Threat hunting

This section contains general information about threat hunting features, instructions for how to build queries for threat hunting, and how to manage telemetry events.

In this section

About threat hunting

Building and running queries for threat hunting

About syntax in threat hunting queries

Creating IOA rules from queries

Viewing and configuring the event list

Configuring the event table

Viewing event details

Viewing a tree of events

Viewing information about related events in a tree of events

Page top