Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Ashwin Patil Profile picture
Ashwin Patil
@ashwinpatil
Senior Security Researcher @Microsoft Tweets my own opinions, not my employers. #DFIR #datascience #threathunting #MicrosoftSentinel #python 🐍 #rstats
Feb 19, 2021 4 tweets 3 min read
🔥Pivot is probably one of the underutilized but very powerful #dataanalysis operator in #KQL

👉Like PivotTable in Excel it creates aggregated views on categorical data for analysis to spot any unusual patterns across multiple columns 🧵👇

Refer doc : docs.microsoft.com/en-us/azure/da… 👀Simple example of Pivot View of Successful Logons tabular data

👉No of unique users logging per hour across LogonTypes. 👇 Image
Oct 30, 2020 10 tweets 5 min read
💥Highlights from my #KQL talk @Grayhat_Con @BlueTeamVillage in case you missed

📌Slides :
github.com/ashwin-patil/b…

📌GitHub - KQL Queries:
github.com/ashwin-patil/b…

🧵👇 🤔 Why you should learn Query language ?
Nov 20, 2019 5 tweets 7 min read
Wait is over .. Read final part 2 which is focused on aws log data ingestion , #hunting and investigation of Capital one breach TTPs in #AzureSentinel techcommunity.microsoft.com/t5/Azure-Senti… T1078: Privileged role attached to Instance.
#AzureSentinel #MITRE #AWS #threathunting
github.com/Azure/Azure-Se…