home/categories/system-admin/mukul975-anthropic-cybersecurity-skills-skills-analyzing-azure-activity-logs-for-threats-skill-md
system-admintools
analyzing-azure-activity-logs-for-threats
Queries Azure Monitor activity logs and sign-in logs via azure-monitor-query to detect suspicious administrative operations, impossible travel, privilege escalation, and resource modifications. Builds KQL queries for threat hunting in Azure environments. Use when investigating suspicious Azure tenant activity or building cloud SIEM detections.
maintainer
mukul975
업데이트됨 4/6/2026
스타
4240
포크
464
quick start
Installation and usage
Queries Azure Monitor activity logs and sign-in logs via azure-monitor-query to detect suspicious administrative operations, impossible travel, privilege escalation, and resource modifications. Builds KQL queries for threat hunting in Azure environments. Use when investigating suspicious Azure tenant activity or building cloud SIEM detections.
설치
$ install --globalskills.sh
사용법
설치 후 터미널에서 다음 명령을 실행하여 이 스킬을 사용할 수 있습니다:
skills use analyzing-azure-activity-logs-for-threats