Sentinel ML Notebooks.ipynb', '/A Getting Started Guide For PowerShell AML Notebooks.ipynb', '/A Tour of Cybersec notebook features.ipynb', '/ConfiguringNotebookEnvironment.ipynb', '/Credential Scan on Azure Blob Storage.ipynb', '/Credential Scan on Azure Data Explorer.ipynb', '/Credential Scan on Azure Log Analytics.ipynb', '/Entity Explorer - Account.ipynb', '/Entity Explorer - Domain and URL.ipynb', '/Entity Explorer - IP Address.ipynb']
repo_root = "https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master"
table = []
for file in nb_files:
if not file.strip():
continue
folder, nb_name = file.rsplit("/", maxsplit=1)
if folder.startswith("/"):
folder = folder[1:]
nb_path = file.replace(" ", "%20")
table.append([folder, nb_name, f"{repo_root}{nb_path}"])
print(table[:10])
[['', 'A Getting Started Guide For Azure Sentinel ML Notebooks.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/A%20Getting%20Started%20Guide%20For%20Azure%20Sentinel%20ML%20Notebooks.ipynb'], ['', 'A Getting Started Guide For PowerShell AML Notebooks.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/A%20Getting%20Started%20Guide%20For%20PowerShell%20AML%20Notebooks.ipynb'], ['', 'A Tour of Cybersec notebook features.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/A%20Tour%20of%20Cybersec%20notebook%20features.ipynb'], ['', 'ConfiguringNotebookEnvironment.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/ConfiguringNotebookEnvironment.ipynb'], ['', 'Credential Scan on Azure Blob Storage.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Credential%20Scan%20on%20Azure%20Blob%20Storage.ipynb'], ['', 'Credential Scan on Azure Data Explorer.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Credential%20Scan%20on%20Azure%20Data%20Explorer.ipynb'], ['', 'Credential Scan on Azure Log Analytics.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Credential%20Scan%20on%20Azure%20Log%20Analytics.ipynb'], ['', 'Entity Explorer - Account.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Entity%20Explorer%20-%20Account.ipynb'], ['', 'Entity Explorer - Domain and URL.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Entity%20Explorer%20-%20Domain%20and%20URL.ipynb'], ['', 'Entity Explorer - IP Address.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Entity%20Explorer%20-%20IP%20Address.ipynb']]
ren_deprecated = [
[f"zz-{folder}" if "deprecated" in folder else folder, name, path]
for folder, name, path in table
]
sorted_table = sorted(ren_deprecated)
sorted_table = [
[folder.replace("zz-", "") if "deprecated" in folder else folder, name, path]
for folder, name, path in sorted_table
]
sorted_table[:10]
[['', 'A Getting Started Guide For Azure Sentinel ML Notebooks.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/A%20Getting%20Started%20Guide%20For%20Azure%20Sentinel%20ML%20Notebooks.ipynb'], ['', 'A Getting Started Guide For PowerShell AML Notebooks.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/A%20Getting%20Started%20Guide%20For%20PowerShell%20AML%20Notebooks.ipynb'], ['', 'A Tour of Cybersec notebook features.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/A%20Tour%20of%20Cybersec%20notebook%20features.ipynb'], ['', 'ConfiguringNotebookEnvironment.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/ConfiguringNotebookEnvironment.ipynb'], ['', 'Credential Scan on Azure Blob Storage.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Credential%20Scan%20on%20Azure%20Blob%20Storage.ipynb'], ['', 'Credential Scan on Azure Data Explorer.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Credential%20Scan%20on%20Azure%20Data%20Explorer.ipynb'], ['', 'Credential Scan on Azure Log Analytics.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Credential%20Scan%20on%20Azure%20Log%20Analytics.ipynb'], ['', 'Entity Explorer - Account.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Entity%20Explorer%20-%20Account.ipynb'], ['', 'Entity Explorer - Domain and URL.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Entity%20Explorer%20-%20Domain%20and%20URL.ipynb'], ['', 'Entity Explorer - IP Address.ipynb', 'https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Entity%20Explorer%20-%20IP%20Address.ipynb']]
longest_folder = max(len(folder) for folder, _ in table)
longest_folder
longest_name = max(len(name) for _, name in table)
longest_name
from IPython.display import HTML
table_header = [
"""
<style>
.nb_table, th, td {
border: 1px solid; text-align: left; border-collapse=collapse;
margin-left: auto; margin-right: auto;
}
.width-f {
width: 10px !important;
}
.width-nb {
width: 300px !important;
}
</style>
""",
"<table class=nb_table>",
"<tr><th class=width-nb>Notebook</th><th class=width-f>Folder</th></tr>",
]
html_table = [*table_header]
for folder, nb_name, nb_path in sorted_table:
html_table.append(f"<tr><td><a href='{nb_path}'>{nb_name}</a></td><td class=width-f>{folder}</td>")
html_table.append("</table>")
display(HTML("".join(html_table)))
print("\n".join(html_table))
<style> .nb_table, th, td { border: 1px solid; text-align: left; border-collapse=collapse; margin-left: auto; margin-right: auto; } .width-f { width: 10px !important; } .width-nb { width: 300px !important; } </style> <table class=nb_table> <tr><th class=width-nb>Notebook</th><th class=width-f>Folder</th></tr> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/A%20Getting%20Started%20Guide%20For%20Azure%20Sentinel%20ML%20Notebooks.ipynb'>A Getting Started Guide For Azure Sentinel ML Notebooks.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/A%20Getting%20Started%20Guide%20For%20PowerShell%20AML%20Notebooks.ipynb'>A Getting Started Guide For PowerShell AML Notebooks.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/A%20Tour%20of%20Cybersec%20notebook%20features.ipynb'>A Tour of Cybersec notebook features.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/ConfiguringNotebookEnvironment.ipynb'>ConfiguringNotebookEnvironment.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Credential%20Scan%20on%20Azure%20Blob%20Storage.ipynb'>Credential Scan on Azure Blob Storage.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Credential%20Scan%20on%20Azure%20Data%20Explorer.ipynb'>Credential Scan on Azure Data Explorer.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Credential%20Scan%20on%20Azure%20Log%20Analytics.ipynb'>Credential Scan on Azure Log Analytics.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Entity%20Explorer%20-%20Account.ipynb'>Entity Explorer - Account.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Entity%20Explorer%20-%20Domain%20and%20URL.ipynb'>Entity Explorer - Domain and URL.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Entity%20Explorer%20-%20IP%20Address.ipynb'>Entity Explorer - IP Address.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Entity%20Explorer%20-%20Linux%20Host.ipynb'>Entity Explorer - Linux Host.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Entity%20Explorer%20-%20Windows%20Host.ipynb'>Entity Explorer - Windows Host.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Guided%20Hunting%20-%20Anomalous%20Office365%20Exchange%20Sessions.ipynb'>Guided Hunting - Anomalous Office365 Exchange Sessions.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Guided%20Hunting%20-%20Azure%20Resource%20Explorer.ipynb'>Guided Hunting - Azure Resource Explorer.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Guided%20Hunting%20-%20Base64-Encoded%20Linux%20Commands.ipynb'>Guided Hunting - Base64-Encoded Linux Commands.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Guided%20Hunting%20-%20Covid-19%20Themed%20Threats.ipynb'>Guided Hunting - Covid-19 Themed Threats.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Guided%20Investigation%20-%20Anomaly%20Lookup.ipynb'>Guided Investigation - Anomaly Lookup.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Guided%20Investigation%20-%20Incident%20Triage.ipynb'>Guided Investigation - Incident Triage.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Guided%20Investigation%20-%20Process-Alerts.ipynb'>Guided Investigation - Process-Alerts.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Guided%20Investigation%20-%20Solarwinds%20Post%20Compromise%20Activity.ipynb'>Guided Investigation - Solarwinds Post Compromise Activity.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Guided%20Triage%20-%20Alerts.ipynb'>Guided Triage - Alerts.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Hands-on%201.%20Data%20Discovery%20using%20Azure%20REST%20API.ipynb'>Hands-on 1. Data Discovery using Azure REST API.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Hands-on%202.%20Surfing%20Data%20using%20Azure%20SDK.ipynb'>Hands-on 2. Surfing Data using Azure SDK.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/Machine%20Learning%20in%20Notebooks%20Examples.ipynb'>Machine Learning in Notebooks Examples.ipynb</a></td><td class=width-f></td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/AffectedKeyCredentials-CVE-2021-42306.ipynb'>AffectedKeyCredentials-CVE-2021-42306.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/AutomatedNotebooks-IncidentTriage.ipynb'>AutomatedNotebooks-IncidentTriage.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/AutomatedNotebooks-Manager.ipynb'>AutomatedNotebooks-Manager.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/Guided%20Hunting%20-%20Detect%20potential%20network%20beaconing%20using%20Apache%20Spark%20via%20Azure%20Synapse.ipynb'>Guided Hunting - Detect potential network beaconing using Apache Spark via Azure Synapse.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/Guided%20Hunting%20-%20Office365-Exploring.ipynb'>Guided Hunting - Office365-Exploring.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/Guided%20Investigation%20-%20MDE%20Webshell%20Alerts.ipynb'>Guided Investigation - MDE Webshell Alerts.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/Guided%20Investigation%20-%20WAF%20data.ipynb'>Guided Investigation - WAF data.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/UserSecurityMetadata/Guided%20Analysis%20-%20User%20Security%20Metadata.ipynb'>Guided Analysis - User Security Metadata.ipynb</a></td><td class=width-f>scenario-notebooks/UserSecurityMetadata</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/src/Test/papermill_test_runner.ipynb'>papermill_test_runner.ipynb</a></td><td class=width-f>src/Test</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/Example%20-%20Azure%20Storage%20VT%20Hash%20Lookup.ipynb'>Example - Azure Storage VT Hash Lookup.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/Example%20-%20Guided%20Hunting%20-%20Office365-Exploring.ipynb'>Example - Guided Hunting - Office365-Exploring.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/Example%20-%20Guided%20Investigation%20-%20Process-Alerts.ipynb'>Example - Guided Investigation - Process-Alerts.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/M365%20Defender%20-%20APIs%20ep3.ipynb'>M365 Defender - APIs ep3.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/M365%20Defender%20-%20hunting.ipynb'>M365 Defender - hunting.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/MDE%20APIs%20Demo%20Notebook.ipynb'>MDE APIs Demo Notebook.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/MSTICPy%20Tour.ipynb'>MSTICPy Tour.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/Senserva%20Connections%20Graph%20Notebook.ipynb'>Senserva Connections Graph Notebook.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/SigmaRuleImporter.ipynb'>SigmaRuleImporter.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/VirusTotal%20File%20Behavior%20Explorer%20-%20MS%20and%20Sysmon%20detonation.ipynb'>VirusTotal File Behavior Explorer - MS and Sysmon detonation.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/msticpy%20demo.ipynb'>msticpy demo.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/AnomalousSequence.ipynb'>AnomalousSequence.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/AzureBlobStorage.ipynb'>AzureBlobStorage.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/AzureSentinelAPIs.ipynb'>AzureSentinelAPIs.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/Base64Unpack.ipynb'>Base64Unpack.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/DataObfuscation.ipynb'>DataObfuscation.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/DataUploader.ipynb'>DataUploader.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/DataViewer.ipynb'>DataViewer.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/Data_Queries.ipynb'>Data_Queries.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/EventClustering.ipynb'>EventClustering.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/EventTimeline.ipynb'>EventTimeline.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/FoliumMap.ipynb'>FoliumMap.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/GeoIPLookups.ipynb'>GeoIPLookups.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/IoCExtract.ipynb'>IoCExtract.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/MDATPQuery.ipynb'>MDATPQuery.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/MPSettingsEditor.ipynb'>MPSettingsEditor.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/MordorData.ipynb'>MordorData.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/NotebookWidgets.ipynb'>NotebookWidgets.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/PivotFunctions-Introduction.ipynb'>PivotFunctions-Introduction.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/PivotFunctions.ipynb'>PivotFunctions.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/ProcessTree.ipynb'>ProcessTree.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/ResourceGraphDriver.ipynb'>ResourceGraphDriver.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/Splunk-DataConnector.ipynb'>Splunk-DataConnector.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/SqlToKql.ipynb'>SqlToKql.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/Sumologic-DataConnector.ipynb'>Sumologic-DataConnector.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/TIProviders.ipynb'>TIProviders.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/TimeSeriesAnomaliesVisualization.ipynb'>TimeSeriesAnomaliesVisualization.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/VTLookupV3.ipynb'>VTLookupV3.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/VirusTotalLookup.ipynb'>VirusTotalLookup.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Adding%20Hunting%20Bookmarks.ipynb'>Adding Hunting Bookmarks.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Adding%20Secrets%20to%20Azure%20Key%20Vault.ipynb'>Adding Secrets to Azure Key Vault.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Automation%20Gallery%20-%20Credential%20Scan%20on%20Azure%20Blob%20Storage.ipynb'>Automation Gallery - Credential Scan on Azure Blob Storage.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Automation%20Setup%20-%20Configure%20Azure%20Machine%20Learning%20Compute%20Cluster%20and%20Managed%20Identity.ipynb'>Automation Setup - Configure Azure Machine Learning Compute Cluster and Managed Identity.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Automation%20Setup%20-%20Configure%20Azure%20Machine%20Learning%20Pipelines.ipynb'>Automation Setup - Configure Azure Machine Learning Pipelines.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Azure%20Sentinel%20Query%20Creator.ipynb'>Azure Sentinel Query Creator.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Configurate%20Azure%20ML%20and%20Azure%20Synapse%20Analytics.ipynb'>Configurate Azure ML and Azure Synapse Analytics.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Notebook%20Template.ipynb'>Notebook Template.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Provisioning%20DSVM.ipynb'>Provisioning DSVM.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/TroubleShootingNotebooks.ipynb'>TroubleShootingNotebooks.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/other-language-kernels/A%20Getting%20Started%20Guide%20For%20CSharp%20AML%20Notebooks.ipynb'>A Getting Started Guide For CSharp AML Notebooks.ipynb</a></td><td class=width-f>tutorials-and-examples/other-language-kernels</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/training-notebooks/A%20Python%20Crash%20Course%20-%20Part%201%20-%20Fundamentals.ipynb'>A Python Crash Course - Part 1 - Fundamentals.ipynb</a></td><td class=width-f>tutorials-and-examples/training-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/training-notebooks/Training%20-%20MSTICPy%20Training%201221.ipynb'>Training - MSTICPy Training 1221.ipynb</a></td><td class=width-f>tutorials-and-examples/training-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/training-notebooks/Training%20-%20MSTICPy%20Training%203%20-%202022-01-13.ipynb'>Training - MSTICPy Training 3 - 2022-01-13.ipynb</a></td><td class=width-f>tutorials-and-examples/training-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/utils/generate-nb-toc.ipynb'>generate-nb-toc.ipynb</a></td><td class=width-f>utils</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/deprecated-notebooks/A%20Getting%20Started%20Guide%20For%20Azure%20Sentinel%20Notebooks.ipynb'>A Getting Started Guide For Azure Sentinel Notebooks.ipynb</a></td><td class=width-f>tutorials-and-examples/deprecated-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/deprecated-notebooks/Example%20-%20Step-by-Step%20Linux-Windows-Office%20Investigation.ipynb'>Example - Step-by-Step Linux-Windows-Office Investigation.ipynb</a></td><td class=width-f>tutorials-and-examples/deprecated-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/deprecated-notebooks/Get%20Started.ipynb'>Get Started.ipynb</a></td><td class=width-f>tutorials-and-examples/deprecated-notebooks</td> </table>
tutorials_table = [*table_header]
for folder, nb_name, nb_path in sorted_table:
if folder.startswith("tutorials"):
tutorials_table.append(f"<tr><td><a href='{nb_path}'>{nb_name}</a></td><td class=width-f>{folder}</td>")
tutorials_table.append("</table>")
display(HTML("".join(tutorials_table)))
Notebook | Folder |
---|---|
Example - Azure Storage VT Hash Lookup.ipynb | tutorials-and-examples/example-notebooks |
Example - Guided Hunting - Office365-Exploring.ipynb | tutorials-and-examples/example-notebooks |
Example - Guided Investigation - Process-Alerts.ipynb | tutorials-and-examples/example-notebooks |
M365 Defender - APIs ep3.ipynb | tutorials-and-examples/example-notebooks |
M365 Defender - hunting.ipynb | tutorials-and-examples/example-notebooks |
MDE APIs Demo Notebook.ipynb | tutorials-and-examples/example-notebooks |
MSTICPy Tour.ipynb | tutorials-and-examples/example-notebooks |
Senserva Connections Graph Notebook.ipynb | tutorials-and-examples/example-notebooks |
SigmaRuleImporter.ipynb | tutorials-and-examples/example-notebooks |
VirusTotal File Behavior Explorer - MS and Sysmon detonation.ipynb | tutorials-and-examples/example-notebooks |
msticpy demo.ipynb | tutorials-and-examples/example-notebooks |
AnomalousSequence.ipynb | tutorials-and-examples/feature-tutorials |
AzureBlobStorage.ipynb | tutorials-and-examples/feature-tutorials |
AzureSentinelAPIs.ipynb | tutorials-and-examples/feature-tutorials |
Base64Unpack.ipynb | tutorials-and-examples/feature-tutorials |
DataObfuscation.ipynb | tutorials-and-examples/feature-tutorials |
DataUploader.ipynb | tutorials-and-examples/feature-tutorials |
DataViewer.ipynb | tutorials-and-examples/feature-tutorials |
Data_Queries.ipynb | tutorials-and-examples/feature-tutorials |
EventClustering.ipynb | tutorials-and-examples/feature-tutorials |
EventTimeline.ipynb | tutorials-and-examples/feature-tutorials |
FoliumMap.ipynb | tutorials-and-examples/feature-tutorials |
GeoIPLookups.ipynb | tutorials-and-examples/feature-tutorials |
IoCExtract.ipynb | tutorials-and-examples/feature-tutorials |
MDATPQuery.ipynb | tutorials-and-examples/feature-tutorials |
MPSettingsEditor.ipynb | tutorials-and-examples/feature-tutorials |
MordorData.ipynb | tutorials-and-examples/feature-tutorials |
NotebookWidgets.ipynb | tutorials-and-examples/feature-tutorials |
PivotFunctions-Introduction.ipynb | tutorials-and-examples/feature-tutorials |
PivotFunctions.ipynb | tutorials-and-examples/feature-tutorials |
ProcessTree.ipynb | tutorials-and-examples/feature-tutorials |
ResourceGraphDriver.ipynb | tutorials-and-examples/feature-tutorials |
Splunk-DataConnector.ipynb | tutorials-and-examples/feature-tutorials |
SqlToKql.ipynb | tutorials-and-examples/feature-tutorials |
Sumologic-DataConnector.ipynb | tutorials-and-examples/feature-tutorials |
TIProviders.ipynb | tutorials-and-examples/feature-tutorials |
TimeSeriesAnomaliesVisualization.ipynb | tutorials-and-examples/feature-tutorials |
VTLookupV3.ipynb | tutorials-and-examples/feature-tutorials |
VirusTotalLookup.ipynb | tutorials-and-examples/feature-tutorials |
Adding Hunting Bookmarks.ipynb | tutorials-and-examples/how-tos |
Adding Secrets to Azure Key Vault.ipynb | tutorials-and-examples/how-tos |
Automation Gallery - Credential Scan on Azure Blob Storage.ipynb | tutorials-and-examples/how-tos |
Automation Setup - Configure Azure Machine Learning Compute Cluster and Managed Identity.ipynb | tutorials-and-examples/how-tos |
Automation Setup - Configure Azure Machine Learning Pipelines.ipynb | tutorials-and-examples/how-tos |
Azure Sentinel Query Creator.ipynb | tutorials-and-examples/how-tos |
Configurate Azure ML and Azure Synapse Analytics.ipynb | tutorials-and-examples/how-tos |
Notebook Template.ipynb | tutorials-and-examples/how-tos |
Provisioning DSVM.ipynb | tutorials-and-examples/how-tos |
TroubleShootingNotebooks.ipynb | tutorials-and-examples/how-tos |
A Getting Started Guide For CSharp AML Notebooks.ipynb | tutorials-and-examples/other-language-kernels |
A Python Crash Course - Part 1 - Fundamentals.ipynb | tutorials-and-examples/training-notebooks |
Training - MSTICPy Training 1221.ipynb | tutorials-and-examples/training-notebooks |
Training - MSTICPy Training 3 - 2022-01-13.ipynb | tutorials-and-examples/training-notebooks |
A Getting Started Guide For Azure Sentinel Notebooks.ipynb | tutorials-and-examples/deprecated-notebooks |
Example - Step-by-Step Linux-Windows-Office Investigation.ipynb | tutorials-and-examples/deprecated-notebooks |
Get Started.ipynb | tutorials-and-examples/deprecated-notebooks |
print("\n".join(tutorials_table))
<style> .nb_table, th, td { border: 1px solid; text-align: left; border-collapse=collapse; margin-left: auto; margin-right: auto; } .width-f { width: 10px !important; } .width-nb { width: 300px !important; } </style> <table class=nb_table> <tr><th class=width-nb>Notebook</th><th class=width-f>Folder</th></tr> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/Example%20-%20Azure%20Storage%20VT%20Hash%20Lookup.ipynb'>Example - Azure Storage VT Hash Lookup.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/Example%20-%20Guided%20Hunting%20-%20Office365-Exploring.ipynb'>Example - Guided Hunting - Office365-Exploring.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/Example%20-%20Guided%20Investigation%20-%20Process-Alerts.ipynb'>Example - Guided Investigation - Process-Alerts.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/M365%20Defender%20-%20APIs%20ep3.ipynb'>M365 Defender - APIs ep3.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/M365%20Defender%20-%20hunting.ipynb'>M365 Defender - hunting.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/MDE%20APIs%20Demo%20Notebook.ipynb'>MDE APIs Demo Notebook.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/MSTICPy%20Tour.ipynb'>MSTICPy Tour.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/Senserva%20Connections%20Graph%20Notebook.ipynb'>Senserva Connections Graph Notebook.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/SigmaRuleImporter.ipynb'>SigmaRuleImporter.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/VirusTotal%20File%20Behavior%20Explorer%20-%20MS%20and%20Sysmon%20detonation.ipynb'>VirusTotal File Behavior Explorer - MS and Sysmon detonation.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/example-notebooks/msticpy%20demo.ipynb'>msticpy demo.ipynb</a></td><td class=width-f>tutorials-and-examples/example-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/AnomalousSequence.ipynb'>AnomalousSequence.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/AzureBlobStorage.ipynb'>AzureBlobStorage.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/AzureSentinelAPIs.ipynb'>AzureSentinelAPIs.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/Base64Unpack.ipynb'>Base64Unpack.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/DataObfuscation.ipynb'>DataObfuscation.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/DataUploader.ipynb'>DataUploader.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/DataViewer.ipynb'>DataViewer.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/Data_Queries.ipynb'>Data_Queries.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/EventClustering.ipynb'>EventClustering.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/EventTimeline.ipynb'>EventTimeline.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/FoliumMap.ipynb'>FoliumMap.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/GeoIPLookups.ipynb'>GeoIPLookups.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/IoCExtract.ipynb'>IoCExtract.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/MDATPQuery.ipynb'>MDATPQuery.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/MPSettingsEditor.ipynb'>MPSettingsEditor.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/MordorData.ipynb'>MordorData.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/NotebookWidgets.ipynb'>NotebookWidgets.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/PivotFunctions-Introduction.ipynb'>PivotFunctions-Introduction.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/PivotFunctions.ipynb'>PivotFunctions.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/ProcessTree.ipynb'>ProcessTree.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/ResourceGraphDriver.ipynb'>ResourceGraphDriver.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/Splunk-DataConnector.ipynb'>Splunk-DataConnector.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/SqlToKql.ipynb'>SqlToKql.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/Sumologic-DataConnector.ipynb'>Sumologic-DataConnector.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/TIProviders.ipynb'>TIProviders.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/TimeSeriesAnomaliesVisualization.ipynb'>TimeSeriesAnomaliesVisualization.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/VTLookupV3.ipynb'>VTLookupV3.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/feature-tutorials/VirusTotalLookup.ipynb'>VirusTotalLookup.ipynb</a></td><td class=width-f>tutorials-and-examples/feature-tutorials</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Adding%20Hunting%20Bookmarks.ipynb'>Adding Hunting Bookmarks.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Adding%20Secrets%20to%20Azure%20Key%20Vault.ipynb'>Adding Secrets to Azure Key Vault.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Automation%20Gallery%20-%20Credential%20Scan%20on%20Azure%20Blob%20Storage.ipynb'>Automation Gallery - Credential Scan on Azure Blob Storage.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Automation%20Setup%20-%20Configure%20Azure%20Machine%20Learning%20Compute%20Cluster%20and%20Managed%20Identity.ipynb'>Automation Setup - Configure Azure Machine Learning Compute Cluster and Managed Identity.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Automation%20Setup%20-%20Configure%20Azure%20Machine%20Learning%20Pipelines.ipynb'>Automation Setup - Configure Azure Machine Learning Pipelines.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Azure%20Sentinel%20Query%20Creator.ipynb'>Azure Sentinel Query Creator.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Configurate%20Azure%20ML%20and%20Azure%20Synapse%20Analytics.ipynb'>Configurate Azure ML and Azure Synapse Analytics.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Notebook%20Template.ipynb'>Notebook Template.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/Provisioning%20DSVM.ipynb'>Provisioning DSVM.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/how-tos/TroubleShootingNotebooks.ipynb'>TroubleShootingNotebooks.ipynb</a></td><td class=width-f>tutorials-and-examples/how-tos</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/other-language-kernels/A%20Getting%20Started%20Guide%20For%20CSharp%20AML%20Notebooks.ipynb'>A Getting Started Guide For CSharp AML Notebooks.ipynb</a></td><td class=width-f>tutorials-and-examples/other-language-kernels</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/training-notebooks/A%20Python%20Crash%20Course%20-%20Part%201%20-%20Fundamentals.ipynb'>A Python Crash Course - Part 1 - Fundamentals.ipynb</a></td><td class=width-f>tutorials-and-examples/training-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/training-notebooks/Training%20-%20MSTICPy%20Training%201221.ipynb'>Training - MSTICPy Training 1221.ipynb</a></td><td class=width-f>tutorials-and-examples/training-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/training-notebooks/Training%20-%20MSTICPy%20Training%203%20-%202022-01-13.ipynb'>Training - MSTICPy Training 3 - 2022-01-13.ipynb</a></td><td class=width-f>tutorials-and-examples/training-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/deprecated-notebooks/A%20Getting%20Started%20Guide%20For%20Azure%20Sentinel%20Notebooks.ipynb'>A Getting Started Guide For Azure Sentinel Notebooks.ipynb</a></td><td class=width-f>tutorials-and-examples/deprecated-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/deprecated-notebooks/Example%20-%20Step-by-Step%20Linux-Windows-Office%20Investigation.ipynb'>Example - Step-by-Step Linux-Windows-Office Investigation.ipynb</a></td><td class=width-f>tutorials-and-examples/deprecated-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/tutorials-and-examples/deprecated-notebooks/Get%20Started.ipynb'>Get Started.ipynb</a></td><td class=width-f>tutorials-and-examples/deprecated-notebooks</td> </table>
scenario_table = [*table_header]
for folder, nb_name, nb_path in sorted_table:
if folder.startswith("scenario"):
scenario_table.append(f"<tr><td><a href='{nb_path}'>{nb_name}</a></td><td class=width-f>{folder}</td>")
scenario_table.append("</table>")
display(HTML("".join(scenario_table)))
Notebook | Folder |
---|---|
AffectedKeyCredentials-CVE-2021-42306.ipynb | scenario-notebooks |
AutomatedNotebooks-IncidentTriage.ipynb | scenario-notebooks |
AutomatedNotebooks-Manager.ipynb | scenario-notebooks |
Guided Hunting - Detect potential network beaconing using Apache Spark via Azure Synapse.ipynb | scenario-notebooks |
Guided Hunting - Office365-Exploring.ipynb | scenario-notebooks |
Guided Investigation - MDE Webshell Alerts.ipynb | scenario-notebooks |
Guided Investigation - WAF data.ipynb | scenario-notebooks |
Guided Analysis - User Security Metadata.ipynb | scenario-notebooks/UserSecurityMetadata |
print("\n".join(scenario_table))
<style> .nb_table, th, td { border: 1px solid; text-align: left; border-collapse=collapse; margin-left: auto; margin-right: auto; } .width-f { width: 10px !important; } .width-nb { width: 300px !important; } </style> <table class=nb_table> <tr><th class=width-nb>Notebook</th><th class=width-f>Folder</th></tr> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/AffectedKeyCredentials-CVE-2021-42306.ipynb'>AffectedKeyCredentials-CVE-2021-42306.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/AutomatedNotebooks-IncidentTriage.ipynb'>AutomatedNotebooks-IncidentTriage.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/AutomatedNotebooks-Manager.ipynb'>AutomatedNotebooks-Manager.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/Guided%20Hunting%20-%20Detect%20potential%20network%20beaconing%20using%20Apache%20Spark%20via%20Azure%20Synapse.ipynb'>Guided Hunting - Detect potential network beaconing using Apache Spark via Azure Synapse.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/Guided%20Hunting%20-%20Office365-Exploring.ipynb'>Guided Hunting - Office365-Exploring.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/Guided%20Investigation%20-%20MDE%20Webshell%20Alerts.ipynb'>Guided Investigation - MDE Webshell Alerts.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/Guided%20Investigation%20-%20WAF%20data.ipynb'>Guided Investigation - WAF data.ipynb</a></td><td class=width-f>scenario-notebooks</td> <tr><td><a href='https://github.com/Azure/Azure-Sentinel-Notebooks/blob/master/scenario-notebooks/UserSecurityMetadata/Guided%20Analysis%20-%20User%20Security%20Metadata.ipynb'>Guided Analysis - User Security Metadata.ipynb</a></td><td class=width-f>scenario-notebooks/UserSecurityMetadata</td> </table>