home/categories/system-admin/mukul975-anthropic-cybersecurity-skills-skills-analyzing-azure-activity-logs-for-threats-skill-md
system-admintools
analyzing-azure-activity-logs-for-threats
Queries Azure Monitor activity logs and sign-in logs via azure-monitor-query to detect suspicious administrative operations, impossible travel, privilege escalation, and resource modifications. Builds KQL queries for threat hunting in Azure environments. Use when investigating suspicious Azure tenant activity or building cloud SIEM detections.
maintainer
mukul975
更新日 4/6/2026
スター
4240
フォーク
464
quick start
Installation and usage
Queries Azure Monitor activity logs and sign-in logs via azure-monitor-query to detect suspicious administrative operations, impossible travel, privilege escalation, and resource modifications. Builds KQL queries for threat hunting in Azure environments. Use when investigating suspicious Azure tenant activity or building cloud SIEM detections.
インストール
$ install --globalskills.sh
使い方
インストール後、ターミナルで以下のコマンドを実行してこのスキルを使用できます:
skills use analyzing-azure-activity-logs-for-threats